How to secure from hacking
How to secure from hacking
Today in the world of digitisation and internet everything become online either your banking, bill payments, shopping, emails purchase orders etc. This has made our life very easy and very fast. But besides this ease problem of hacking and being a victim of phishing has also increasing day by day. The thieves also become high-tech they are now stealing your valuable information and credit card information, banking information through the same gateway the internet.
In this post I will tell you some of easy and useful tips for internet security and also offline security of your data so that you can secure yourself from being a victim of hacking.
This post is not a professional cyber security guide it is just to increase your personal awareness and some tips by which you can done a lot in personal level front against hacking and phishing.
What is hacking – Hacking is an authorised access to your emails, computers, website, internet account, credit card account etc. to steal the information or money without your knowledge or consent.
Actually hackers not always intend to steal the information and money, many hackers are also a security specialist those work is to check the security of your website or network so that they can provide you the solution to secure them. These are called the white hat hackers and those do it for stealing are called black hat hackers or crackers.
How to secure from hacking your PC – I am going to start security of your PC, first of all it is always suggested that you should have login password to your PC to avoid any unauthorised access to it in absence of you. In office or your work place whenever you want to leave your desk lock your computer screen by pressing window+L keys. Keep your PC always up to date, means you should always update your windows OS, browsers, antivirus software etc.
Always choose good antivirus software and keep that update regularly or if possible daily. Scan your PC for virus or malwares once a week. Always install software from trusted sources and websites. Turn on your computer firewall or any third party antivirus firewall e.g. AVG or Norton.
Besides these you have to always secure your most important data at safe place. Most people think that if they have windows password enabled then their data is safe, how anyone can access them. But it is very easy to access your files and data saved in your hard drive in absence of you. One needs to just boot your PC from a linux live cd and can access or copy your data. One protection is for that you should select first booting device as hard disk and also put password to your BIOS setup. But some laptops/pc having another option at start to choose your booting device without need of bios setup. In that case only one thing that will work is that you should have an encrypted password protected volume or folder. Put all your important valuable information and data inside this folder/volume. You can easily create an encrypted volume using truecrypt. I have mention in my previous post how to setup and create an encrypted volume using truecrypt. Truecrypt is a free and very small software and having a very powerful encryption even FBI have not succeed to break its encryption.
How to choose a strong password –
Password is the key to access everything on the internet either it is your internet banking account, email account and everything on the internet.
But many people are not serious to choose their password, some choose as their date of birth, phone number, anniversary date, or some choose very common password that they can remember like password, or any dictionary names like beautiful, doll, etc. But these are the most vulnerable to security.
You must choose a password that is not a dictionary word, and contain mix of capital & small letter, special characters e.g. @, !, # ,$ and also having numerals. As much the password long it is difficult to crack for hackers.
For example a password of min. 8 character having all the above character is very much difficult to crack. If someone try to crack it, it may take aproax 1 month to crack him. Because there are too many combinations are possible using these characters.
It is useful if you choose a phrase to remember the password e.g. you can choose like this “MbFfgwb@Ao16” (my best friend favourite game was basketball at the age of 16) you will never forget ant this will be hard to crack also. See my previous post regarding this “How to choose a strong Password”.
The problem starts when you have to choose many passwords of different type than it is very difficult to remember all of them.
But firefox browser having solution of this you can use one master password in firefox and firefox will remember all your passwords. See my post to learn about using “master password in firefox”.
Secure yourself from Phishing –
Phishing is just like fishing it traps you by luring any offers or misleads you so that you will trap in to their net.
For example you may receive an email claiming that you won a lottery of $10000/- and you will have to fill a form to claim your lottery including your bank details , passwords etc. or you have to pay some little money to get whole amount using your credit cards. The link is itself given in your email, when you click on that link you will reach to their website when you fill the information they record all the data you have entered on their page. They gain information of your login details or credit card details and no doubts what next they will do with that.
