If your data has been hacked, you’re not alone. One in 4 Americans were hit by information security breaches in the past year, according to an April 2015 survey from the American Institute of CPAs. The survey also found that no age group was spared, though older adults were more likely to fall victim than millennials.
The damage can be great, too. Of those surveyed, 20 percent indicated identity theft pulled down their credit score.
If you’re worried ID theft is dragging down your score, check your credit report for free at myBankrate to look for unauthorized accounts.
Your data is never going to be breach-proof. Indeed, you can’t stop hackers from infiltrating your insurance company, bank or favorite big-box store. But you can build a stronger wall of protection around the networks and personal information you hold dear.
Here are five things you can do to protect yourself.
You do what you can to keep your home protected from break-ins — you may even have a home security system — but your computer network needs protection, too, says Christopher Budd, threats communications manager at Irving, Texas-based Trend Micro, a global security solutions provider.
“Home network routers are a particular area of vulnerability” to hackers, he says. Why? Because we don’t often think to update their security.
To start, says Budd, make sure that network routers are password-protected — and that you’re not using factory-supplied default passwords. Second, make sure the network is updated.
If you don’t know how to do it, you’re not alone, says Budd. Most Americans don’t, and it’s hard to do solo. “In my career, I’ve had 30 professional certifications and I get nervous updating my router because if it goes badly, my home network is dead in the water,” Budd says.
You have two options: Call your Internet provider and have them walk you through it, or hire a professional to do it for you. Budd recommends the latter.
You know not to click on links in suspicious-looking emails from what sort of looks like your bank, but phishing scammers are getting more sophisticated and are using more outlets to try to catch your personal information.
“With the rise of social media, phishing attacks continue to grow and become more sophisticated,” says Mark Stevens, vice president of global services and support at Digital Guardian, a Waltham, Massachusetts, cybersecurity firm. “Now attackers can use the messaging feature in social media as another medium in addition to email.”
Hackers also have shifted to “spear phishing,” which is when you get a message addressed to you personally claiming to be from a person you know or a company you’ve done business with seeking your personal information. If it appears the person or company knows you, you may be apt to let your guard down.
If you’re suspicious of a message, even if it looks real, don’t click on the link. Instead, call customer service and ask whether they sent something to you. If they did, then you can resolve the issue over the phone. If not? Trash the email and report it as spam.
USB drives and CDs are convenient ways to move information from one machine to another, but they also can transfer malicious software to your computer if one of those files is malware-infected.
“Most users think (malware) is only on websites and email, but it can also be hidden in downloadable files, photos and videos. Once these infected files are saved to a USB drive or CD, then the removable device also becomes infected,” Stevens says. “From there, once the removable device is infected, then any computer that hosts the USB drive or disc will also carry the malware.”
To protect yourself, make sure you’re running updated anti-virus software on your computer.
This may sound obvious, but a lot of consumers still don’t get it. “We’re seeing people use ‘123456’ and ‘password’ commonly,” says Andy Steingruebl, director of customer and ecosystem security for PayPal.
In order for your passwords to remain secure, Steingruebl says to make sure you don’t use the same one on multiple accounts and change them regularly.
And don’t store them in Web browsers, says Trend Micro’s Budd. “Malware that gets into your system can do everything on your system that you can,” he says. “If passwords are in your browser with the password saved, the malware can use your browser with the password saved.”
Your phone knows a lot about you, and most smartphone apps want access to your data. Unless they really need that information, don’t give it, and don’t store passwords in your phone either.
If you’re downloading apps, make sure they’re from a reputable source, like iTunes or Google Play. Sure, that off-brand site may look cheaper, but there could be a reason for it: The real profit is what it shifts off your phone.