There are some simple security measures that you can take to help keep your computer, phone, or other devices secure and help protect your information.
While you have no control over protecting your data exposed when an online platform experiences a data breach, there afre some guidelines you can follow to help protect you from avoidable malware, fraud, identity theft, and other cybersecurity threats.
Review your privacy settings on social media platforms you use and limit what is publicly accessible. If possible, also make it restricted to friends and contacts you know personally.
This includes avoiding personally identifying information in personal email addresses and usernames when signing up for new accounts and providing only the required information to complete the signup. If that information is excessive or doesn't seem necessary, consider if you really want to share that information or need that service/account.
It is a good idea to opt out of automatically connecting with users or adding friends/contacts from your contact list and add friends manually when signing up for a social media account.
Make sure to review security and privacy settings and enable multi-factor authentication.
While anti-virus software can provide an extra level of protection to your devices, most important in keeping your network and devices secure is your router, firewall and security settings.
Also, Apple and Android release updates to their operating systems regularly to maintain the security of the hardware and software of devices.
Making a habit of not clicking unknown links, not downloading attachments or unverified/unofficial software/applications, and not visiting insecure websites, should make anti-virus software less necessary if not altogether redundant.
No matter how annoying or inconvenient, using different, and strong passwords on each of your accounts is best practice.
As stated above, you have no control over protecting your data exposed when an online platform experiences a data breach, but you can control the extent of the damage. If you use the same login information on multiple accounts, a security breach puts all those accounts at risk. Also keep in mind that security breaches are often not discovered right away, and often not reported as soon as they are discovered. The Yahoo data breach that exposed data of more than 500 million users, possibly the largest ever, occurred in late 2014 but was not confirmed by Yahoo until September 2016. Data exposed "may have included names, email addresses, phone numbers, dates of birth, hashed passwords... and in some cases, encrypted or unencrypted security questions and answers" according to a Yahoo statement.
One of the most common ways a hacker gets into accounts is by using a bot or script that automatically enters exposed usernames and passwords on multiple sites, attempting to log in.
Accessing content unavailable in your country on streaming services might be the most promoted feature of VPNs, but their purpose is to encrypt the data you send. VPN stands for Virtual Private Network. A VPN hides your IP address and secures data you send even if you are on an insecure network such as public Wi-Fi. It is still important to follow online safety guidelines when using a VPN, as it doesn't monitor or protect from data you receive.
The site address of a secure site should begin with HTTPS and/or you will see a padlock to the left of the URL in the address bar. If the HTTPS is there but crossed out the webpage has an issue with its security validation and is NOT secure. It is common that a warning pops up when you attempt to enter an insecure site, but don't rely on that warning pop-up to protect you as your browser may not always warn you. Stick to reputable sites. No matter how good the deal seems on that shady-looking website, secure or not, you should not make a purchase and give your credit card details, address, email or phone number.
Never click links or download attachments in emails without caution.
It is a good idea to know what business and services you use and interact with and what their communication, conflict resolution and support processes are. Specifically, how a company structures its emails and addresses users/clients, how they send bill reminders and chases payments in arrears, communicates promotions, etc. In this way, you can pick up on inconsistencies and errors in fake communications and be less at risk of falling for phishing scams.