We send incredibly personal e-mails
Outsmart us: Spot phishing e-mails by looking for incorrect or unusual URLs (hover over links to see the actual URL address), requests for personal information or money, suspicious attachments, or a message body that’s actually an image. Unless you’re 100 percent confident that a message is from someone you know, don’t open attachments or click links. Here's how to avoid the most common online scams.
We’ve got all the time in the world
Outsmart us: Instead of a password, try a passphrase. Use letters and characters from a phrase and include special characters, numbers, and upper- and lowercase letters (Mary had a little lamb could become [email protected], for example). Or consider a password manager that generates and remembers random, difficult-to-crack passwords. (Even then, some experts recommend unique passphrases for financial accounts in case the password manager gets hacked.)
We sneak while you surf
Outsmart us: Make sure you install all available updates to your browser, or use a browser that automatically updates, like Firefox. Vigna’s research has found that Internet Explorer users are most vulnerable to these attacks.
We can infiltrate your baby monitor or smart TV
Outsmart us: When setting up smart devices, always change the default password. Most of these devices work from your wireless router, so password protecting your Wi-Fi can also help. Keep up with firmware updates; many devices will inform you when there’s an update available. Otherwise, look for an Update Firmware option in the main menu or settings.
We eavesdrop on free public Wi-Fi networks
Outsmart us: Avoid public Wi-Fi if possible, especially unsecured networks without passwords, advise security experts at MetLife Defender, a personal data protection program. Instead, set up your smartphone as a secure hot spot or sign up for a VPN (virtual private network) service. If you must use public Wi-Fi, avoid financial transactions and consider using a browser extension like HTTPS Everywhere to encrypt your communications.
We lure you with “shocking” videos on Facebook
Outsmart us: Type the video’s title into Google and see if it’s on YouTube. If it’s a scam, someone has probably already reported it.
We take advantage of your typos
Outsmart us: Double-check the site’s address before logging in with your name and password, especially if the home page looks different. Check for https in the address before typing in your credit card information.
We crack your password on “easy” sites
Outsmart us: Use two-factor authentication, a simple feature that requires more than just your username and password for you to log on. In addition to your password, for example, a site may require you to enter a randomly generated code sent to your smartphone to log in. Many companies—including Facebook, Google, Microsoft, Apple, and most major banks—now offer some form of this safeguard. (For a list of companies that offer it, visit twofactorauth.org and click Docs under your provider to learn how to set it up.)
We love your Bluetooth headset
Outsmart us: Always turn Bluetooth off after you use it. Set your visibility to “off” or “not discoverable,” and require a security code when you pair with another Bluetooth device.
We can easily break into routers that use WEP encryption
Outsmart us: Make sure your router uses WPA2 (Wi‑Fi Protected Access 2), the most secure type of encryption, or at least WPA. Click your computer’s wireless network icon to check the security type. If your router doesn’t give you one of those choices, call your router manufacturer to see if you need to do a firmware update—otherwise, plan to get a new router. Don’t forget to change your preset Wi-Fi password, since any good hacker knows the default passwords for all major routers.