Hello fellow noob. It’s 2023 and you have more subscriptions, apps and online accounts than people you know.
No doubt you’ve used the same email/password combination when you sign up to something new. No doubt you’ve had a “suspicious login attempt” from a country you’ve never been to.
Or maybe you’ve been successfully hAcKed, only to leave you arguing with an automated help bot who wants a bunch of backup codes you never knew you had.
Sadly, businesses don’t seem to be getting better at securing your data. During the last months of 2022, approximately 15 million user records were compromised worldwide. This represents a 37% increase in just three months.
So it's up to you to un-noob yourself as much as you can. But don't panic.
There’s a bunch of easy to use tools, apps and methods that can help you maintain some online protection. So you don’t pull your hair out when you’re locked out of the one email account that is linked to EVERYTHING else in your life.
Important side note: when it comes to protecting yourself online, it's important to understand the difference between privacy and anonymity. Click the arrow to learn more.
Here’s a list of cyber-hygiene hacks, approved by the developers behind our world-class, badass VPN.
1. Your first line of defence: passwords that don’t suck
Yes, we know you’ve heard it a million times, but it really is the easiest way to protect yourself online.
Roughly 80% of hacking-related breaches are linked to passwords, whether through stolen credentials or brute force attacks. Cybercriminals might use techniques like phishing, social engineering or malware to discover your passwords, so also be aware of these methods.
Always use a strong, unique password for each of your different accounts.
This means avoiding using the same password for multiple accounts, using your phone number or an easily guessable password, like "password" or "123456".
You’d be surprised how many noobs do this. Also, don’t use pet names, even if your dog feels betrayed. Instead, use a combination of letters, numbers, and special characters to create a strong, unique password.
It’s very likely your email/password combination has been stored in a database that’s been hacked.
You can check here if you’ve been “pwned” (have an account that has been compromised in a data breach). You bet some hacker out there will try to use the same combination to gain access to your email or online banking.
You can also do a password audit. If you have Gmail for example, this can be done by going into your account settings and doing a general security check. Make sure each password is different for every account.
Find out if your passwords have been compromised and if so, immediately change all of them.
It's also a good idea to use a password manager to keep track of your passwords and generate new ones. 1Pass is a popular choice for many but there are other options out there. Just don’t forget the password to your password manager 😰
2. Split your personality: different emails, different purposes
It’s easy to create new, separate email addresses which can be used for specific reasons.
You can have a private email account that is used for things such as banking, tax, government services, and medical accounts. You don’t share these with anyone else.
Then have an everyday email account for things like online shopping, and subscription services.
That way, if this kind of database is hacked (more likely than your banking or government accounts), your email won’t be traced back to those important accounts. It's also a great way to separate your trackable data from your important accounts.
3. Software Updates: Annoying but Necessary
Another important step in protecting yourself online is to keep your software and devices up to date.
This includes your operating systems, web browsers, and any other apps or programs you use regularly.
These updates often include security fixes and patches that can help protect you from known vulnerabilities and threats.
It's important to regularly check for and install these updates to keep your devices secure.
4. Your New BFF: 2FA Two Factor Authentication
Use two-factor authentication (2FA) as much as humanly possible.
This adds an extra layer of security to your accounts by requiring you to enter a code sent to your phone or email in addition to your password.
With 2FA your accounts will ask for confirmation through your mobile device.
5. Ad Blockers
Ad blockers are programs or browser extensions that block ads from appearing on websites. This can help protect your privacy by preventing third-party trackers and cookies from collecting your data.
It can also help protect you from malicious ads, which can sometimes contain malware or lead to scam websites.
While some websites rely on ads for revenue, many offer an ad-free experience for a fee. Consider supporting the websites you value by allowing ads or subscribing to a premium, ad-free version.
5. Go on a Cookies diet
Cookies are small pieces of data that websites store on your device to remember you.
They are user-specific, so it helps the website remember your preferences and activity, such as saving your login details for next time.
Cookies can be harmless and necessary for websites to function properly, but others can be used to track your activity across the internet.
There are third-party tracking cookies that can track your physical movements and can access your browsing history.
