Hey everyone, and welcome to another deep dive. Today. We're going to get into some of the nitty gritty of keeping ourselves safe online, you know, building those digital defenses.
Yeah, like a digital fortress exactly.
Our source material today is personal digital security, protecting yourself from online crime, and we're going to arm you with the knowledge to protect your data and privacy online.
Think of us like your cybersecurity guides.
Perfect. So let's get started with the foundation of our digital fortress, the operating system. And I have to admit this was a bit of a shocker to me. Thousands of hackers are constantly scanning for vulnerable computers. It doesn't matter if it's Windows seven or ten.
Nope, they don't discriminate.
So how do we lock down our os?
Regular security patches are key, even on brand new computers. Think of it like keeping your software up to date. Most versions of Windows can handle this automatically.
That's good to hear, But to be sure, how can listeners double check that everything is set up properly?
So for Windows seven, go to the store button, than control panel, then Windows Update, click on change settings and make sure all the boxes are checked for automatic updates.
And for Windows ten.
It's similar head to settings, then update and security, and finally Windows Update ensure those automatic updates are.
Switched on GOTA. So that's our OS taken care of. But is that enough?
Yeah?
I feel like we need more layers of protection.
Yes, you're right, Securing your OS is like having a strong front door, but you also want a security system for that extra piece of mind.
Okay, makes sense. So what are our options for building this digital security system.
Well, first, you probably already have Windows Defender, especially if you're running Windows seven or Vista. It's probably active in the background right now as we speak.
Like it's silent Guardian exactly.
Yeah, but we want to bolster that. We need some serious anti virus software. And the good news is you don't have to spend a fortune. There are great free antivirus solutions out there.
Really are they really as effective as the baid ones?
Though, absolutely, especially if you can figure them properly. The key is keeping them updated. Outdated antivirus software is like wearing a bulletproof vest with holes in it. Not very effective.
Okay, that's a pretty vivid image and a little scary. So updated software it is anything else we should be aware of.
Yes, don't fall into the trap of thinking more is better. Having multiple antivirus programs running at the same time actually does more harm than good. They can conflict with each other, slow down your computer, and even create security gaps.
So one good one and keep it updated. Got it, but hold on a second. Besides antivirus, what other tools are out there that can help us fortify our defenses?
Think of these as our specialized security units. First up, we have cea cleaner. This is great for cleaning up temporary files and Internet history. It's like decluttering your computer, which improves performance and protects your privacy.
So it's good for both security and just general digital hygiene exactly.
Then we have malware bites. This is the heavy hitter. It tackles a wider range of threats like viruses, worms, trojans, rootkits, hoole works.
So if Seacleaner is the cleanup crew, malware bytes is like our special forces unit. This is starting to sound like a digital action movie. What else we get?
Our final secret weapon is Spybot. Spybot is excellent at detecting spyware and adware. These sneaky programs try to track you and steal your information. And they often slip past traditional antivirus software.
So spybot is our undercover agent. Okay, so we've got our OS updates, a solid antivirus program, and this trio of specialized tools, seacleaner for cleanup, malware bytes for heavy duty protection, and spybot for those sneaky spies. But how often should we be running all of these?
A good rule of dumb is to run everything once a month. It's like a regular security checkup. It ensures your system is clean, protected and running smoothly.
Easy enough. Now, you mentioned programs that try to steal information, which brings us to a topic I've always found a bit unsettling infected computers. Specifically, let's talk about rit's remote access trojans. It sounds ominous and it is.
Imagine someone having complete control over your computer, stealing your data, spying on you, even wiping your hard drive. That's the threat of RIT. Wait they could do all that, Yeah, it essentially gives the attacker a backdoor into your system.
How would they even get an RIT onto my computer?
Well, A lot of times it's through things like phishing emails, malicious websites, or even downloads that look harmless you might think you're getting a cool new game or something, but you're actually letting an rat in.
It's like unknowingly inviting a thief into your house. Yeah, but you said they can do some disturbing things. Can you give us some specific examples.
Well, one thing they can do is lock you out of your computer. You go to log in and suddenly your password doesn't work, or you try to open a file and it's gone or encrypted.
So it's not just about stealing data, it's about disrupting our digital lives as well.
Right, and then of course there's the data theft itself. Bank accounts drained, credit cards maxed out, social media taken over all because RITI was recording your keystroe and stealing your passwords in the background.
