June 1, 2020 | Devin Cook
Internet Privacy During The COVID-19 Pandemic
Now that many of us are spending more time online as we social distance at home, internet privacy and security is extremely important. There has been an uptick in cases of fraud and scams during COVID-19, as cyber criminals take advantage of new or unfamiliar users during these uncertain times. Here are some basic tips for how you may be navigating the world wide web these days.
Basics of Password Security:
- Do not use the same password across accounts! If someone hacks one, they will most likely try to hack them all.
- Passphrases of 6 words or more are the most secure form of password.
- To keep up with your many unique passwords, there are password managers online. 1Password and KeePass are recommended. There would be one password that you must remember and the rest will be remembered by the password manager.
- Security questions are not effective if they can be answered by Googling, looking at your social media, etc. It is best to lie as absurdly as possible on security questions, so that they cannot be guessed. Use two factor verification if you have a cell phone and if it is an option. If someone hacks your phone from an unrecognized device, the account will send a text to your phone to notify you, and stop the attempt.
Basics of Smartphone Privacy:
- Enable the lock screen! Either pin or pattern work, pin being more secure if 6+ digits. A pin of only 4 numbers could potentially be hacked within 6 months through a generator. A pin of 6 numbers or more would take thousands of years.
- iPhones have a security option built in which automatically chooses to enable Brute Force protection–making files secure after a brute force attempt at unlocking the passcode. Make sure it is enabled.
- Accessing websites through the internet browser on your phone (like Google Chrome or Safari) is more secure than using the apps, like Facebook. Apps often have permission to access files saved on your phone, which you can check through your settings on your device.
- Android devices have virus protection apps available such as Avast Antivirus, BitDefender, and Norton. iOS (the operating system for Apple devices) is more secure because it doesn’t release its source code to app developers, so you won’t need virus protection as much as you would on an Android device.
- iPhones have encrypted messages through iMessage with other Apple devices–but Android uses SMS for texting, which are not encrypted and are sent as plain text code. This means hackers could access these messages more easily. Whatsapp and Signal are encrypted messaging apps. Whatsapp is owned by Facebook, and metadata is not encrypted (time, date, who sent the message)
Basics of Internet Browsing Privacy:
- Cookies are what allow browsers to base ads off your internet browsing history. Each website and link you access through your browser will save this snippet of data, depending on how long your browser saves cookies or when you clear them. The code is saved for various functions–saving passwords, autofill, etc. to make browsing more user friendly. The same code is used to generate targeted advertising.
- There are extensions (Google Chrome has AdBlock, AdGuard for mobile devices, Privacy Badger) that can be added to your browser to block ads, and some are more effective than others. Some browsers track less of your browsing, such as Mozilla Firefox.
- There are other browsers that will essentially hide your location, your browsing history, and trick websites into thinking you’re in a different country–like Tor–making it highly effective for not being tracked.
- HTTPS Everywhere is a browser extension which forces a secure, encrypted connection to websites, every time. These work with popular browsers like Chrome, Firefox and Opera.
- Duckduckgo is a search engine that saves no information, and can be downloaded as an app to your mobile device
- Remember when checking your email to only open attachments from people you know and trust. Recently there has been a scam from “John Hopkins Center” with an Excel file that claims to take you to a map of current COVID-19 cases. It downloads malware that allows a fraudster to take control of your computer through Remote Access, and they can then essentially hold your computer hostage for money. Avoid attachments from unknown email addresses!
The Electric Frontier Foundation often partners with libraries to help spread the word on internet privacy and protection, and has tons of great resources for all types of internet users, from beginners to digital natives. This includes updates on the constantly changing world of digital privacy, as well as a guide for avoid phishing and malware attacks.
The internet is constantly changing and so it is always good to stay up to date and informed on popular internet scams so that you know what threats to look for. As always, if you have any questions or need tech assistance, the library is here to help.