Share on Facebook

18 Secrets to Steal from People Who Never Get Hacked

Learn the best practices that stop cybercriminals in their tracks.

man with binoculars. the binoculars reflect computer code.Marco_Piunti/Getty Images

The rising problem of cybercrime

Cybercrime is a massive problem that doesn’t look like it’s going to get better anytime soon. Cybersecurity Ventures’ latest annual report estimates that cybercrime will cost the world $10.5 trillion annually by 2025. That staggering figure takes into account a multitude of factors, including stolen money, lost productivity, restoration, and the deletion of hacked data and systems.

And cybercriminals don’t only go after big organizations. “The victims of cybercrime involve individuals, organizations, and businesses alike—virtually everyone from all walks of life,” explains the experts at SSLStore. In its 2020 Internet Crime Report, the FBI’s Internet Crime Center (IC3) says it receives an average of 2000 cybercrime complaints per day.

There are ways to protect yourself from cyberattacks, but unfortunately, there isn’t one all-powerful tool that does everything. “The right way to think about computer security is to liken it to Swiss cheese. Any slice of Swiss cheese is full of holes, but if you layer another slice on top of the first one, they cover up each other’s holes a bit,” Roger Thompson, founder of Thompson Cyber Security Labs, tells Reader’s Digest. “Two or three more layers and all the holes are covered up.”

Here are some of the best practices of people who have successfully avoided becoming victims of cybercrime. And after you’ve learned what they do to protect themselves, check out these cybersecurity secrets hackers don’t want you to know.

close up of web browser, shallow dof on the address barConstantinosZ/Getty Images

They never shop on a website with an “http” URL

“Only transmit personal data on websites that are https. The ‘s’ indicates a higher level of security. Nowadays, all the reputable e-commerce sites are https—including Amazon, Walmart, Target, and Google, plus the major airlines, banks, car rentals, hospitals, social services, and hotel chains. Most scam sites, however, are http (no ‘s’ at the end), because http sites are cheaper than https sites. So, if you receive an email solicitation to use at a website that’s http, be extra careful. It could be a fraud attempt.” —Monica Eaton-Cardone, COO of Chargebacks911. Even trusted websites can pose problems, though. Check out this list of the most (and least) secure online retailers in the country.

Close up of a young woman's hand typing text message on her smartphone. African young woman is typing on touch screen mobile phone. Close up of female hand texting a message phone indoor.ljubaphoto/Getty Images

They only use trusted apps

“Cellphone users can risk exposure to viruses, malware, and other online threats in many ways. Always use trusted app providers from trusted sources such as the App Store or Google Play. Jailbreaking your phone is one of the biggest risks to malware and other potentially dangerous viruses.” —Braden Perry, a litigation, regulatory, and government investigations attorney with Kennyhertz Perry, LLC. Plus, if these apps are still on your phone, someone may be spying on you.

guy in a bar or restaurtant using his phoneferrantraite/Getty Images

They use a VPN

“VPN to the rescue! A VPN (Virtual Private Network) encrypts your Internet connection to secure it and protect your privacy. You can select the no-sharing option to further protect info from nefarious hackers. There are heaps of VPNs to choose from. Personally, I use NORD VPN—no affiliation. It’s a good value and has excellent features.” —Ethan Taub, CEO of Goalry and Loanry. Here’s more about how one click can keep your information safe on public Wi-Fi.

Cropped shot of a man doing some online shopping at nightPeopleImages/Getty Images

They don’t use debit cards for online purchases

“If you’re the victim of fraud, a debit card offers scant protection. Credit cards protect you far more comprehensively and provide you with an extra layer of security. So use a credit card as a precautionary measure. This way, if you are victimized, your recovery will be faster.” —Eaton-Cardone

digital concept with fingerprintdem10/Getty Images

They use two-step verification

“Use Multi-Factor Authentication (MFA)—aka two-factor (2FA), aka two-step verification—whenever and wherever possible. Both Microsoft and Google have recently stated that MFA will stop 99 percent of all automated attacks.” —Dave Hatter, a software engineer and cybersecurity consultant. Don’t miss these clear signs you’re about to be hacked.

Concept credit card data security, online paymentsVadim Zhakupov/Getty Images

They protect their credit card info

“Don’t save credit card information on sites where you purchase something. And open a separate credit card specifically for online transactions.” —Hatter. Here are 14 things you should never do when using public Wi-Fi.