This is getting a bit too real for my liking. Are there any warning signs that we've been hit with an rat?
Sometimes? Yeah, you might notice your computer slowing down, programs crashing more than usual, or strange network activity. Maybe you see files or programs you didn't install, So.
Keep an eye out for anything out of the ordinary. But let's say the worst happens and our computer does get infected. What can we do.
First thing? Disconnect from the Internet immediately. This stops the attacker from having further control. Then run a full scan with your anti virus and malware bytes.
Okay, good first steps, but what if they've already stolen data?
You need to change your passwords for everything, especially banking and financial accounts, and contact your bank and credit card companies to report possible fraud.
It's like a digital disaster recovery plan. But you know you mentioned ats can be used for more than just malicious attacks. What did you mean by that?
Believe it or not, Sometimes riturs are just pranks, maybe from a mischievous friend. Imagine your screen flipping upside down, your CD ROM tray opening and closing on its own, or your mouse button switching.
Okay, that's more annoying than terrifying. Yeah, but it shows how much these programs can do. But let's get back to the serious stuff. We can't talk about infected computers without discussing ransomware.
Ransomware is the digital equivalent of kidnapping. It holds your data hostage, encrypts it, and demands payment for the decryption key.
The book shows a picture of a ransomware website, and it is chilling. It looks like a legitimate business.
Yeah, it can be unsettling. They use scare tactics and threats to pressure you into paying. But the thing is, even if you pay, they might not actually give you the decryption key.
So prevention is key. We've talked a lot about software protection. What about the physical security of our computers.
That's something people often overlook. You could have the best digital defenses in the world, but if someone steals your computer, or even just your hard drive, all that software protection.
Won't help, especially in shared workspaces. Easy to let your guard down.
Exactly, and one of the most common threats, believe it or not, comes from USB drives. The book has a story about a penetration tester who used a simple trick to breach even the most secure networks.
Wait, it's a penetration tester.
It's an ethical hacker hired by companies to find security weaknesses, like a security check up for your digital fortress.
Okay, I get it. So what did this penetration tester do with USB drives?
He would leave a USB drive labeled reward if found somewhere out in the open, like in a parking lot.
And I'm guessing a lot of people plug them in.
Oh yeah, who wouldn't want to return a lost drive and get a reward? But these drives were far from harmless. They contained a program that would automatically run when plugged in. It would open up a terminal window with a message like one hundred dollars reward if found, Please email Jim Williams Dooja at gmail dot com with your name and where you found the drive.
Oh wow, that's clever, So it seems completely legitimate. What's the catch?
Well, while the person is typing that email, the program is silently stealing their passwords and sending them to the penetration tester's email account. The whole thing from plugging in the drive to the passwords being sent took about thirty seconds.
Wow. So not only does it steal your passwords, but it uses your own email to send them exactly.
The author of the book even uses his real email address in the example to show how convincing it can be.
I'm never looking at a USB drive the same way again. So the takeaway here is don't plug in random devices, especially not at work. You never know what they might contain. Now, thinking about these USB tricks and sneaky programs. Leads to another question, what about keyloggers.
Ah, keyloggers the silent spies of the digital world. They can be hardware or software, and both are equally concerning. So hardware keyloggers we're talking about like a little device that sits between your keyboard and your computer.
R Yeah, like some sort of secret recording device.
Yeah, you got it. They're small and they log every keystroke. But to install one you need physical access to the computer, so they're not as common as software keyloggers.
Okay, so software keyloggers those are the ones that really watch out for. But how would you even know if you had one in your computer?
That's the scary part. They can be completely invisible, silently recording everything you type, emails, passwords, credit card numbers, private messages, literally everything.
Okay, now that is creepy. The book actually shows some visuals of what a keylogger can capture. Figures one point one five and one point one six show a normal email and then the text file created by a keylogger with every single letter and number. It's a lot of sensitive information. So how do these things even get onto our computers?
A lot of times it's through drive by downloads. You visit a website, maybe one offering free stuff, but hidden in that download is a keylogger that installs itself without you ever knowing.
So those two good to be true offers often are. But is there anything we can do to protect ourselves from these keyloggers?
Yes, thankfully. Remember those tools we talked about earlier, malware bytes and spy I bought. They're really good at detecting and removing keyloggers. That's why having multiple layers of security is so important, like.
