Useful Tips

Reliable methods for protecting personal data on the Internet

Autologin is an automatic login to the application without entering a password. This is a fairly convenient feature, but if a third party gets access to your smartphone, you can access social networks, mail and other applications without hacking. In this case, it is better to set up double authentication. Yes, it is not entirely safe due to the fact that the password comes via SMS, but it is much safer than autologin.

If you do not want to remember all passwords from social networks, mail and applications, then you can use the application that creates an encrypted container with passwords, access to which is possible by entering a single password, confirming biometrics, or both. It is safe and convenient.

Turn on data encryption

IOS and Android have a data encryption function, and Android can encrypt the memory of not only the phone, but also flash cards. Encryption is one of the easiest ways to protect personal information. It has many advantages, but also one drawback - the need to enter a password whenever you want to use the device. If, for example, you only need to encrypt gallery data, you can install an application for encrypting data, such as Photo Vault PRIVARY, with which you can encrypt gallery data, and no one can access it except you.

The higher the level of encryption, the more difficult it will be to decrypt the data using popular hacking methods. For example, the same Photo Vault PRIVARY application uses 256-bit AES CTR encryption, which can only be cracked using a supercomputer. It is unlikely that anyone will sneak into CERN to decrypt your smartphone data and see photos and videos from the gallery.

How to protect personal data on the Internet: 6 steps

Today, online fraud is very common, so everyone needs to know how to protect their personal data on the Internet. If this question is relevant to you. Then this article is what you need.

Why is it necessary to protect personal data on the Internet? Many do not attach importance to this issue, let everything go by chance and completely in vain. We are constantly online. We sit on the Internet at home, at work, in transport, go into it from a computer, phone, tablet. We communicate in social networks, instant messengers and give out access to your personal data when we download the application. But an attacker can hack our account "without noise and dust." Calculating a password is not so difficult, especially if there is no binding to the phone number. We suggest that you familiarize yourself with the available information on how to protect personal data on the Internet. Simple steps will help you avoid trouble.

Did something serious happen?

Yeah, and got a big response. On July 5, 2018, Yandex indexed Google Docs documents that were not protected by privacy settings. So open access got phone numbers, photos, passwords, screenshots of passports, client databases, reports with financial indicators and a bunch of other private information.

I do not keep my passport in googlodok. Is everything safe?

Not. This case is one of many. For example, in March 50 million Facebook users became aware of a data leak through the thisisyourdigitallife polling app. The creator of the service, Cambridge Analytica, collected user data and sold it to third parties, including political headquarters.

Mail services

E-mail is needed not only to receive and transmit information, but also to register with most services on the network. Just imagine how many times you entered your email login on various online sites. And how many services has your personal data. In addition, all the information that is stored in the inbound and outbound of your email inbox may fall into the hands of scammers. And if this data is corporate confidential, then the company in which we work may suffer from illiteracy in this matter. Personal data must be protected, the only way you can save yourself from trying to hack the mail service.

Social networks and instant messengers

A user of social networks and applications for quick messaging is one of the frequent victims of hacking personal data. We hear stories every now and then about how intruders open the pages of our friends and acquaintances, we think that such a fate will definitely bypass us. If the account is not properly protected, an attacker can read your personal correspondence and perform other actions on your profile without much effort.

Smartphone Digital Theft

The phone can be stolen not only live, but also on a digital level. Upon learning access to your account on your smartphone, the hacker will manage your personal information for your personal purposes. No desire to share the secret with crackers? Then protect your personal data on social networks. On the Internet there are many educational videos, articles and other materials on this topic.

Well, let's say it leaked. What can do with my data?

For example, "steal a person." Start acting on your behalf, gain confidence in friends and relatives, ask them for money or services. If you have a username, phone number and email address, you can send him letters with malicious code or links to infected sites on behalf of friends or colleagues.

In the best case, information is used by spammers and advertising agencies. At worst, they sell confidential documents, use secret information for blackmail, and assign intellectual property and best practices.

How can I protect myself from this?

