Check for Breaches

We research all brands listed and may earn a fee from our partners. Research and financial considerations may influence how brands are displayed. Not all brands are included. Learn more.

How to Protect Yourself Online: A Hacker's Guide

Cybercrime is on the rise, and we’re all vulnerable.

The FBI’s Internet Crime Complaint Center fielded 800,944 complaints reporting losses of more than $10.3 billion from suspected internet scams in 2022. On the dark web, Social Security numbers, passports and credit card information sell for as little as $1.

“Everyone’s information is available,” says cybersecurity expert Brett Johnson.

Johnson, a former cybercriminal who once ran a popular online identity theft ring, says being aware of the dangers around cyber attacks isn’t enough. If you want to avoid becoming a victim, you need to take action.

“You can't wait for someone to protect you," he says. "You have to try to protect yourself.”

​​Table of contents

Ads by Money. We may be compensated if you click this ad.Ad
Having your identity stolen may come at a high cost
With Aura in your corner, you'll have the proper software to protect your every online move. Nowadays, we all need Identity Theft Protection. Find yours by clicking on your state below.
HawaiiAlaskaFloridaSouth CarolinaGeorgiaAlabamaNorth CarolinaTennesseeRIRhode IslandCTConnecticutMAMassachusettsMaineNHNew HampshireVTVermontNew YorkNJNew JerseyDEDelawareMDMarylandWest VirginiaOhioMichiganArizonaNevadaUtahColoradoNew MexicoSouth DakotaIowaIndianaIllinoisMinnesotaWisconsinMissouriLouisianaVirginiaDCWashington DCIdahoCaliforniaNorth DakotaWashingtonOregonMontanaWyomingNebraskaKansasOklahomaPennsylvaniaKentuckyMississippiArkansasTexas
View Plans

Step one: Think like a hacker

Johnson knows a thing or two about cyber attacks. Between 2002 and 2004, he ran ShadowCrew, credited as the first forum for cybercriminals to share tips on hacking, credit card fraud and various other scams.

These days, Johnson works as a cybersecurity consultant and public speaker, and he's dedicated to helping people avoid falling victim to cybercrime.

His advice varies from person to person. Someone who works in upper management at the top of the corporate ladder might get hit with sophisticated cyber attacks aimed at installing ransomware in their company’s network. (Often, this kind of attack paralyzes their company’s operations until they agree to pay a ransom.) Other people might fall victim to identity theft or credit card fraud.

Understanding your place in this "cybercrime spectrum" will allow you to protect yourself accordingly, Johnson says.

Regardless, who gets hit first is not determined by algorithm or strategy, he says. It’s all ease of execution.

“It boils down to who is an easier victim,” he says. "Who is that lowest-hanging fruit?"

Hacker tip

Hackers send phishing emails with links or attachments designed to steal your sensitive information like passwords or financial information. If you hover your cursor over the link, you can see the actual URL address. If the URL address looks strange or incorrect, you can determine it’s a phishing scam. Make sure never to click on a link or download an attachment from a text message or email unless you’re absolutely sure you know who it’s from.

It’s also crucial to download new apps through secure platforms, such as the App Store for iPhones or Google Play Store for Android devices. Never use an external link to download an app.

Step two: Protect yourself

The best deterrent for cybercrime is making a criminal think you're not worth the effort. And Johnson says, "You can be better protected than 90% of the people out there" with these three steps:

Use a password manager

Most people use the same password, or variations of the same password, across their digital existence. So if just one of their credentials falls into the wrong hands, they can end up losing everything from their Gmail account to their online banking logins.

The solution, Johnson says, is a password manager. With the help of this software, you can generate a unique and strong password for every one of your online accounts — all stored behind an encrypted key known as a master password.

Monitor your credit

Sites like Credit Karma and Experian offer credit monitoring services that alert you of any suspicious activity on your accounts or if your information has been compromised in a data breach. Some even notify you if your information has been spotted for sale on the dark web. Many credit monitoring services are free and offer premium features as an upgrade.

Freeze your credit

A credit freeze can be an effective tool even if you've never been a victim of identity theft, Johnson says.

It restricts access to your credit report, making it impossible for credit card scammers to open up a new line of credit under your name. Freezes don't prevent unauthorized credit card purchases, and you'll have to unfreeze your credit if you want to, say, open up a new credit card. But the process is completely free and usually takes effect immediately.

Hacker tip

While using password managers or creating strong passwords can make gaining access to your personal data difficult, using two-factor authentication will offer even more identity protection. Two-factor authentication will ask for a password as well as a randomly generated passcode that gets sent to your mobile device or email. The second factor can also be biometric information, such as a fingerprint or face scan. If you use cryptocurrency, even though cryptography is used to ensure safe transactions, it’s a good idea to enable two-factor authentication for added protection.

Ads by Money. We may be compensated if you click this ad.Ad
Secure your credit, identity, and personal information with Identity Theft Protection Software
Start protecting all your personal information, including passwords, credit cards, and Social Security number. Click below and safeguard your data today.
View Plans

Step three: Treat social media like the threat it is

Posting an overabundance of information, photos, geo-tags and other data on your social media accounts gives bad guys some key resources to act against you.

Mother’s maiden name? There’s that selfie with a tag. Alma mater? Check out the pic from last year’s reunion. It’s all there.

“Criminals will go through every single bit of social media to find anything they can use to their advantage,” says Johnson. Carelessly volunteering all this data can become a big liability.

