How to stay safer online: Your 2021 online privacy and device security checklist
Dec. 4, 2020
Protecting your personal and financial information when you’re posting on Facebook, paying your credit card bill online, or shopping for birthday presents at your favourite online retailer remains a challenging task.
Scammers are always on the hunt for the credit card information, bank account information, and other personal information of consumers, all with the goal of using this data to run up fraudulent credit card charges, steal cash from their bank accounts, or to open new loans in their names.
Fortunately, there are steps you can take to protect your online privacy and device security in 2021. The big key? You need to use caution to avoid the most common online scams. If you follow one rule, make it this one: Never give your personal or financial information to any person or company that emails, texts, or calls you.
Here’s a look at some of the steps you should take this year to boost your internet security.
1. Order your free credit reports, check your bank and credit card statements
If someone steals your login details and banking information, they can cause a lot of damage quickly. They can siphon your bank account, run up charges on your credit cards, or take out loans in your name.
That’s why it’s so important to monitor your credit reports, bank account statements, and credit card statements for suspicious activity.
Log into your online bank accounts and credit card portals frequently. Look for purchases that you didn’t make, payments you didn’t authorize, and withdrawals that look suspicious. If you notice something odd, contact your bank and credit card provider immediately.
Order your free credit reports, too. You have three credit reports, each maintained by one of the three national credit bureaus of Experian, Equifax, and Illion. You can order free copies of each of these reports once a year from their respective websites.
Do this each year and then study these reports. They’ll list any loans or credit card accounts in your name. If you see credit cards or loans that you don’t remember applying for, that may be a sign that someone has stolen your personal and financial information.
2. Invest in a VPN
A virtual private network, or VPN, can be one of the most important tools for boosting your online privacy. It's a way to surf the web while keeping the prying eyes of businesses, governments, and hackers from seeing the sites you visit, videos you watch, and message boards you follow.
A VPN creates an encrypted tunnel between you and an outside server operated by your VPN provider. When you visit sites, download files, send emails, and check your online bank and credit card accounts, this traffic is sent through that VPN tunnel, hiding your activity from others.
When you log onto the internet with a VPN, it looks like your IP address is the same as the one attached to the remote server operated by your VPN provider. This keeps your identity and location a secret from snooping eyes, too.
It's clear that a VPN is invaluable if you want to help protect your personal information and browsing history against snoops. There are free VPN services available but services you pay for may provide more comprehensive protection.
3. Don’t use public Wi-Fi to access personal or financial information
It might seem tempting to peek at your online bank account or credit card portal while using the free Wi-Fi at a coffee shop or in a hotel lobby. But be careful: public Wi-Fi has notoriously lax security measures. Hackers and other scammers could easily intercept your online activity.
And if you're checking your credit card balance or transferring money between your checking and savings account while you’re on public Wi-Fi? These cybersnoops could nab your log-in credentials, giving them access to your most important financial information. This could allow thieves to run up purchases on your credit card or empty the money in your bank account.
The better move? Only use public Wi-Fi for tasks that don’t expose your personal information, such as reading news stories, finding nearby restaurants, or browsing movie reviews. And if you want to protect your privacy while using public Wi-Fi, log into your VPN provider before accessing the web.
4. Install security software, and update it frequently
Hackers are constantly unleashing new computer viruses into the world and these viruses can cause plenty of damage. Some can take over your computer or other connected devices, using your machine to mine Bitcoin, or send spam email messages by the thousands. Others allow cybercriminals to record your keystrokes, see the websites you've visited, and hack the passwords you use to log onto your online credit card portals and bank accounts.
It's important to install and run trusted security software on your computers. This software is an important tool in catching and blocking viruses and malware before they infect your devices.
Once you install security software, don't ignore it. Make sure to allow the updates requested by the makers of your antivirus software. These updates are often developed to fight against specific new viruses, trojans, and malware. If you don't update your software, you might leave your machine vulnerable to cyberattacks or malware. It’s a good idea to configure your settings to allow the software to update automatically.
5. Watch for phishing scams
Phishing is a favorite trick of scammers who use fake emails and texts to try to trick you into giving them your personal and financial information — or even the log-in credentials of your online bank accounts or credit card portals.
Here’s how this scam works: Someone will send you an unsolicited email that looks like it comes from a legitimate bank, credit card provider, PayPal, Netflix, or other financial institution or service. The message might say that your account will be suspended or that your credit card needs to be verified, and that you can verify your card or keep your account from being suspended, according to the sender, by clicking on a link in the email.
Once you click on the link, you’re taken to a web page that, again, looks as if it belongs to your credit card provider, bank, or other service provider. Instead, it’s a fake page created by a scammer. The page will ask you to fill in personal and financial information, often your name bank account number, credit card number, or site passwords.
Never provide this information. Once phishers have this information, they can use it to access your online credit cards or bank account information, draining your bank accounts, running up charges on your credit cards, or taking out loans in your name.
The advice here is simple: Never click on links in unsolicited emails, and never provide your financial or personal information to someone who reaches out to you by email or text. Your bank, lender, and other financial or service providers should never ask for this information. By keeping an eye out for suspicious emails and texts, you can avoid losing your private information to a phishing scam.
