Note: The owner of Page to Pixels has closed his website as he’s taken on a new Social Media job, so I’m reposting my article from there here. Enjoy! 😉
The 10 Commandments Of Basic Security:
For Authors, Artists And Other Creatives Online
Use a paid Antivirus and Firewall. It will update regularly, keeping you protected from Zero-Day vulnerabilities and provides an extra layer of protection when surfing online. Are they fallible? Yes. But for the majority of regular users online, it will keep you and your machine and devices protected from most of the typical and damaging malware and viruses. Some Antivirus software such as Kaspersky will also keep you protected from nasty things like Rootkits and RAT’s (Remote Access Trojans). For another extra layer of protection, if on a Windows machine, keep UAC (User Account Control) enabled too. It keeps malicious software from modifying your system without your permission.
- Thou Shall Use Strong Passwords
A hacker once told me, “Your passwords should be like launch codes…” and I agree. They should contain (wherever possible) long strings of both upper case and lower case letters, digits and symbols such as #!&. Or use a string of four to five words, unrelated to one another but know that sometimes these types of passwords are vulnerable to Dictionary Attacks. Make a hard copy of all of your passwords, keep them up to date, a simple notebook will do, kept in a secure location. Change them every 3-6 months. If your machine is clean, malware and virus free, think about using a Password Keeper but also understand that they too can be vulnerable to attacks. Avoid Public Wi-Fi whenever possible, and make sure your home network is secure by choosing the most appropriate setting. If you must use Public Wi-Fi, make sure your settings on your computer and/or devices are set to Public to avoid sharing files on that network.
- Thou Shalt Not Reuse Passwords, For Goodness Sake!
Use a different password for every account and/or device you use or have. Yes. You must! It’s a pain in the ass but it’s worth it, so just do it.
Remember to back up your files, such as media, documents, photographs and any software/applications you use frequently. Use an external, portable hard drive for added security if you don’t trust Cloud back up, flash drives for quick backups etc. Keep your passwords on Cloud backup secure by following the aforementioned advice.
- Thou Shall Keep All Of Your Software/Apps And Websites Updated
Make sure you regularly update your machine and software too. Choose automatic updates if less tech savvy. Always keep Flash updated and if you’re not using Java for gaming (Minecraft etc.) or keeping it up to date from previous versions, uninstall it. Also make sure your browser is updated too. If you’re thinking about having a website and are not technically proficient, use a CMS (Content Management System) website provider such as WordPress.com that regularly updates your website’s security and includes a comment anti-spam features (like Askimet) that also protects you from attacks.
Phishing is a particular nuisance to those who use the Internet for business, such as writers, artists etc. Often it arrives in your inbox in the form of some job offer or some other product offered. Always check the email it was sent from, if you can see the source of it (some email providers, provide this service) examine it. Social Engineering can also take place in these malicious types of emails by trying to entice you to download certain documents, run programs or click on various links within these emails. Good rule of thumb is: Unless you know the person and they’ve made you previously aware of sending you such information, don’t download anything or open any links. Be suspicious and wary of links that even family and friends send you with jokes etc. Social Engineering is especially rampant on Social Media by using tactics such as, ego flattery, being overly friendly and even romance (specifically targeted at women) or just the opposite, abusive with you. In security, the weakest link in the chain is the human being. Kevin Mitnick was famous for exploiting human vulnerabilities. Good videos explaining this to the average user are:
Social Engineering – Don’t Trust Fancy Ties & Polished Lies by Enterprise Risk Management:
The Dangers of Social Engineering by NCMS Inc.:
- Thou Shalt Not Feed The Trolls, Stalkers, Script Kiddies And Hackers
They will lie, defame and are often downright delusional with accusations, anything to engage you. Why? Because they’re trolls. But don’t engage them. They use tactics such as shaming and doxing also. Often their motives are simple and for very selfish reasons, but the worst ones can have far-fetched vendettas about some innocuous thing you’ve said or think you may have done or wronged them by. Never be afraid to block them or even act bizarre (crazy*) in return to deter them and keep away from you. Blocking isn’t censorship on them, it’s giving you your freedom to go about your business online free from harassment. Their abuse is censorship on you. If it’s particularly bad, always take screen shots but never respond; log IP’s on your website with any explosive comments and don’t read them if they upset you. And never be afraid to seek out professional help if it gets out of hand.
Most hacking of accounts on Social Media occurs because of these reasons:
-A compromised app, or bogus app
-Clicking on links, especially shortened URL’s without expanding them to see the link
-Visiting websites without being aware they’re logging your IP, or neglecting to scan the website first
Most malware and viruses are often dispatched in private messages and DM’s (Twitter, Direct Messages) via links or code dumped there, or links that lead you to re-log into your account. If you see strange code dumped on your feed or other nefarious posts shared by others on these platforms, never retweet them or repost them. Be wary of spam masquerading as actual posts or tweets too. Often times bots on Twitter will attach themselves to your account. Never follow back and block all bots if they follow. Do not retweet or follow any Follow Back Teams either. Signs of bots are: Never engaging in reciprocal conversations; timelines full of quotes and jokes, a sign of automation; and no favorites.
Resources and information:
Does the Twitter Follower Scam Actually Work? by TrendMicro: http://blog.trendmicro.com/trendlabs-security-intelligence/does-the-twitter-follower-scam-actually-work/
Investigating Twitter Abuse, Part 1 by TrendMicro:
Investigating Twitter Abuse, Part 2 by TrendMicro:
- Thou Shall Be Choosy About The Media You Share Online
Not everything about you must be shared. Think Before You Post is a good way to stop and reconsider future repercussions about what you’re posting. Limit your media such as photographs too unless this is your business to do so. Understand that Cloud, devices, Social Media accounts even with extreme privacy measures set on can still be hacked by very obsessive, stalking hackers. Never store, take photos of yourself that you don’t wish to be shared or made public. Understand too that devices and computers with built in cameras are at risk also for being hacked. If you feel especially paranoid about this, tape up your cameras and never use them. Use a separate device/camera to take photos with. Make rules between friends and family to okay all media about you before they post it too. Know your boundaries and what you’re comfortable with and never be afraid or intimidated to enforce them with others.
- Thou Shalt Not Freak Out Even If This Still Happens To You, ‘I Was Still Hacked!’
It happens, even after following the most stringent routines with security. Know that it’s not your fault and it happens to thousands of people and businesses each day. Seek out professional help if you’re dealing with malware and virus and get help if you’re dealing with personal abuse too, especially with PTSD and depression as a result from it. This may be the case if it has been an especially virulent attack such as doxing or from cyberstalking. Know that you’re not alone and that you have just as much right to be online as anyone else too.
More Free Resources, For Anonymity When Surfing:
Proxy, KProxy: https://www.kproxy.com/
Proxy, HideMyAss: https://www.hidemyass.com/proxy
Be Safe And Surf On! ~Sara 😉