Having a digital security guard always on the lookout. Okay, I gotta ask about Max. Are they immune to all this stuff or are they just as vulnerable as Windows.
Max are generally considered to be more secure, but that doesn't mean they're invincible. They can still get viruses in malware just like any other computer. The difference is the number of threats targeting MAX is way lower compared to Windows.
Can you quantify that difference? Like, what are we talking about here?
The book says there was something like twenty to thirty Mac attacks per year compared to a whopping sixty five thousand Windows attacks per day.
Wow, that's a massive difference. I know you mainly use Windows machines for your work. But have you ever had a virus on a Mac?
Actually? Yeah, but it was on purpose. I was doing research on a specific Mac virus and I wanted to see how it worked firsthand. In that case, it was super easy to get rid of. I just deleted the file and that was it.
So MAX might be a little safer for basic browsing and email. Well, but it's still important to be careful. But regardless of what operating system you're using, strong passwords are absolutely essential, right, Absolutely.
A strong password is your first line of defense against any hacking attempt. And I don't mean password one, two three or your dog's name.
Yeah that those are basically an open invitation for hackers. So how do we create passwords that are both strong and memorable, because with all the accounts we have these days, it's impossible to remember a bunch of complex passwords.
The book has a good suggestion. You can build a strong password around a word you already know. Like let's say the word is Apple. You could make a strong password by adding some capital letters, special characters, and numbers, something like apple at twenty thirteen three would be really hard to crack.
That's a great tip. It's way easier to remember if you start with a familiar word. But even with tricks like that, managing a ton of different passwords is a pain. I mean, who can keep track of all that?
That's where password management tools come in handy. They're like digital vaults that store all your passwords securely and make them easy to access when you need them.
So it's like a master key for all your online accounts exactly.
There are two popular ones, key Pass and last Pass. Key Pass stores your passwords locally on your device, so if you're worried about privacy, that's a good option.
So your passwords stay under your control, you don't have to trust the third party with them. What about last pass?
Last pass is a little different. It has a free version for your desktop and a paid version for like twelve dollars a year. With the paid version, you can access your passwords from your phone, and it supports ubikey, a hardware device for two factor authentication.
That's a good point. Speaking of security risks, what about auto saving passwords in web browsers. I'll admit I love the convenience, but it always felt a little risky.
You're right to be cautious. Especially on public computers. Auto saving passwords on a public computer is basically giving anyone who uses that computer after you access to your accounts. There's actually a software mentioned in the book called web browser Passview, and it can show you all the safe passwords and a browser instantly.
So anyone could get into my bank account, my social media everything just like that.
Yep. The author even talks about how he's found saved passwords on computers in hotel business centers. It's scary how easy it is.
Okay, I'm definitely rethinking my password saving abbots. So convenience should not come at the cost of security exactly.
It's a simple setting to change too. The book actually lists the steps for how to disable password saving and all the major browsers Chrome, Firefox, Safari, even Internet Explorer.
Okay, I'm adding that to my to do list.
Yeah.
So we've talked about creating strong passwords and protecting them, but what happens if someone tries to crack our passwords using some brute force method? Is that even possible?
Unfortunately? Yeah, it is. There are password cracking tools out there like offcrack that are used by forensic investigators, but they can be used by hackers as well.
Off crack That sounds intense. What is it and how does it work?
It uses something called rainbow tape, which are basically pre computed tables of password hashes, So instead of trying every possible combination, offcrack can just compare hashes, which makes it much faster at guessing passwords.
So the stronger and more unique our passwords are, the better.
Exactly. The free version of offcrack is limited and it usually can't crack passwords with special characters, but the paid versions are more powerful, So that's why it's so important to use a strong password structure like the one we talked about earlier.
Strong Passwords Check. Now, let's move on to email security. Email is connected to so many other online services, and it seems like a prime target for attacks, don't you think.
Yeah? For sure, attackers know that our email accounts hold a ton of person and information, and they're often the key to accessing other accounts. That's why phishing attacks are so common.
Fishing that's when someone pretends to be a legitimate company or organization to trick you into giving them your information, right.
Exactly like those emails that say your account has been compromised or there's a problem with your order, and they're getting really good at making them look official. The book has some examples, and they're scary how convincing they look.
So what should we be looking out for. What are some red flags?
