If you’re one of us mortal human beings, you probably think your internet activity is not interesting enough or your files are not important enough to be stolen. But them Nigerian princes think otherwise – they want your credit card numbers and bank account credentials. They may even want your identity so they can disguise their boring, aristocratic lives.
Don’t be a victim. A few minutes today will save you a lot of hassle (and even pesos) when these online predators attack. Here are some immediately actionable measures:
Take the Google Security Checkup.
Google Security Checkup will give you a personalized check and recommendation on how you can make your account safer. It will tell you the devices and apps you are logged in and gives you the option to revoke access from those you do not recognize. It will also prompt you to register your mobile number for your two-factor authentication (which you should definitely enable) and as a backup way to sign in.
Create strong passwords, unique for every account
Who has the time, right? Hackers do. And when they figure out your password for one account (hopefully, it’s not password1234), they can easily use it to crack open your other accounts, mobile apps, and even your online banking account. Running out of ideas for strong passwords, here are some:
– String of words that only you will figure out
– The first letters of every word in a sentence you will not forget
– Not your birthday
Consider also giving the wrong answer when setting up security questions. Mothers’ maiden names are quite easy to source here in the Philippines, where it is part of our legal name.
Use a password manager like Smart Lock in Chrome to remember all your passwords.
Enable 2-step verification
A 2-step verification adds a layer of security by requiring you to input a secondary factor when you log into your account. In Google, this can be a 6-digit code sent to or a prompt that you click on your mobile phone. Just think: even if a prince successfully figures out your password from Nigeria, he still can’t get into your account because your phone is in the Philippines.
Some users opt for a physical security key as the second-factor in authenticating a login. This is especially useful for journalists, activists, and political campaign teams with uber-sensitive data in their devices.
Use a screen lock
If you don’t have a screen lock, just do it. Do it now. Set it to lock automatically when you are idle. When you lose your phone, use “Find your phone” to lock it remotely.
Keep your software up to date
Providers have a way of monitoring new threats and vulnerabilities. They have a team continuously developing patches to keep their softwares secure – it is part of the package you are subscribing to. Make sure you update your browsers, operating systems, plugins, and document editors, as soon as you get the notification.
Review your apps
Get your apps from trusted sources only, like the Google Play Store. Old apps sitting unused in your phone are just extra points of vulnerability (and storage space), so just delete them. Allow access to your location or photos only when you are using your trusted apps, and only when you absolutely have to.
If the offer is too good to be true, it probably is. But phishers are getting more and more cunning, so here are some reminders:
– Only submit information to sites with URLs that start with “https”.
– Your bank will never ask you to send over your username, password, address, or even your birthday. These information will validate your identity.
– Double check urgent requests for money, even if the email is from your friend or colleague. Also look out for claims about being stranded abroad or having lost his phone.
– Some phishing attacks may come in the form of infected docs or PDFs. Google Chrome or Google Drive can scan for viruses and protect your device.
Spend a few minutes of your time to protect your devices and data. The more layers, the more secure you are. Think of it as your data insurance – but you don’t have to pay any premium.