Digital Security Guide 2021: Protect Yourself From Threats and Hackers

on

Many general tips on prudence and care never get old when it comes to avoiding fraud and scams. But some technologies and resources can make our lives easier when applying this care in practice, and they are constantly evolving.

That is why the blog Digital Security has separated some tips to let you know about the latest recommendations and to renew your defense arsenal with the best practices of today.

Digital Security: Protect From Threats


Two-step verification

Multifactorial authentication (also known as "two-step verification" or "two-step verification") is a security feature that provides for the use of two or more authorization mechanisms to prevent unauthorized access after password exposure. In practice, in addition to using your password, you can use something like:

  • Temporary passwords;
  • Access card (common in ATMs);
  • USB device;
  • Biometrics, such as digital or facial recognition.

Many services on the internet allow the use of multifactorial authentication and it has been recommended for years, both by specialists and by the services themselves. Facebook (including Instagram and WhatsApp), Twitter, Google, and Microsoft are some of the companies that allow the activation of two-step verification. So far, nothing new.

The difference for 2021 is that one of the most traditional means of two-step verification - receiving SMS with a temporary password on your cell phone - is no longer considered secure. This greatly changes the way to use 2-step verification.


How you should use 2-step verification today:

  • Download a temporary password generator app on your phones, such as Google Authenticator or Microsoft Authenticator (you can also search for these apps on Apple's App Store);
  • Set up 2-step verification on services using the "application generated password" or similar option;
  • Register the QR code in the password generator application. From this moment on, you can open the app to see your temporary password;
  • Prepare emergency authentication: if the service offers an account recovery code or backup passwords, you must generate and store these codes in absolute security. If this option is not available, save the QR code on a special device (a thumb drive that you don't normally use, for example). If you don't prepare for emergency access, you risk losing your account in case of problems with your cell phone. Microsoft Authenticator also allows you to synchronize these temporary passwords with the cloud, but remember that you will still need the means to log into your Microsoft account;
  • Disable account recovery using your cell number. This avoids risk if the device/chip is stolen.


Passwords

Creating strong passwords is important, but data leaks, which are occurring with great frequency, have made it essential to use unique passwords for each service. You should no longer reuse any passwords, which creates an immense challenge for our memory and a barrier to productivity.

It is also necessary to replace passwords that have been leaked and, thanks to some new features that arrived throughout 2020, you will have several options to know which passwords need to be changed in 2021.


See the tips:

  1. Set up a screen lock or biometric password on your phone. On Android, use a drawn pattern or digital recognition; on the iPhone, feel free to use facial recognition, but be aware of the emergency lock to prevent others from unlocking your device by pointing it at your face. Do not use facial recognition on Android;
  2. Use a password manager (or several). Password managers make your life easier by auto-filling, but they also create a small risk for you if your phone or computer is attacked by viruses. You can use multiple managers to not have all your passwords in one place;
  3. Use services to check your passwords and don't ignore alerts. All major browsers today warn you when a user password has already appeared in a data leak - which means that you must change it. The MinhaSenha website is another service to check if your password has already appeared in a leak;
  4. Memorize your master passwords. Passwords for important email accounts, and your password manager password, must be at least partially memorized. You can use entire phrases or initial lyrics from music verses, for example, to make memorizing these passwords easier.

Check out some options for managing your passwords for free:

  • Google Password Manager (integrated Chrome browser and Google account, free);
  • LastPass ;
  • Microsoft (integrated with Authenticator for Android, can also be used on Windows, Edge and with extension for Chrome);
  • KeePass (with Keepass2Android to sync your passwords on Android).

If you want to pay, you also have options like Dashlane, 1Password, and Dropbox Passwords.


Digital pests and viruses

Malicious code remains a problem, but fraud has changed somewhat.

On cell phones, many scams happen at the time of payment. After downloading a "free" app, you need to pay close attention not to authorize a recurring charge for an unwanted subscription.

On computers and notebooks, rescue viruses hijack files and charge you to return them to you. Before thinking about improving your antivirus software, the tip is to look for a device such as a thumb drive or external hard drive to create a backup copy of your data. With this additional copy, you can always recover your files - no matter what happens to your data.

To avoid problems, always remember to download programs from known sources and do not follow links in emails if the message arouses any suspicion.

If you use Windows 10 or 8.1, be sure to leave the User Account Control setting at maximum. In the start menu, type "User Account Control", open the option that appears, and leave the setting in "Always notify", the maximum option. This prevents viruses from easily gaining full access to your system. Only authorize programs that you know or when installing new software.

In 2020, many digital pests also increased in macOS. In recent versions of the system, Apple has come to require registration of programs, but that does not prevent all attacks with viruses. Be wary of unexpected downloads on the web, and if your system starts showing too many advertisements at inopportune times, it's likely to be contaminated.


Online shopping

When the matter directly involves a financial transaction, it is easy to understand the criminals' interest in scamming.

In 2020, the Central Bank launched the PIX, a new payment and transfer system to be used in Brazil. Understanding how this technology works and how to use it safely - both to send and receive money - will help you avoid the scams that have already appeared involving the PIX and others that are yet to emerge in 2021.

In e-commerce, you must use the virtual credit card and know your bank's Authorized Direct Debit (DDA) function to avoid any scam involving fake or adulterated bills.

Comments

Post a Comment