Well, one thing is unsolicited emails about fraud or account problems. Be wary of anything that's trying to create a sense of urgency or panic. Also, look closely at the website address. If it's even slightly different from the real one, that's a red flag, like if you see Bankofamerica dash security dot com instead of just Bankofamerica dot com. Or sometimes they'll use a string of numbers that looks like an IP address instead of a normal website name.
So it's those little details that can trip us up anything else.
Also, be suspicious of emails that ask for a ton of personal information. If they're asking for your social Security number, your beta birth, your mother's maiden name, all that stuff.
Be very careful, and we should never respond to email requests for information from financial institutions right right.
If you get an email that seems suspicious, the best thing to do is contact the company directly through their official website or phone number, don't click on any links in the email.
Okay, good. So let's say our email does get hacked. What could happen?
Well, hackers aren't always just interested in your emails. They often want to use your email to access other accounts, like your bank account, your social media, online stores, even your other email accounts.
It's like losing the keys to your entire online life exactly.
The book actually describes the scenario where a hacker gets access to an email account and immediately starts searching for keywords related to banks and online stores. It shows how targeted these attacks can be.
And I'm guessing that stolen information has real monetary value.
Oh yeah, for sure. The book mentions this guy Brian Krebs, a cybersecurity journalist who reported on the prices for stolen accounts on the black market back in twenty thirteen. The list included prices for all sorts of accounts like iTunes, FedEx, United Airlines, group on, even Facebook accounts.
Wow, it's crazy to think that even seemingly unimportant accounts could be valuable to hackers.
Right, and social media accounts are especially vulnerable because we tend to trust them. The book shows a picture of a fake Facebook notification email designed to steal your login information and it looks so real.
So those messages that say our account has been hacked or we need to confirm our password, those are often just phishing attempts in disguise.
Yeah, exactly. And it's not just emails either, fake friend requests, links to quizzes and games, messages that say you've been tagged in a photo. They can all be used to trick you into clicking on something or giving up your information.
It's a digital jungle out there, and it's not just those direct attempts either. We also need to be careful about file attachment attacks.
Right right, attachments can be a way for hackers to deliver malware, and they're getting really good at disguising those attachments. They might look like a stand document, a traffic ticket, a notification about a package, anything that you might be curious about or worried about.
So what opening and attachment could basically unleash a virus on your computer?
Yeah pretty much. Zip files especially are known for having malware in and inside, so super careful about opening any attachments, especially if they're unexpected or from someone you don't know.
It sounds like being skeptical and verifying everything is our best defense.
Absolutely, pay attention to website addresses, don't click on links and emails you weren't expecting, and if something seems off, always trust your gut and double check it.
Good advice. So we're building up a pretty solid defense here. But are there any other ways to protect our accounts?
Yes, there's something called two factor authentication or two FA for short, and it's super helpful. Basically, it means you need two things to log into your account, your password and a code that's sent to your phone.
So even if someone steals my password, they still can't get into my account without that code.
Right. It's like a double lock on your digital door.
That's a great analogy. Is two FA widely available?
Yes, most online services offer it now, including Google, social media sites, email providers, and banks. The book uses Google's two FA system as an example, and it's a good one. It's really easy to set up and it can make a big difference.
Hey, I'll definitely look into that.
Yeah.
So we've covered a lot about digital security, but now I want to talk about data. Our personal data is one of the most valuable things we have online and we need to protect it.
One hundred percent, and that's why backing up your data is crucial. Everybody needs to have a copy of their important data stored somewhere safe. Think about it, what would you do if your computer crashed or got stolen.
It would be a nightmare. All my photos, documents, everything gone.
And it happens more often than you think. Hard drive failure is inevitable. It's not if it's going to happen, it's when. Having a backup is like having insurance for your data.
So what are our options for backing up our data?
Well, there are a few different ways to do it. There's on site backup, off site backup, and cloud storage backup.
Okay, break those down for me.
On site backup is the simplest option. It's basically using an external hard drive or USB drive to store a copy of your files. The book recommends a program called free Filesync, which makes it super easy to keep your file SYNCD between your computer and your extern drive.
It's like a supercharged copy and paste.
Pretty much. Off site backup is storing a copy of your data in a different physical location like your office, a friend's house, or even a safe deposit box. This protects you in case something happens to your home like a fire or a break in, So.
It's a backup for your backup exactly.
And finally, cloud storage backup involves using online services like Carbonite, which automatically back up your data to their servers. It's convenient because you don't have to worry about managing it, and you can access your data from anywhere.