One other example of email is that it may come from looking like your banking website and ask you to change your internet banking password saying it is too old or not proper secure. Or may be asked to you that they found some unusual activity in your account you must change your password by login into your account immediately. It seems to be ok but do not come into their words easily, first check the email address of sender if it is not from your website domain like icici.care@yahoo.com, icici@gmail.com or sbi@hotmail.com then definitely it is a fraud email. Also hackers can use a domain looking similar to your domain like care@icicbank.com in place of icicibank.com.
Even you got such email from your bank do not click the links inside the email to reach your bank website. If you want to change your password type in your browser full address and then login into your website. Always check https in browser window and a padlock in bottom right of your browser it means this browser is secured and using encryption so that information typed in this webpage not will be shown to another.
Also use virtual keyboard to avoid victim of key logger’s software, always turn on mobile authentication in your bank website. For credit card use, make a virtual credit card by registering your credit card to their bank website. So that your original credit card information does not leak to others.
Always buy trusted website if you are using online shopping, it is always better to first type a wrong password to know that website is fake or real you will not be asked to enter right password on fake website.
In case you have to make some urgent payment using a cybercafé or untrusting computer lock your account after your payment by using consecutive three wrong password attempts. It will lock your banking account for 24 hrs. after that change your password from your own laptop or PC. For more information about secure internet banking see “my previous post”.
How to work safely on Internet –
Here are some of tips to work safely on internet- Do not check on remember password at the time of logging in your email account etc. Always remember to log off/sign out when you have finished your work. In case you have forgot to log off your email you can also log-off from any other PC, for gmail remote sign out see “my previous post”.
Activate mobile authentication using sms in gmail see how to activate 2-way authentication using sms in gmail in this post.
If you are using cybercafé clear browser history including saved form data and everything thru browser settings.
Do not respond on the emails asking you your bank, credit card details. Do not click the external un-trusted links from emails. Always type in address bar to reach your desired website. Enable link scanner in for search engines to alert your harmful websites. Be wise to click on various links in websites some spyware or malware may be installed without your knowledge using those unknown links.
Always update to latest version of browser, keep your antivirus up to date, turn on firewall.
How to secure from hacking your wifi router-
If you have not applied a password to your wireless router anybody can access your wireless internet. There are also many options to choose your network security key always choose WPA2- PSK or WPA2- enterprise encryption to your wireless network key, also use AES in place of TKIP. WEP key encryption is very much vulnerable and easy to crack. Also change your router password usually it is admin or password change it to a strong one. Turn on Mac id filtering to your router so that only devises those mac id available in router can connect to that. For free wireless or un-trusted wireless networks do not use your banking or credit card websites. For more information see my post on wireless security.
Secure your Facebook account using the tips mentioned in this post.
How to secure from hacking your Mobiles/Smartphones/Tablets –
It is found today that mobiles and tablets use has been increased many folds in previous 2-3 years. Even the numbers of these mobile devices increased more than laptops and desktop PCs. By the increased numbers vulnerability has also increase to these devises. These are easy targets for hackers now. First of all turn on screen lock and phone lock to your phone either it is pattern or pin or password. Some people disabled this security for easiness but in case some you lost your phone or anyone can access your mobile in the absence of you. He may get many information today people are using their phone to access phone banking also , so that your banking is also at risk.
Use antitheft software to lock your phone in case you lost your phone, for android users I have mentioned about lost phone apps it is a free apps.
Although android is based on linux kernel the chances are still there to get some virus or malware from any apps or internet. So use at least one antivirus e.g. lookout security, avg antivirus, free antivirus, netquin security etc.
Keep syncing your contacts to your android account or any service provider, dropbox etc. so that you will never lose your contacts.
Always download apps from google play store, itune store, blackberry store. See the ratings and reviews before installing them.
If your mobile is rooted you have to keep more awareness, if any apps asking root permission then be conscious to give the permission.
At public places avoid to charge your mobile, in a news it is found that public places people get access to your micro sd card and copy all your data. Always choose charge only option from usb dialog from your mobile.
Be secure when using a free wifi hotspot your unsecured wifi network connection. Use password to your sms or memory card.
Please share this post to your facebook , twitter, google plus account if you found it useful.