Author: Eddy K

What to do:
Be suspicious of any email in general, and of all links and attachments in email.Don’t open email from people you don’t know, and never open an attachment unless you’re expecting it.

Why do it?
A bad link or attachment can cause your device to be infected with malware, a virus, or ransomware.

Examine email sent to you: what email address it was sent from; and if there’s any typos in the email address. Are you addressed by name, or by Sir/Madam, or by email address (most suspicious). Are there uncharacteristic grammatical errors?

Did you expect this email? Malicious links and files may come from friends who have been infected too.

The only safe attachment to open is .txt

What to do:
Turn off push notifications from apps. If you really need them then turn off preview of the content from your locked device.

Why do it?
What is available on your mobile screen without signing in?

Can a glance of your locked phone tell someone where your next appointment is and with who? Can he see the one-time-PIN that the bank just sent you, or your bank balance, or any other personally identifiable information?

Turning off previews will let the phone tell you that you have one unread message but will have no further details until you sign in with your PIN or fingerprint.

What to do:
Run through which apps on your mobile device have permission to know where your phone is. Disable permissions for the ones that don’t absolutely need to know.

Why do it?
Limit the number of apps that have full time access to your location. It not only drains your device battery; it also lets the app developer know where you are all the time. Allow location information while you are using the app, or not at all if the app has no business knowing where you are.

Use built in services such as Find my iPhone or Android Device Manager to find your device, or to remote erase if the phone is stolen or lost.

What to do:
Take an afternoon, sign up on a password manager and reset the passwords for all the sites you use to unique and strong passwords. It will take a whole afternoon.

Why do it?
It’s been said many times before that you should have a different password for each of the websites you have an account with. Very little actually bother. Why? Instead of having a standard easy to remember password for all your accounts, like EasyPassw0rd123… now you’ll have to have have convoluted one like “LwBl8u2r&@CEXaU8” for each of the sites you use.

What’s the risk? Low, to be frank. Most big names like Facebook, Yahoo, Amazon and Google employ sophisticated systems and measures to ensure that their passwords don’t get leaked and are secure from hackers. Not to say that the big boys have not had their share of troubles.

But… if you are customer of a mom & pop web store and they get hacked… the hacker would have your email address, and password. If your password was recycled with the one you use at your bank, then he would have access to that account as well. That kinda scares me.

Some years ago, I signed on with LastPass which is an online password manager. You have a master password with LastPass, and LastPass stores and protects the log-in info for all your other websites. I spent a couple of hours changing passwords of all my subscribed sites with secure ones. It will even automatically fill in log in form of the site when you visit it.

The free version will run on your PC’s web browser. I used the free service for several years. Pay for premium only if you need to have access to your passwords on your IOS or Android device.

Sign up with LastPass here.
Full disclosure: this is an affiliate link and your sign up to Lastpass Premium goes towards supporting this site.

What to do:
Keep an inventory of your devices, and the devices you have that are connected (or need connection) to the internet.

Why do it?
Devices that need to connect to the internet in your home include PlayStations and other video gaming systems, Smart televisions, Smart thermostats, refrigerators electronic door locks and video surveillance cameras.

An inventory allows you to spot if a strange device has joined your home WiFi.

You should also change all default login passwords and check periodically if the manufacturer has released updates for them. If possible, connect them to guest WiFi.

What to do:
If your router allows, set up a separate guest Wifi with a separate (strong) password for your friends and other devices. Guest Wifi should only have internet access but not “intranet” access (or access to files stored on your PC’s).

Why do it?
Your friends may sometimes ask for or need WiFi access while in your home.

Some devices you purchase will also need internet access. This can include your Smart TV, refrigerator, video gaming systems, televisions, thermostats, refrigerators and home video surveillance cameras.

Some home automation devices will need access to other devices within your home to work properly, so they should not be connected to guest WiFi.

What to do:
Connect to your home router, and change the login name and password. Make sure your WiFi password is strong. Then run through the settings and check that it isn’t unnecessarily letting external connections to devices in your home.

Why do it?
Most WIFI routers come pre-configured from the factory with a default admin user name and password. If you can, change BOTH the user name and password.

Unless you have a real need to access your home devices remotely or are running a home web server, turn off as many (or all) port forwarding & DMZ assignments as possible. Also turn off “ICMP echo requests”, remote management and turn on the built-in firewall of the router.

Doing so minimises the risk of an attacker gaining access to your home router either through WiFi, or remotely through the internet.

What to do:
Only connect to wireless networks you trust. Always use encryption such as https or VPN to view or send confidential material on wireless networks.

Why do it?
Fake access points can be used to steal your information. For example, the free Wifi at a cafe may be operated by an attacker who can see the data of all the users connected to it. The cafe may in fact not offer free WiFi.

If in doubt, do not use.