So we've got options depending on our needs and comfort level. The important thing is to choose a method and stick with it, back up your data regularly. And what about data encryption?
Encryption is a really good way to protect your data. It's like putting a lock on your data, so even if someone gets their hands on your device or backup drive, they can't access your files without the key.
Encryption always seemed like something only spies or people with something to hide would use.
A lot of people think that, but it's for anyone who wants to keep their information private. It doesn't matter if you're a student protecting your schoolwork, a photographer with a collection of photos, or a business owner with sensitive customer data. Encryption can help.
Okay, I'm convinced. What tools do you recommend for encrypting data?
The book recommends true crypt. It's a free program that lets you create what's called an encrypted container on your hard drive or USB drive. You can think of it like a virtual safe for your most important files.
Is it easy to use?
The book walks you through it step by step. The author uses his own personal setup as an example. It might seem a little complicated at first, but it's pretty straightforward once you get the hang of it.
Okay, true crypt it is. Now let's talk about data recovery. Is it true that deleted files can be recovered.
Yes, it's true. Even if you empty the recycle bin or trash, those files aren't actually gone. They're still there on your hard drive and they can be recovered with special software.
Wow. So even if we think something is gone forever, it might not be. That's a little unsettling. What can we do about that?
There's a technique called wiping free space, which overwrites the deleted parts of your hard drive with random data. This makes it much harder, almost impossible, to recover those deleted files, So.
It's like digitally shredding your old documents exactly.
The book recommends a program called Sea Cleaner for this, and it's free. It's really good at cleaning up temporary files and internet history, and it also has a drive wiping feature.
C Cleaner is turning out to be a pretty versatile tool. Yeah, now, what about when you want to get rid of a computer or hard drive completely? Is wiping free space enough in those cases?
No, if you're selling, donating, or throwing away a computer or hard drive, you need to wipe the entire drive to make sure all your data is gone. The book recommends dban for this. It's a free tool that will completely erase everything on your drive.
So it's like giving your hard drive a factory reset.
It's even more thorough than that. It's the most secure way to get rid of your data and make sure it doesn't fall into the wrong hands.
Okay, that's good to know. We've talked a lot about protecting our own devices in data, but what about data that's already out there online? Can our information be leaked even if we don't get hacked.
Yes, that's definitely a concern. Account breaches happen and sometimes huge amounts of data are stolen, and these breaches can happen to anyone, even big, well known companies.
So it's not just about protecting ourselves from hackers. We also have to be aware of the companies that hold our data exactly.
The book suggests a few ways to check if your online data has been exposed. You can use Google to search for specific file names, or search within websites like Dropbox or Google Drive. You can also create a unique test file and see if it shows up intell results.
So we can be proactive about finding potential leaks. I like that, Yeah.
Absolutely. The book also talks about something called paste websites where stolen data is often shared publicly. One example is paste a bin. You can actually search those sites to see if your information has been compromised in a data breach.
That's a little scary. Is like looking for your digital self in a dark corner of the Internet.
It can be, but it's important to be aware of these things. The author actually created a custom search engine that searches multiple paced websites at once, and it's on his website, computercrimeinfo dot com.
Okay, I'll have to check that out. Now. I want to shift gears a bit and talk about document metadata. What is metadata and why is it potentially dangerous?
Metadata is basically hidden information about a file It's not something you see when you open the file, but it can be extracted using special software. You can think of it like a digital fingerprint for a file. It can reveal all sorts of things about the file's history, like who created it, what computer it was created on, when it was created, even the location where it was created.
So even an innocent document like a resume or a research paper could contain sensitive information in its metadata.
Yeah, exactly. The book shows an example of a PDF document and it highlights all the hidden data that's in there. It's pretty eye opening.
So how could this metad data be exploited?
Imagine you send a proposal to a competitor, and without knowing it, you're also sending them your company's network structure, the names of everyone who worked on the proposal, and even what software you used to create it, all hidden in the metadata.
Okay, that's not good. So how can we scrub this hidden data from our documents?
There are a few things you can do. Some programs let you remove metadata manually before you share a file. You can also convert the file to a different format, like turning a word doc into a PDF, which can sometimes strip away some of the metadata. But The best way is to use a tool specifically designed to remove metadata. There are a bunch of options out there, both free and paid.
Okay, sounds like metadata removal is another tool for our digital toolkit.