Be careful about what you post. Check your privacy settings, and make sure you're not revealing your location or using the same password to log into third-party websites. It's also a good idea to go over your “friend” list with a fine-tooth comb, Johnson says.

"Do you actually know your 10,000 'friends?'" he says. " If you don't, why on earth are you sharing anything with them?”

Hacker tip

Hackers may post surprising or unexpected links to videos on social networks and entice you to click on them. Clicking on the links may download malware onto your computer, which hackers use to collect your data and spy on your activity. Try doing an online search for the video’s title on Google or YouTube and see what results come up. If the link is a scam, someone probably has already reported the video link.

Step four: Protect yourself offline too

New scams have emerged, looking to cheat people out of their money. Widescale uncertainty adds to the problem, with many Americans lowering their guard due to work-from-home arrangements and other new responsibilities. And while many of the scams people fall victim to have been around for decades, they're becoming more sophisticated every day.

"Spoof calls"— fake calls that appear to come from a police station, hospital or social security office — are a prime example. Getting these kinds of calls forces most people to react emotionally while proper reasoning takes a back seat.

Let’s say you get a call informing you that something terrible will happen unless you hand over some money. Maybe you’re being told that your last few child support payments have bounced or that your grandson is in jail and needs bail money.

Even if you're skeptical, simply engaging with these scammers can be harmful, Johnson says. The person on the other end can use whatever you tell them to fill in the blanks on the profile they're creating of you and your household. (Saying something as innocuous as "stop calling my house," for instance, confirms that you're on a residential phone that another family member might also use.)

The best advice, Johnson says, is to hang up the phone.

Hacker tip

Beware of new AI voice clone scams. Thieves are using artificial intelligence (AI) technology to clone voices found on the internet. These cybercriminals could use AI voices to call family members, pretending to be in desperate situations and in need of money. If a friend or family member has videos or voice clips on social media or YouTube, scammers can synthesize that voice to say anything.

One way to combat this is to ask a personal question that the scammer wouldn't know. These phone calls won't be coming through the friend or family member's actual phone number, so you can also try to contact the person via their real number to make sure they are who they say they are.

Step five: Stay informed about new scams and cyber threats

New scams and cyber threats are popping up daily. With new AI technology changing how scammers can get people to hand over their personal information, it's vital to keep up to date with the newest tactics.

One way to learn about the newest developments that scammers, hackers and cybercriminals are using is to keep up with online news and blogs focusing on cyber security. You can also sign up for email newsletters on the topics or follow cybersecurity experts on social media. Also, ensure you know how to check for identity theft so you can take action right away if something happens.

Hacker tip

The best way to protect yourself online is by remaining aware and working to recognize when someone may be trying to take advantage of you. Always consider what information you have available online, even when it's password-protected. Streamlining your online presence can help prevent hackers from obtaining information that can be used against you.

Ads by Money. We may be compensated if you click this ad.Ad
Identity theft happens when you least expect it
Aura can help protect your identity, finances and sensitive data. Click below to get started today!
View Plans
Protecting Yourself Online FAQs
How do I create strong and unique passwords?
chevron-down
chevron-up
Creating strong and unique passwords is an essential step to protecting yourself online. You can better protect yourself from hackers by following a few simple steps. First, make sure not to reuse your password across multiple platforms. If your password gets stolen from one app or website, it could expose your sensitive data on other apps and websites that use the same password. Also, don't share your password or write it down where others can access it.

To create a strong and unique password, don't use personal information that may be available to the public. The longer you make your password, the more difficult it will be for hackers to figure out. Adding uppercase and lowercase letters, numbers and symbols will make your password increasingly difficult to decipher. Coming up with a random combination instead of using an actual word will further strengthen your password. If you find creating a password like this difficult, consider using a password generator.
What do I do if I receive suspicious emails or messages?
chevron-down
chevron-up
If you receive a suspicious message or email, make sure not to open it. You should never download or open any attachments that came with the message as they may contain viruses, spyware or other types of malware. Likewise, don't click on any links that come with the message. It's best to report the message, block the sender and delete it.
Are there reliable antivirus software programs?
chevron-down
chevron-up
Whether you use a MacOS or Windows operating system, there are many reliable antivirus software programs available. An effective antivirus program uses real-time scanning and automatic updates to have profiles of the latest forms of malware. Antivirus programs should also be easy to use and back up your computer's data routinely.
How do I avoid falling victim to phishing and online fraud?
chevron-down
chevron-up
There are several ways to protect yourself from phishing scams and online fraud. Be ready for them by staying informed about the newest techniques and being very selective about what you click on. You can also take precautions by installing an anti-phishing toolbar on your web browser, subscribing to antivirus software and using firewalls. If something seems suspicious, it's best to play it safe, try to verify that the information is legitimate or ignore it.
How can I ensure the safety of my personal information while using public Wi-Fi networks?
chevron-down
chevron-up
The best way to protect your personal information when using a public Wi-Fi network is by using antivirus software and a firewall. A virtual private network (VPN) can offer an extra layer of encryption and protect you while using Wi-Fi from a public router.

If possible, avoid public WI-Fi if you're accessing any apps or sites with sensitive information, including bank accounts and shopping sites like Amazon. Be careful not to enter your debit or credit card numbers into a website while using public Wi-Fi if you don't have other protection installed.
Ads by Money. We may be compensated if you click this ad.Ad
Protect yourself from the threat of Identity Theft with Aura
Featured
Is Your Personal Data at Risk? Find Out, and What You Need to Do if it is

Tags