  • Use the main mail account for confidential correspondence, for the rest - one or more mailboxes, which are conditionally not a pity in terms of hacking. Indicate them in social networks and when registering in services. If such accounts are compromised, at least non-classified documents will leak.
  • Install two-factor authentication on the mailbox, if the service supports it. If not, create a complex password.
  • Check the settings for accessing documents with confidential information, delete unnecessary ones.
  • If you are afraid that money will be stolen from you, get a virtual card. She can be paid without revealing the name of the holder and details of the main card.
  • Keep your apps up to date.
  • Give rights to view and edit documents only to specific users. It is better to do this by invitation, rather than by reference.
  • Do not publish photos of documents, even tickets and payment checks.
  • Healthy paranoia does not hurt: check the spelling of the email address of the sender of the letter when clicking on the links from it, do not forget to periodically scan your phone and computer with antivirus, do not enter real personal data when opening bonus cards. If you really want to receive a birthday present from the cosmetics store, shift its date by a couple of days.
  • Use the About me service from Google periodically to control the amount of information published about you. You can learn a lot of new things if you check your inbox at HaveIBeenPwned.com.
  • Try not to use open Wi-Fi networks.

Mobile apps and games

Mobile app shortcuts filled the screens of our phones. What is there just: from counting calories and a fitness tracker, to financial applications and video editing. And among us there are many lovers to spend a lunch break playing a game on the Internet. Such an abundance of programs at the entrance asks for permission to determine your location or enter the calendar. Before agreeing on the machine, think about why the game needed such information. Remember that with a large number of applications your personal data must be protected.

Bank data

Payment for services and purchase of goods is very convenient to do using a bank card via the Internet. In a matter of minutes, you pay for the purchase of products in the online store, transfer money to the account of the travel agency for the upcoming trip, or send funds to a complete stranger from whom you decide to buy used equipment. Just like that, we give out information about our bank card to the right and left. When it comes to money, the question of why protect personal data does not arise.

Well, am I safe now?

Ahem, no. This is the case - even with all security measures, your data can still be compromised. If you delete all accounts, destroy documents and leave to live in the village without the Internet and a computer, information may leak from the databases of the companies whose services you used, government agencies and other sources beyond your control.

For example, the archive.org online archive has ignored robots.txt files since 2017. Unlike search engines, it works in the interests of users who must find the right materials even after the site stops working. And documents from the office software package leave temporary copies with the extension .tmp, from which you can restore the original file.

Do not give up. Follow at least the basic rules above, and you will greatly increase the level of protection of your data and reduce risks.

Unprotected Wi-Fi Point

It would seem that such a harmless and simple device as Wi-Fi can easily give out your personal data to scammers. They are vigilant everywhere, and even more so in open Internet access points. With the help of certain manipulations, attackers see your actions on social networks, websites and various services. Thus, they fix passwords to accounts.


How to protect your personal data on the Internet?

Your personal data must be protected, otherwise there will be many who want to hack e-mail, track your personal life through social networks and even find out the password to the bank card that you pay for purchases. We offer to figure out how to protect personal data: 6 reliable steps, what methods of protection exist and their application in life.

Two-factor authentication

The first step in protecting personal data is the username and password, but we have already found out that this method does not shine with reliability. Therefore, it is important to protect yourself at the second level. This can be done with the help of information or even devices that only you will have. The most common ones are SMS code, backup key and hardware tokens, the last little things are considered the most reliable, since this is a separate device. An SMS code arrives on your phone after a password has been entered. It is important here that your smartphone does not fall into the hands of scammers. In the event that the device is lost the backup key will be relevant, it is needed for emergency situations. If you choose tokens as two-factor authentication, then get ready to buy the device itself.

Password Managers to Help

How to protect personal data on the network? Of course, you can come up with complex passwords, instead of simple ones, such as the date of birth and mother's maiden name. But how much such a password is reliable is also a question. To facilitate the task, specialists created services - password managers. They generate codes for different sites and you, as a user, do not need to write data to a piece of paper, the program will do everything by itself and insert where you need it.

Control application access to your data

If there are many applications installed on your device, especially games, always pay attention to suspicious requests. Who wants to get personal information from you, what passwords require. When a lot of questions and doubts arise - give up such applications, replace them with more reliable ones.

Use a VPN while working with public Wi-Fi hotspots

It is convenient to use the distribution of free Wi-Fi in cafes and other public places. But do not forget that you need to protect your personal data from intruders. This can easily be done with the VPN service. It works as a traffic filter. Thus, fraudsters lose track and the likelihood of information leakage is minimized.

Link accounts to your phone

And finally, another way to protect data on the Internet. Let all the services important to you be tied to the active phone number. As soon as someone declassifies your password for entering a social network, online banking service or e-mail, a request will be sent to the smartphone to confirm the entry. So you will know that scammers are breaking into you.

Conclusion

We hope that after reading the article you have no questions left about how to protect personal data on the Internet. We warned you about the possible leak of information through social networks, payment by bank cards, via e-mail and other sources. They also talked about the best ways to protect against Internet scams. Remember, you can always find a video tutorial on the network how to protect your personal data on the Internet and step by step perform actions and thereby protect yourself from hackers.