Now, let's step outside the digital world for a moment and talk about identity theft. It's a scary thought for a lot of people. What are some basic things we can do to protect ourselves. One of the most important things is to secure your sensitive documents. Shred anything that has personal information on it, like old bank statements, credit card offers, anything with your social Security number on it, and keep important documents locked up either in a file cabinet or a safe deposit box.
So it's all about minimizing the opportunities for someone to get their hands on our information. But what about monitoring for suspicious activity? What should we be doing there?
Check your bank in credit card statements regularly, and get your free credit reports from each of the three credit bureaus Equifax, Experience, and TransUnion at least once a year. You can get those for free at annual credit report dot com.
Okay, so be vigilant. What about those preapproved credit card offers we get in the mail? So tempting to just throw them away.
You can actually opt out of those preapproved offers, which is a good idea for two reasons. One it reduces the amount of junk mail you get and two it makes it harder for thieves to get their hands on your information. You can opt out online at opt out prescreen dot.
Com Less junk mail. I'm all for that. Now, what about fraud alerts for those can be helped for preventing identity theft?
Yeah, they can. A fraud alert basically puts a flag on your credit report. It requires lenders to take extra steps to verify your identity before they give you credit. This makes it a lot harder for someone to open fraudulent accounts in your.
Name, so it's like putting a roadblock in front of identity thieves exactly.
There's a ninety day fraud alert that you can put on your account, and you can renew it indefinitely, and if you've actually been a victim of identity theft, you can get an extended fraud alert that lasts for seven years.
Fraud alerts sound like a useful tool. Are they fool proof? Though?
Unfortunately not really. A really determined criminal can still find ways around them. The most effective way to protect yourself from new accounts being opened in your name is to put a credit freeze on your account.
Okay, credit freeze, tell me more about those.
A credit freeze basically locks down your credit report. Nobody can open new accounts until the freeze is lifted, not even you.
Wow.
Sounds like a padlock on your credit exactly, And the best part is it doesn't affect your existing account or your credit score.
Sounds like a powerful way to protect yourself. The book mentions that there are different laws about credit freezes in each state.
Right, you'll want to check the laws in your state and with each of the credit bureaus.
Definitely something to look into. Now, let's talk about credit cards. What are some practical ways to protect our credit card information.
The first thing is to try to limit how many credit cards you carry around with you only take the ones you absolutely need. The book also recommends making a list of all your credit card accounts with the account numbers and the contact info for each card's fraud department, so if.
Your wallet gets stolen, you've got all that info handy exactly.
And you also want to be aware of credit card duplication. That's when someone creates a fake card using stolen information.
How do they steal the info in the first place.
Phishing emails and websites are one way, but they also use something called skimming, where they put a device on an ATM or a card reader to capture your information when you swipe your card.
It's like a high tech version of pick pocketing.
Yep. The book has some pictures of these skimming devices, and they're really small and hard to spot.
So we really need to pay attention to those card readers, especially at gas stations and ATMs.
Absolutely, and if anything seems off about the card reader, don't use it. It's better to be safe than sorry.
Good advice. Now, what about those big data breaches we hear about the ones where hackers break into a company system and steal tons of credit card numbers.
Those are a big concern. Hackers are always looking for weaknesses in point of sale systems and they can steal a ton of information really quickly, like the Target breach a few years ago that was huge.
It makes you realize that your information is at risk even when you're making legitimate.
Purchases exactly, and it's not always the retailer's fault either. Sometimes they have outdated systems, weak passwords, they're not installing security updates, that kind of thing.
So everyone has a part to play and keeping things secure. As consumers, is there anything we can do to protect ourselves from these data breaches?
Paying with cash is always the safest bet, and if you're shopping online, it's safer to use a credit card than a debit card. Credit cards have better fraud protection.
Good tips. Now, I've heard about something called virtual credit cards. What are those and are they more secure?
Virtual credit cards are basically temporary credit card numbers that expire after one use. They're good for online shopping because you don't have to give out your real card number, especially on sites you don't totally trust, or if you're signing up for a free trial that you might forget.
To cancel, so it's like a burner credit card exactly.
City and Bank of America both offer virtual card services.
That's good to know. What about pre paid credit cards? Are those a good option for online security?
They can be. They don't require a credit check or any personal information, so they can offer some anonymity. They're good for online purchases if you don't want to give out your real card info. American Express has some decent prepaid card options.
