Here is what I do to remain safe on (and off) the Internet

I take my Internet safety and privacy very seriously. I live on a fairly limited fixed income, so I consider anything that has the potential to affect my available resources to be very important. Getting hacked, or having my identity stolen could have very serious consequences for me even though I don't have much to get got. Here are some of the steps I have taken to protect myself, online and off:

I have enabled 2FA on all my Internet based accounts that support it. For those accounts that do not yet support 2FA, I have a few alternate email accounts (one for each Internet account that does not support 2FA, also with 2FA enabled) for the account's 'username'.

I use Windows 11 with a 'password-less' Microsoft account (using the Microsoft Authenticator App on my mobile phone) and a Bio-metric scanner (backed up with a pin) for log in purposes. My Windows installation's security is hardened by enabling Ransomware protection, so even if some miscreant manages to drop some malware on my system (or even in memory), I will receive a notification that an unauthorized access attempt has been detected, and that I must provide authorization for the app/process that was blocked.

To further harden my system, I have enabled 'Memory Integrity' in Core Isolation details under Device security in the Windows Security dashboard. If you want to know more about Memory Integrity, read this link 'https://support.microsoft.com/en-us/windows/core-isolation-e30ed737-17d8-42f3-a2a9-87521df09b78', where Microsoft sent me to 'Learn more'.

Finally, I employ a very healthy dose of skepticism when online. I make it a practice to never trust any link on any web page or in any email message - period, even if I am familiar with the site or subscribe to the email (newsletters, etc.). Before I click any link, I check the URL it will take me to by hovering my mouse pointer over it. When I do, the URL is displayed, either in a popup item, in the browser's status bar at the bottom of the window, or (as in the case of Microsoft Edge) in a popup dialog that displays at the bottom-left of the browser window, where the status bar should be. I know the URL of most places I go on the Internet, so if I don't recognize the URL from the link, I DON'T CLICK IT! If the link is from an unfamiliar source (an email message I did not subscribe to, or a website that is new to me, etc.) and I still want to go to where the link purports to take me, rather than taking a chance by clicking the link itself, I use my web browser's search function to search the Internet for the text on the face of the link, then examine the first page of the search results to see if any of these URLs match the one from the link (at least the first part, from 'https://' to the next forward slash (/). If I find a URL that matches, I'll consider going there (but only if I have ever heard of the company that owns the site).

By way of explanation, the first part of the URL to an article that inspired this post contains 'https://askleo.com/'. All the articles I have read from Leo's newsletter are housed on his website, so their URLs all start with 'https://askleo.com/'. I know that if the first part of the URL starts with anything else, it is NOT a genuine/legitimate Ask Leo item (because it is NOT housed on his website), so I won't click that link. Instead, I'll take steps to inform Leo that I have received a spoofed newsletter and forward it to the appropriate legal authorities (SEC: https://www.sec.gov/tcr, USA.GOV: https://www.usa.gov/stop-scams-frauds, and/ot IRS: https://home.treasury.gov/services/report-fraud-waste-and-abuse/report-scam-attempts#:~:text=If%20they%20claim%20to%20be%20from%20the%20Internal,which%20has%20jurisdiction%20over%20IRS-related%20matters.%20Mail%20Scams). Note: The US government was unable to get enough evidence on Al Capone to bring him to trial until the IRS got him for tax evasion.

If a dialog popped up on my display telling me that I have contracted a virus and (perhaps) to call some number, my first step would be to run a full scan of my system using the scanner in Microsoft Security, then I'd run a scan with Malwarebytes Free, but I would NEVER click any link in the dialog or call any phone number in it. If neither scan turned up anything concerning, I'd make a note of the website I was on when the dialog popped up, then use Task manager to close it. If this happened a few times (from the same website), I'd notify the web master about it. If it continued to happen repeatedly (on the same website, after notifying the web master), I'd stop going there.

I know that it is impossible to stop a dedicated attacker from accessing my computer or Internet accounts, but it is very possible to make the effort cost more than the results are worth, so I make it as hard as possible for these lowlifes (as evidenced above).

If you got this far, I hope what I had to say helps you be safer on the Internet,

Ernie

Comments

Post a Comment

Popular posts from this blog

Common Debian App Commands With Descriptions

For any GNU/Linux users (Debian based distributions), here is a list of several common apt commands and their descriptions: apt command function of the command apt install Installs a package apt remove Removes a package apt purge Removes all traces of a configuration (including configuration) apt update Refreshes repository index apt upgrade Upgrades all upgradable packages apt autoremove Removes unwanted packages apt full-upgrade Upgrades packages with auto-handling of dependencies apt search Searches for the program apt show Shows package details apt list --upgradable Lists all upgradable packages apt list --installed Lists all i
Read more

Windows–Linux dual-booters: how to set Windows system time to UTC

This is for people who dual-boot Windows and GNU/Linux.  If you use both OSs on the same machine, you may have run into an issue with the time display when you switch between GNU/Linux and Windows. If your time is correct in GNU/Linux, it may be off by some number of hours (depending on your time-zone) in Windows (or vice-versa). This is because (by default) Linux sets the system (hardware) clock to UTC (Universal Time Coordinated) while Windows sets it to your LOCAL time. Traditionally, many (but not all) Linux distributions have provided a work-around so your GNU/Linux distribution can set the system (hardware) clock in accordance with how Windows does things. If, when you installed your GNU/Linux OS, you were asked which of two times is the correct one, you are probably all set, and you do not need to read any further (unless you are curious).  On the other hand, if you were not asked the above question, what I have to say here may be of help.  There are three ways to change h
Read more