In one extreme case in 2016, Verizon was fined by the FCC over a “supercookie” technology that allowed third-party advertisers and websites to “assemble a deep, permanent profile of visitors’ web browsing habits without their consent.”
Safari, Firefox, and Chrome are all taking measures to phase out the use of tracking cookies, with Google planning to prevent the use of third-party cookies in Chrome by the end of 2023 (delayed from 2022).
Due to GDPR, you would have noticed that most websites now ask you to accept their cookie settings.
Most web browsers allow you to view and manage your cookies, including setting rules for which cookies are allowed and which are blocked.
Try always to choose only the necessary or required amount – this will be the least invasive.
You can also use a cookie manager to help manage and control the cookies on your device. Note that this may affect your typical browsing experience.
You can update or delete your cookies by going into your browser settings:
6. Browse like a Boss
How you browse is just as important as what you browse.
Incognito or private browsing mode is a feature offered by most web browsers that allow you to browse the internet without saving your browsing history, cookies, or search queries.
This can be useful for protecting your privacy, as it prevents others who have access to your device from seeing your browsing activity. It can also be useful for keeping your browsing activity separate from your regular browsing.
However, it's important to note that incognito mode does not provide complete privacy/anonymity. Your internet service provider (ISP) and the websites you visit can still see your activity, and any downloads or bookmarks you create will still be saved to your device.
We recommend using privacy-focused browsers and picking the one with the highest security standards. Brave is a popular choice amongst privacy-conscious users.
Be mindful of the tools, websites, and apps you use and visit online. In general, it is always good to be careful what you click on.
Avoid clicking on links in emails or online messages from unknown sources, as these can often lead to scams or malware. When browsing the web, it's also important to check the URL to ensure that the website is using HTTPS.
It is a good rule of thumb to operate under the assumption that what you put on the internet is not private.
So be cautious about sharing personal information online. Only share information that is necessary and avoid sharing sensitive information, like your social security number or financial information, unless you trust the website and know it is secure.
If you do put your credit card information, don't save it on the site. Some web browsers, like Google Chrome, will auto-fill your details. You can stop that here.
7. Enable Ninja Mode: Use a VPN
A virtual private network (VPN) is a service that encrypts your internet connection and traffic and routes it through a secure server.
It anonymises your IP, so you become untraceable and invisible to trackers and even your own ISP. It can also help you access websites and services that are blocked in your location.
Be careful when you choose a VPN for yourself. Many VPN companies claim to have a “no logging” policy but have been known to collect their clients' browsing activity.
This includes NordVPN which had its servers breached and user data exposed
A decentralized VPN (dVPN) is a next-gen VPN that uses a peer-to-peer network of nodes to provide this secure and anonymous connection.
We are VERY biased, so we recommend Mysterium VPN. The distributed architecture of the network means we cannot physically store your browsing activity on a central server.
Instead, you connect to one of the thousands of nodes that are run by regular people like you around the world. You still have the highest level of security and encryption, but with a log-free policy guaranteed by open-source tech.
Just download the app, register your ID and connect to any location in the world.
8. What the Heck is Encryption?
Encryption is the process of encoding information or data in such a way that only authorized parties can access it. Encryption is used to protect sensitive information, such as financial transactions or personal data, from being intercepted and read by unauthorized parties.
When browsing the web, encryption is used to protect the data being transferred between your device and the website you are visiting. This helps prevent others from seeing the information you are sending or receiving and can help protect your privacy and security online.
You can look for apps that take encryption very seriously like Signal messaging app. Encryption is becoming more commonplace with many mainstream apps incorporating the feature, like Whatsapp.
WhatsApp and Signal both feature end-to-end encryption for their voice, video, and text conversations.
While Signal hides the metadata of its encrypted messages, WhatsApp does not. Signal is also arguably safer because the app is owned by a nonprofit, while WhatsApp is owned by Meta.
Bonus points: Turn off location services
If you want to be extra careful and level up in your privacy, this one’s still easy. Go into your app settings and disable location services for every app that does not require it to function.
Some apps, though need your location to work correctly like Uber or Maps, can often have the setting “only track location while using app” – switch to this if possible.