Use secure messaging methods

SMS protocol is an outdated method of sending messages that is quite easy to intercept and crack. For this reason, by the way, double authentication is not the best way to protect data, because when you enter the password in the application or on the site, confirmation with the code is received by ordinary SMS. Because of this, the use of double authentication does not always have a positive effect. Instead of SMS, it is better to use instant messengers, but only those that provide an encrypted communication channel. An example of such a messenger is Telegram.

Do not use public networks

Connecting to free Wi-Fi means voluntarily transferring your data to unknown persons. Attackers can imitate the network of a restaurant, store or other organization that distributes free Wi-Fi, and when the smartphone is connected to the network, it will transfer data directly to their server. But if you think that using the mobile network you are safe, this is not so. Firstly, you voluntarily transfer all technical information to the operator. Secondly, almost always the connection is made using a channel not protected by encryption. And thirdly, vulnerability to IMSI-traps - devices that intercept voice and text messages. You can avoid this if you use a VPN, which is worth discussing in more detail.

Turn on VPN or TOR

VPN is not only a means of bypassing locks, as it is promoted from television screens, but services that ensure data security and anonymity. Using VPN services, you can protect both outgoing and incoming traffic, and on any network, even when connected to free Wi-Fi, when there is no absolute certainty that there is no possibility of interception of personal data. Modern VPN services offer convenient applications, even those who are far from high technology will understand their settings.

TOR also provides secure traffic with data encryption. In addition to secure access to sites, TOR also allows access to resources inaccessible to ordinary users with the .onion domain.

Turn off wireless networks when not in use

And we are talking not only about mobile connectivity and Wi-Fi, but also about Bluetooth, as well as NFC. The latter is generally better to include only when you are going to make contactless payment, since with the help of holes in NFC you can access the data of the smartphone. And using Bluetooth connectivity and methods such as bluejacking, bluesnarfing or bluebugging, you can directly access your smartphone.

Set permissions for applications and antivirus

Currently, there are many viruses for both Android and iOS, and there are several recommendations:

1. Download applications only from trusted sources. Even if this is a trustworthy forum, prefer the official store to it.
2. Do not give permission to suspicious applications. In the "Privacy Settings" menu on Android, you can disable some permissions, for example, not allowing access to multimedia files.
3. Install an antivirus. Well-known developers of computer security software, for example, Kaspersky Lab or Eset, release mobile versions of antiviruses that protect not only from viruses, but also from various hacking methods, as well as from spam.

Pay attention to application permissions. If the "Calculator" asks for access to the camera, then this should alert. In this case, it is better to choose an application that does not require access to multimedia files.

What to do if the data is still stolen?

If you want to remove information from public access and hold an attacker accountable, contact the territorial Roskomnadzor or the prosecutor’s office with a complaint. If you want to pay damages, contact your district court.

The publication and disclosure of personal data without the consent of its owner is an administrative offense. Hacking mail or social networks is a criminal offense.

In short, what should be remembered?

  1. The security of your data is not entirely up to you, but you can take precautions. Use strong passwords, as little as possible leave personal information, check your credit history and follow other points from the list above.
  2. If your data was published without your consent, hacked mail or social networks - contact the supervisory or law enforcement authorities.

How Yandex uses your data and machine learning to personalize services - read and watch YaC 2019.

Install VPN

A free VPN is rarely very good. Moreover, it can become a source of another problem - for example, selling personal data to advertisers. Metric Labs specialists studied the 20 most popular VPN applications on Google Play and the AppStore and came to the conclusion that most of them cannot be trusted. Many products offer no privacy protection. There are applications that openly write that they collect data and reserve the right to transfer it to third parties - but users do not know about it because they do not read the rules.

Paid VPN services do not sell user information, because reputation is more important to them. But if there is no trust in companies even when purchasing services, then there remains one more option - renting a foreign server and setting up a personal secure channel.

Do not trust public Wi-Fi networks

Social networks are dangerous. In April of this year, it became known that the personal data of users of the Moscow metro were in the public domain. But according to some, the vulnerability has existed for two years. According to the programmer Vladimir Serov, who discovered her, through the Wi-Fi network it was possible to find out the approximate age, gender, marital status, income level, frequently visited places and other confidential information.

In late October, Meduza talked about a free Wi-Fi network from the provider Maxima Telecom, which intentionally uses user data collection technology. The company sells the information to advertisers, who can, for example, see what places a person most often passes by and show him the relevant ads.