It's kind of like digital cash in a way.
Yeah, but it's important to note that there are fees associated with prepaid cards.
We've talked a lot about computers and phones, but so many other devices are connected to the Internet. Now are those at risk too?
Oh? Yeah, definitely. We've got copy machines, printers, TVs, cameras, smart thermostats, even refrigerators all connecting to the Internet, and a lot of them have default passwords or weak security measures, which makes some really easy targets for hackers.
So it's not just our computers and phones we need to worry about, right.
The book talks about something called Google hacking, and it basically means using Google to find vulnerable devices online. It's surprisingly easy. For example, you can find tons of devices with default passwords just by searching default password on Google.
I never would have thought of that, But if Google can find those devices, can hackers too.
Definitely. There's actually a special search engine called showdan that specifically for finding Internet connected devices, so it's.
Like a map of all the devices on the Internet.
Yeah, pretty much, and it can show you all sorts of things like live feeds from unsecured webcams and devices with easy to guess passwords.
Okay, that is creepy. It makes you realize just how connected everything is these.
Days, it really does, and it shows how important it is to secure all your devices, not just your computer and phone.
Speaking of devices, what about home automation systems and alarm systems. Those are really popular these days. Are they safe?
Well, a lot of them aren't as secure as they should be. They can often be accessed remotely, sometimes even without a password, and that could give someone control over your alarm system, your security cameras, your thermostat, even your lights.
So our smart homes could actually be pretty vulnerable.
Yeah, it's a real risk. The author of the book actually talks about how he was able to connect to a bunch of unsecured home automation systems, including one in Decatur, Illinois. He could see the live camera feeds, control the alarm system, and adjust the thermostat.
Sounds like something out of a sci fi movie.
I know, right, it's pretty wild. So it's super important to secure your home automations with a strong password and keep the software updated.
Okay, good, advice. Now, we've talked about securing our own devices and data, but is there any way to check if our information is already exposed somewhere online? Can we proactively search for our own vulnerabilities?
You can? The book says you can try searching Google and showdown for your IP address, your business name, or even your GPS coordinates. You might be surprised what you find.
It's like doing your own digital security audit.
Exactly, and if you find anything suspicious, you should report it.
Okay, I like that be proactive. Yeah. Now, let's talk about wireless network security. It's something we use every day, but it's also a potential security risk, isn't it.
Absolutely? An unsecured wireless network is like leaving your front door wide open. Anyone can connect and potentially access your devices and your data. The book tells a story about a young woman who was being harassed online, and it turned out the harasser was using her neighbor's unsecured Wi Fi to access her information.
So we need to be careful about not only our own network, but also any networks we connect to, especially public.
Wi Fi exactly. So things like changing your router's default name, enabling WPA or WPA two encryption. Those are really important, so.
Building a fence around your wireless network.
Right, and of course, using a strong, unique password is essential. The book shows some examples of how easy it is for people to accidentally expose their Wi Fi passwords, like in TV interviews and concert videos.
Oops. It's a good reminder to be mindful of where our passwords are visible.
And you should think about turning off your wireless router when you're not using it. It's an extra layer of security.
Okay, I'll admit that one's a little tough for me.
Yeah, I get it. Sometimes you need your WiFi on all the time. It's about finding a balance that works for you. But let's dive into public Wi Fi. It's super convenient, but it comes with its own set of risks.
It does feel a little risky connecting to a network you know nothing about. It makes you wonder what could be lurking out there.
You're smart to be cautious on public Wi Fi. You don't have control over the network security. Someone could be eavesdropping on your connection. The book explains a type of attack called a man in the middle attack, where the attacker intercepts the data going between you and a website.
So it's like someone's listening in on your Internet conversation exactly.
The author even describes how he did a man in the middle attack in a college classroom and he was able to capture students' data.
That's a little freaky. Makes you think twice about what you do on public Wi Fi, definitely.
And then there are fake Wi Fi networks. These are set up by attackers to look like legitimate networks and they trick people into connecting.
So you think you're connecting to the airport's free Wi Fi, but you're actually connecting to a hackers network yep.
And there are tools you can buy online to create these fake networks, like something called a Pineapple router. It's basically a portable device that can be used to set up a fake Wi Fi hotspot.
Wow, that's scary. So even a Wi Fi network that looks legitimate could be a trap.