6. Change your passwords
It may seem like a simple step, but changing your passwords on a regular basis can go a long way to keeping scammers from accessing your online accounts. And when you change these passwords, make them complicated. Using a combination of symbols, numbers and letters is the best approach. The more complex your passwords, the more difficult it is for hackers to crack them. You can also create long passphrases that you can remember, but others would find hard to guess.
Changing your passwords is so important that there’s a holiday dedicated to it: The next Change Your Password Day is being celebrated on February 1, 2021.
7. Use two-factor authentication with as many sites as possible
Does your bank, credit card provider, or other websites offer two-factor authentication? Take advantage of it.
When a site requires two-factor authentication to log on, you first enter your username and password as usual. You’ll then receive another prompt to enter a code number. This code is usually texted to your phone or sent to you in an email. Once you have the code, you enter it to complete the log-in process.
This might seem like a pain, and it can be inconvenient to request a code to sign into frequently visited websites. But this extra log-in step greatly increases your internet security and reduces the chance that a hacker will be able to break into the password-protected sites you visit.
Two-factor authentication is an especially smart move for important financial sites such as your online bank account, healthcare account, and mortgage or credit card portals. Enabling it is a key step to boosting your online privacy this year.
8. Protect your privacy on social media
You may not realize how much private information you post on Twitter, Facebook, Instagram, and other social media sites. Scammers can use this information to steal your identity. And if you're looking for a job? Some of those past social media posts could give potential employers pause.
You can boost your social media privacy, though. On Twitter, you can switch from a public account to a protected Twitter account. Protected posts are visible only to followers whom you have approved. This way, you can send tweets to friends and family members without broadcasting them to the rest of the world.
You can also change your Facebook settings so that your posts are only visible to approved followers. You can do this by clicking on the "Privacy Settings and Tools" section of Facebook. Tweak who can see your posts under the "Who can see my stuff?" heading. You can also control who can send you messages and friend requests. You can cut out some of the potential spam and phishing attempts from strangers and scammers by restricting your friend requests to "Friends of Friends." You can find this tool in the "Who can contact me?" header in Facebook's privacy settings.
One of the most important ways to boost your online privacy, though, is by being careful what you post on your social media accounts. You might be careful, for instance, about telling the world that you are on vacation across the globe. A scammer might see that post and consider it a chance to find out where you live and break into your home. You might want to wait on posting those vacation pictures until you’re back home.
And never give away any personal information — such as the city in which you live, your date of birth, the street you call home, or your phone number — in your social media posts. Be careful, too, about even giving up your full first and last names. Scammers can use this information to steal your identity.
9. Never accept an offer of “free” in-game currency, cheat codes, or upgrades
Many of the most popular video games offer gamers the chance to buy in-game currency, cheat codes, weapons upgrades or new armor and skins. These upgrades are in demand: Players who purchase them often gain an advantage, which can help them complete difficult or time-consuming in-game tasks and challenges.
It can be tempting, then, to accept an offer of “free” currency, cheats, and equipment from fellow gamers. But don’t accept these offers. They’re often scams.
You might receive a message from a fellow gamer offering you free upgrades or currency if you just download the software that contains these perks. But when you download the software? You could expose your devices or computer to being infected with malware. This malware might turn your computer in a Bitcoin-mining machine. Or it might spy on you as you surf the web, giving hackers the chance to break into your online bank accounts or credit card portals.
Other scammers might promise to send in-game currency directly to your gaming account. But first they’ll need the password and username you use to log into the game. Once you provide this information, the scammers will access your account, including the credit card information you’ve saved in it.
The key here? If an offer seems too good to be true — such as an internet stranger offering you free weapons or in-game currency — it’s probably a scam.
10. File your tax returns early
How does filing your tax returns early each year help protect your privacy? It prevents scammers from filing a fraudulent tax return in your name.
This scam happens more often than you might think. The Australian Competition and Consumer Commission said it received 7,100 reports of identity theft stemming from impersonation of government bodies in 2020.
How does this happen? Usually, it means that someone has gained access to your tax file number. When thieves have this number, they can use it to file a fraudulent tax return in your name. Their goal is to take whatever tax refund your fake return brings them.
If someone pulls this scam on you, you usually won't know until you file your own tax return. When you file, the ATO will inform you that a tax return has already been filed in your name. You might also get a notice from the ATO that someone has created an online account with the agency in your name.
Fortunately, you probably won't lose your refund. If someone has filed a tax return in your name, call the ATO at 1800-008-540. You can find out more information about reporting a stolen tax file number here.
You can reduce the odds of falling victim to this scam by filing your tax return with the ATO as early as possible. If a scammer tries to file a return after you've already done so, it'll be their return that is filed as a duplicate.
Be careful, too, in protecting your tax file number. Practise good internet security and don't fall for phishing attempts designed to trick you into giving up that number. Order your free credit reports and make sure no one has opened loans or credit cards in your name. If someone has filed a tax return in your name, you probably have more to worry about: You don't want a scammer using your tax file number to steal your identity.
Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.