To avoid the drain of private information, refuse to use free networks. Clean the list of access points and leave only proven options - for example, a home network and Wi-Fi at work. You will have to travel in the subway without the Internet or have time to load pages at stations, while there is a signal for the mobile Internet to work.

Check your browser

In terms of the use of the browser and privacy policy, it is written that it collects user data. The resulting information is then passed on to advertisers who generate targeted ads. Cookies are used to collect data. In general, these are useful things that remember online settings, but some have only one goal - to monitor user activity.

Cookies are recommended to be cleaned after each session. You can solve the problem radically by disabling them in your browser settings, but this will negatively affect the operation of sites. Another solution is to use incognito mode. In it, the browser does not save to the log entries about the pages visited, however user actions are still registered on the sites and marked by the provider.

The safest way to protect personal data is to use anonymous browsers. The most famous is Tor, designed to maintain user privacy. It works with onion technology, which involves wrapping data in several layers of encryption and sending them through different nodes before the signal reaches the desired server.

Another example is Epic Browser. It automatically deletes all information after the session and eliminates the dangers associated with the operation of cookies, autocomplete forms and saving browsing history.

Use search engines that care about privacy.

Personalized search is a convenient thing, but its existence compromises the privacy of users. Search queries allow you to identify your identity through communication with your account or at least an IP address. In addition, search engines store location information using geolocation data and a selected region.

Another serious problem is the issuance of information to third parties for advertising purposes. There are no formal violations: targeting uses data that is not related to the identities of specific people. But sometimes search engines abuse technical capabilities and violate, for example, the right to privacy of correspondence to satisfy advertisers' requests. Only in 2017, Google stopped reading letters sent via Gmail - before that, the received information was used to select personalized ads.

To reduce the risk of collecting personal data and using search queries for advertising purposes, you can use systems that focus on privacy. The most famous example is DuckDuckGo, but there are other search engines: Search Encrypt, Fireball.

Beware of phishing

Most browsers have anti-phishing filters, but you should not rely on them only. To increase the level of security, it is necessary to use antiviruses with anti-phishing components that can catch the threat that the browser misses. The problem is that anti-phishing systems often rely on predefined blacklists. If the site you are visiting is entered into it, then protection is provided. There may be problems with defining new threats. There is another situation: sometimes browsers show a warning about a possible danger, but the user ignores it and continues to enter a bank card information for payment or an account password.

It is difficult to fight phishing because it uses social engineering and tries to trick the user. The main weapon against such attacks is the knowledge of their existence, which prevents the temptation to follow links with a promise of winning and forces you to carefully examine sites before entering personal data on them.

Follow the personal information you post on social networks

When creating profiles on social networks, people leave a variety of information about themselves: date of birth, place of residence, family ties, photos, phone number and email address. All this data can be used by attackers to attack - for example, sending personalized messages with phishing links. We do not urge to use only fake accounts, but caution will not hurt - it is not in vain that the same electronic tickets say that it’s not worth publishing them on social networks. People are sometimes too confident in their own safety.

Do not ignore system updates

System updates are not only new features, but also troubleshooting and vulnerabilities. Ignoring updates by the user plays into the hands of attackers. Updates have two problems: they appear at the wrong time and sometimes bring new errors. But you can’t completely abandon them. Errors are usually quickly fixed by developers, and an automatic timer system update will help to eliminate the inconvenience associated with downloading and installing the update.

The complete security of personal data is unrealistic to guarantee. But you can significantly reduce the risk of their unauthorized use, if you follow several rules:

  1. Install VPN.
  2. Create complex logins and passwords, keep them manager.
  3. Try not to use public Wi-Fi networks or access them through a VPN.
  4. Clean your browser or use anonymous web browsers such as Tor.
  5. Use search engines that do not collect personal data to personalize search results and target ads.
  6. Do not trust links in letters, do not click on obscure buttons.
  7. Use instant messengers that support end-to-end encryption.
  8. Keep track of what information you leave in the profiles of social networks.
  9. Install system updates.
It is necessary to monitor the security of personal data not only on the Internet, but also offline. The last vivid example is the detection of scans of documents in the public domain on the computers of the MFC “My Documents”. Visitors used the scanner to download copies to verify their identity on the State Services portal, and left the files on the hard drive. They had to be removed daily by MFC staff, but often they forgot to do it. At the same time, copies of documents could be printed by third parties and used to receive any services - for example, to arrange a microloan.

Technology development brings not only new opportunities, but also dangers. And we need to learn to live in a world where even toothbrushes connect to the Internet and transmit information about the owner, and advertisers are ready to buy any personal data in order to get a more accurate portrait of the audience.