(Credit: Zain bin Awais/PCMag Composite; designer29/guteksk7/LightFieldStudios/via Getty Images)
I've been covering security and privacy here at PCMag for years, and in that time, I've seen dozens of new hacks, breaches, and reports that personal data is being traded on the dark web. If you're a new victim, my condolences. The first step is you should take is to check out our guide on what to do immediately after being hacked. After you address any issues related to identity theft, malware, or ransomware, it's time to take preventative steps to avoid getting hacked again. Unfortunately, if it's happened once, it's more likely to happen again. Follow these steps to keep yourself safe:
1. Use Mobile Payment or Your Credit Card
One easy way to keep your financial information safe is to use mobile-based payment systems linked to your credit card instead of a debit card when you can.
Credit cards have stronger fraud protections than debit cards, so even if someone swipes your credit card number, you can usually get the fraudulent charges removed. Debit cards take money directly from your bank account, so it's best not to use them online or in any circumstance where the number could be stolen. Most online retailers accept Apple Pay and Google Pay, and you can pay using your phone at brick-and-mortar stores, too.
2. Install and Use a Password Manager
Using the same password everywhere leaves you open to attacks, but changing your password constantly can lead to confusion and account lockouts. Instead, get a password manager, even a free one, and it will help you create strong, unique passwords for your many online logins. Password managers not only generate and remember strong passwords for you, but also fill them in automatically on login pages in a secure way. The best ones even let you know if an account has been breached, so you can change the password quickly and move on with your life.
3. Enable Multi-Factor Authentication on Your Accounts
If a fraudster gets hold of your login information, stop them in their tracks with multi-factor authentication. Multi-factor means you need more than one factor to log in to an account. Typically, we think of three different factors: something that you know, something you are, or something you have. Something you know is usually a password. Something you have can be a physical security key or an authenticator app on your phone. Something you are can be a fingerprint scan or facial recognition.
4. Avoid Phishing Scams
Phishing is an attempt to steal data or money, often using links in an email, SMS, online ad, or on a fake website. Spear-phishing, which you may also have heard of, is when someone sends you (or people like you) targeted phishing attacks, like scam messages that look like they're from the bank you actually have an account with, for example. The key to avoiding a phishing link is to actually pay attention. If your browser alerts you about a potentially dangerous message, unsafe content, or a malicious website, heed the warning. Avoid clicking links, entering data, or downloading attachments from unknown or untrustworthy sources.
5. Install a Security Suite
Using security software can mitigate some of the damage done by determined hackers and will absolutely help you avoid future intrusions or malware. A robust security suite fights off malware, adware, and spyware, and even provides some phishing protection. The best ones even offer protection for all of your devices, including smartphones, and help you recover from future hacks if the worst happens again.
6. Get Advice From Experts
The US Federal Trade Commission has a help site for identity theft victims. It includes checklists, sample letters, and forms you need to fill out to get your life back in order after an online attack. Take a look at this helpful resource if you suspect you are a victim of identity theft. Also, don't hesitate to report hacks or scams to the appropriate authorities. Even if it doesn't seem to help, it does.
7. Stop Giving Your Info Away Online
There are plenty of security concerns that come from posting your life's details on social media. Your public posts can make you an easy target for advertisers, scammers, spammers, stalkers, and every other undesirable person online. We generally recommend you share as little information as possible, but that doesn't mean you have to go silent. Click to learn how you can lock your social profiles down and keep criminals at bay.
More Tips to Improve Your Online Security
The key to staying safer online is to keep a tight hold on your personal information and login credentials. Widespread passkey adoption could make passwords a nuisance of the past, but as we've seen year after year, cybercriminals adapt to changing technologies quickly.
I've created a cybersecurity checklist featuring regular things you can do at home and at work to keep yourself and your family safer online. If you're hoping to reduce your online footprint to limit opportunities for crooks, check out our guide to completely disappear from the internet.