It's possible. That's why it's so important not to send any any sensitive information over public Wi Fi, like passwords or credit card numbers. And if you do have to use public Wi Fi, make sure the website you're on is secure. Look for HTTPS at the beginning of the web address and a little padlock icon in the address bar.
So those are signs that the connection is encrypted exactly.
And you might also want to consider using a VPN.
What's a VPN again?
It stands for Virtual Private network and it encrypts all of your Internet traffic, even on public Wi Fi. It's like having a private, secure tunnel for your data.
Got it? VPNs, hgtps and padlock icons. Check. Now, let's shift gears a bit and talk about something that's especially important for parents, Keeping kids safe online.
That's a big one, and the best place to start is by talking to your kids about online safety. Talk to them about the risks of sharing personal information, the dangers of online predators, and the fact that anything they do online can stay online forever.
It's about teaching them to be responsible digital.
Citizens exactly, and also be aware of It's a serious issue, and the book has some advice for parents on how to talk to their kids about it and what to look out for.
I know some parents monitor their kids online activity. What are your thoughts on that.
It's a tough one. Monitoring can be helpful, but you have to do it responsibly and respectfully.
It's all about finding that balance between safety and privacy. Right.
The book shows you how to access your kid's browsing history in different web browsers, but it also points out that kids can delete their history or use private browsing.
Modes, so it's not foolproof.
Nope, that's why open communication and setting clear boundaries are so important.
What about monitoring kids online accounts instead of just their devices?
That can be more effective. Sites like Facebook and Twitter are where a lot of kids online activity happens. The book actually has whole sections on how to find and monitor your kids Facebook and Twitter accounts. It goes into how to use search techniques, how to adjust privacy settings, and even how to use third party tools like tweet deck for real time monit.
So it's like having a window into your kid's social lives, but we need to use that information responsibly.
Absolutely, Parental monitoring should be about keeping kids safe, not spying on them.
Okay, good point. Before we finish up today, I want to circle back to something you mentioned earlier. Username search engines. They sound like a really useful tool, especially for parents who are trying to see what their kids are up to online.
They can be There are a lot of different ones out there, no m is a good one. It searches for usernames across a huge number of websites, and it can even tell you if a username is available, which is helpful if you're trying to figure out if someone has an account somewhere.
So if the usernameis available, that's a signed to look a little deeper exactly.
And then there's namic, which is more visually focused. It shows you a bunch of social media sites and whether the username is taken on each.
One, so it's a quick way to see where that username pops up right.
And if you want links to the actual profiles, there's check Usernames. It searches fewer sites, but it gives you direct links to any accounts.
So it's more about getting to the point yep.
Now, if you want to go beyond social media, there's pitbull. It searches for usernames across a ton of different websites and tries to gather more information about the person, like their age, location, employer, and stuff like that.
So it's not just about finding accounts, it's about building a whole profile exactly.
And if you're specifically interested in blogs, Google blog search is a good one. You can search for keywords or names within blog posts, and it can help you find personal blogs that might give you more information about someone.
It's like a window into someone's thoughts and experiences.
Right. And finally, if you want to keep track of new content related to a specific name or keyword, Google Alerts is amazing. It sends you email notifications whenever something new is published online that matches your search criteria.
So it's like having a personal assistant who's constantly scanning the Internet.
For you exactly. But it's super important to remember that all these tools should be used ethically and responsibly. Parental monitoring should be a about protecting kids, not invading their privacy.
I completely agree. It's all about striking that balance between safety and respect. Right.
And one last thing I want to emphasize is that kids need to understand that anything they post online, anything they share, anything they comment on can potentially stay online forever, even if they delete it. It's like a digital footprint that's really hard to erase.
It's a good point. We all need to be mindful of our digital footprints, not just kids.
Absolutely Well, that about wraps up our deep dive into personal digital security. Protecting yourself from online crime. We cover it a lot of ground today, from securing your devices and data, to avoiding phishing scams, to protecting yourself on Wi Fi networks, to keeping your kids safe online. We've given you a lot to think about.
It's been a really informative discussion and I feel much more equipped to navigate the digital world safely and protect my information. Thanks for sharing your expertise.
You got it my pleasure, and remember the key to staying safe online is to be informed, be proactive, and be vigilant. Stay safe out there, every one.
And to our listeners, thanks for joining us for another deep dive. We'll see next time.