Not a day goes by when we get alerts or notifications that a corporation was breached, or “something” was hacked. Depending on what you may know can safe you from being a victim easily. This page is just a quick touchup on staying securing. Rest assured, knowing the basics of Cyber Security goes a long way and you can be up to minimum standards and even be a lot more protected than the IT your organization has in place. We can easily keep our devices secured however it is up to the services that you use on a daily basis to help securing your metadata on their side, such as social networking, financial institutions and even the utility sector.
Some products may contain affiliated links. I encourage everyone to research before making a final judgment on a particular product or service. Any questions can be directly answered by various IT support on the internet including Reddit or even the products mentioned may have their own subreddit, social networking or forum. Reddit will be the fastest way to find an answer especially if the service or product has their own subreddit with a Q&A. The Tech support subreddit is also another good source.
Data encryption is very important. A good subscription service to well known Virtual Private Networking, or VPN, helps encrypt your traffic from your device whether PC or mobile during transit to your destination. Many hacking tools are available to easily scan, access, view and steal this data. You may have heard of hiding your Internet Protocol, or IP helps with this protection. Free VPN services should be ignored as they need the revenue to stay afloat and this is where you become the product and your IP is not safe as it can be sold to data brokers in exchange. There are even a few paid subscription services that are fake, or have a bad reputation and my opinion to that is to compare and look at reviews.
Currently on the market, ProtonVPN, MullvadVPN, NordVPN, ExpressVPN and Cyberghost VPN are some that are amazing. These companies offer quite a bit of options and even trying a trial will help you determine which one is best for you.
I tested them all and ended with a full service with ProtonVPN as it comes with other encrypted tools such as Proton Mail and Proton Pass which has excellent protection. I also use MullvadVPN but with regular every day standard users just browsing, playing games, watching Youtube or checking mail, only one VPN is needed. You do not really need a VPN but you can instead use encrypted DNS or an adblocker such as Adguard that acts as its own VPN but instead uses your real IP. More on these coming up.
Encrypted DNS such as NextDNS or Quad9 is also another important modern tool for internet protection. I simply can not live without it. Encrypted DNS, or Domain Name Server, sets you up with an encrypted tunnel to which certain dangerous elements are blocked or unable to be accessed. NextDNS, goes a step further and lets you control on what is blocked along with numerous other options just as blocking known malware sites, adblocking and fake duplicate sites that look like the real websites. The catch is these features are $19.95 a year. You can still use the free version which is good enough or Quad9, but you have no control over what is blocked or accessed.
The best thing about encrypted DNS is you can easily set them up either via app or manually on your devices very quick. There is plenty of apps available in the app stores for mobile devices that helps you become encrypted. Whichever you decide to protect yourself with, remember this is highly useful in protecting overall. I should also mentioned that some free apps will set up a VPN connection with your encrypted DNS. This means you can not use your VPN at the same time. However, encrypted DNS has been one of the best investments with incredibly improved sense of security I ever had.
Another easy to use and install protection tool is adblocking. Advertisements in general is safe but sometimes the negative effects is distractions or slowness. Since 2010, advertisements can hide direct links to fake websites that include malware or other infostealers that can be dangerous. By 2020, all federal agencies have adopted the policy for their users to use adblocking for this reason alone! This is why everyone should use them.
Adblocking normally comes in the form of a browser extension. More tech savvy people can simply edit the device’s host file to include manual entries. The best browser extension on the market for all browsers is Ublock Origin and Adguard. Even with a VPN, advertisements will still find their way into a website, or app. This is another reason why adblocking should be mandatory and It only takes a minute or two to visit your browsers app store under the extension portion of the store and type in adblock.
Having one debit and/or credit card maybe ok for some. But in 2024, millions around the world has their data breached via financial institutions, payment processor or a website that stored your card information. My cards was hacked twice in 2024 because they was on a website that was breached.
The best security for your payment cards is having a virtual card. There are services such as Revolute that provides you with a psychical card along with virtual cards and even a one time use card. You are in full control of these cards and can use them however you want. For instance, you can use the psychical card for gas purchases or groceries, while you use a virtual card for your Amazon or Netflix purchases. You can use the one-time card on a website you are not sure of. The growing need for virtual cards help eliminate of having one card being comprised which can take some traditional banks weeks to send a new card. FinTech Chime is another good service to use which gives you the option to freeze your card anytime you want to prevent unauthorized transactions. Revolut cards also have the same function.
Traditional brick and mortar banks that does have these type of security in place sets you up with a high chance of being hacked or worse. It maybe ok to have one or two traditional cards as well as secondary disposable cards, but make sure they have the function to freeze/stop unauthorize transactions or other modern security practices.
Password managers are another area in this topic that is both a life saver, and sometimes not secure at all. Modern password managers helps maintain not only your passwords but gives additional features such as OTP (one time passcode), generating password and even saving your identities such as name and address. Most of the top password managers are encrypted and can be used either as a standalone app or browser extension. There is free versions and then are paid version which may or may not have more features than others.
The main importance of these password managers is keeping your credentials safe. Using the option to autofill instead of typing out your credentials also saves time and from inconvenience. As mentioned on the VPN section on top of this page, I use the full Proton package therefore I have the pro version of ProtonPass. I also have the full pro version of 1Password and also use Keepass (because it is more technical). If you are bad for not remembering passwords, these password managers will be a lifesaver.
OTP is highly important in cyber security. OTP, One Time Password is the best defense against anything trying to break into your social account, or websites. These act as a 2-step authentication after inputting your credentials to login. What makes this very hard to crack is that all OTP are encrypted and some are in the form of hardware, not software setups. That means anyone trying to hack into anything you have 2FA connected to your OTP would need psychical access to your hardware device. OTP are becoming more popular and secure just on the phones themselves. Once again, anybody trying to hack into your login would need your phone for the OTP which usually lasts between 30-60 seconds.
Perfect example is the OTP scene in Mr Robot:
Which OTP is the best to use? Can I use free versions? The only free OTP that is suggested to use is open sourced apps such as Aegis. Some password managers such as Proton Pass has OTP for the pro version. Many will come under the term “authenticator” such as Google authenticator or Microsoft Authenticator. Whichever you choose, I highly suggest start using it religiously.
This one is and will always be controversial but it has helped many people that I have helped to avoid losing their emails or information to hackers. Never use your work email as a personal email. EVER! Keep your logins different from financial institutions to social networking. This means have separate emails for separate occasions. Use your @gmail.com email on social networking sites, but also have @yahoo.com for your banking . This goes for shopping sites as Amazon, Ebay or Walmart. With password managers, it is very easy to keep up with which login goes to which website. If a hacker gets one of those emails, they will not be able to find your other emails.
This also goes with encrypted email services. We may want to use Yahoo, Google or even Outlook but encrypted email should also be of importance for protection. ProtonMail, Skiff, and Tuta are just a few available. All of these are free and contains options to use alias instead of using the actual email. Another good reason for better protection, privacy and safety.
Cyber attacks come in all forms and each day a new attack, hack and breach is made. While it may seem like it is impossible to keep up with security standards today and what is mentioned on this page gives everyone a fighting chance. I did not mention other security aspects such as anti-virus, gps spoofing, rebooting your devices, self-hosting and a lot more, I have found this quick guide helped many people over the years and has great chance of success. I will post in the near future on some of these “other” aspects as they deserve some special attention for a good reason.