Lachlan B's Blog

Securing your pc after online abuse

So you're the target of online abuse? You need to secure yourself from being hacked. Here's what you need to do immediately:

  • Enable two factor authentication for every account that you can - especially your main email account. Your main email account can be used to get access to all of your other accounts via a password reset, so it's very important that you protect it. You need to enabled it for your google account (called "two-step") and also for you facebook account (called "login approvals"), twitter (called "login verification"), banking, and any online account that supports it (as of writing, instagram doesn't).
  • Put a lock code onto your mobile so that if you lose it, people can’t access your accounts.
  • Back everything up - onto a USB drive, AND use an online service (I have heard that BackBlaze is good).
  • Use a password manager for ALL of your passwords. LastPass is good (or 1password). Go through EVERY SINGLE WEBSITE that you can think of and change your password. Also, don't use those “forgot password secret question” things - just generate another password and put it into your password manager. Password managers are great because they mean you can generate a complex password for each site that you use, so if one account is hacked the hacker won't be able to re-use the same (or similar) password to try to gain access to your other accounts.
  • The most secure browser is Chrome. I would also strongly recommend you use the AdBlock Plus extension which is fantastic - that will make your computer much more safer when browsing.

Things to do tomorrow:

  • If you are using windows, install a virus scanner - microsoft security essentials is free.
  • If you're on windows, set windows update to run every day.
  • Enable find my phone app for iPhone and practice using it from another phone. (I'm sure there's an equivalent for android mobiles)
  • If you're on windows, uninstall java, uninstall acrobat reader and uninstall flash. Install Sumatra PDF for reading PDF's - it's much faster and more secure than acrobat reader.
  • If you don’t already, have a separate email for personal and work.
  • Make sure your physical office is locked down. If you have a laptop, get one of those cable lock things.

Things to remember:

  • Be extremely wary of opening ANY attachments, even from a friend (your friend might have been hacked)
  • Be wary of "social engineering" attacks. This is when people ring you up and claim to be from Microsoft, or from IT support, or a bank, or whatever. Believe it or not this kind of thing happens pretty often. Never give people your DOB or passwords over the phone. If someone rings claiming to be from your bank, or insurance, or anyone really, don’t take their word for it. Ask them for their name and ring back the bank on a known, trusted number (get it from the website) and ask to speak to the person. If they won’t co-operate, tell them to send you a letter and hang up.
  • Shred documents like bills and anything with personal information on it.
  • Don’t use free WIFI. They can be dodgy. Or if you have to, use a VPN. I have heard that freedome is good.
  • If you have a public website, get a security scan done by someone else than your regular IT people. They might uncover potential security holes that can be hacked.