A single mobile phone on wooden tableFarknot_Architect/Getty Images

They lock out lost devices

“If a mobile device is lost—laptop, USB drive, smartphone, etc.—and it has company data on it, report to your IT department immediately so user accounts can be disabled and/or monitored for suspicious activity and devices can be locked out of the network.” —Michael Bisso, Director of IT at Edelstein & Co. By the way, these 15 things make your phone an easy target for hackers.

Mature woman using a laptop next to her husband using his phone. on the couch at home.katleho Seisa/Getty Images

They protect their passwords

“Protect passwords and change default passwords when applicable. Use password-protected Excel documents to track usernames and passwords. The current version of Excel has strong encryption that’s almost impossible to break. Make sure access to the file is protected by a strong password.” —Peter Purcell, co-founder of EVAN360 and a cybersecurity expert. Change your settings immediately if you use any of these 25 passwords.

Abstract Internet Network Cyber Security conceptVertigo3d/Getty Images

They use password managers

“A password manager is the most amazing thing in our password-cursed world. We have passwords for everything. Most folks fall back to using the same password everywhere. This makes hackers’ lives very easy. They can compromise a website account set over here, and use those credentials at multiple other sites. It’s like carrying the key to a locked door. Password managers will help manage your passwords. They will create complex passwords, they will enter them at the various websites for you, and they will securely store them between use. Win, win, win! You have no excuse not to be using one.” —Nathan Maxwell, a cybersecurity expert at CCI.

email icons on a screen. all blue except one red one in the center.Hailshadow/Getty Images

They don’t click unknown links

“Never click on links in emails. Phishing emails are incredibly successful at impersonating sites you trust, and they appear much more legitimate than in the past. Visit the source website of the email before proceeding with the requested action.” —Purcell. This is what happens when you respond to spam emails.

Sign attached to a glass door saying “Free WiFi”.Gwengoat/Getty Images

They avoid connecting to public Wi-Fi

“Hackers are able to exploit users of public Wi-Fi through intercepting the traffic as it passes over the network, or hackers will set up fake ‘honeypot’ Wi-Fi access points in order to trick users into connecting. The goal of the attacker is to be able to obtain authentication credentials for things such as social networks or bank accounts, among other nefarious motives.” —Alex Heid, Chief R&D Officer at SecurityScorecard. For a better option, learn how to turn your smartphone into a mobile hotspot.

young couple looking at a computer screen in their homeAzmanL_/Getty Images

They take precautions when using connected devices

“Think of IoT (connected) devices just like any computer—they have an IP address. But when people deploy smart TVs, baby cameras, and devices like that in their homes, they, unfortunately, don’t usually take the same safety precautions as they do when setting up a computer. My advice to consumers is the following:

  • Read the manual: This is crucial to know what it takes to secure the IoT device.
  • Make sure you have a firewall on your router. It will protect your devices in many cases.
  • Create new and secure passwords for each of your devices.
  • Always install updates. A ‘smart’ device can easily fall out of date, leaving the device vulnerable to hackers.” —Aleksandr Yampolskiy, CEO and co-founder of SecurityScorecard

By the way, this is the most vulnerable smart device in your home right now.

A close-up on an abstract design of a display, which is warning about a cyber attack. Multiple rows of hexadecimal code are interrupted by red glowing warnings and single character exclamation marks. The image can represent a variety of threats in the digital world: data theft, data leak, security breach, intrusion, etcmatejmo/Getty Images

They are aware of data breaches

“A lot of folks will check sites like to see if any of their accounts have been compromised via a data breach. By simply entering their email address, people will be provided with a list of all breached accounts associated with that email account. It’s a great way to stay up to date and manage risk.” —Adam Dodge, founder of EndTAB. Make sure you know these 23 tips to prevent identity theft and other cyber scams.

Close up of a man using a mobile phone.BraunS/Getty Images

They are wary of random outreach

“I would advise you to be especially vigilant during events that may arouse our emotions. These may be sports tournaments or shopping opportunities but also changes in law or taxes. Such events can be used by hackers to conduct phishing attacks. Criminals can manipulate our emotions or information and rely on ignorance of the issue and their negative emotions, such as stress, time pressure, or fear of financial losses. What should we watch out for? Contests and promotions that offer tickets for matches, impersonating a tax office or bank and sending infected ‘instructions,’ or urging you to pay for items that are essentially free.” —Ole Brockhuus, CEO of SpotTheSpy. Don’t get fooled by this gift card scam.

Electrical outlet with built in USB chargerPJ_joe/Getty Images

They don’t use public chargers

“In our busy, on-the-go lives, sometimes there is no option for charging a phone other than a USB plug at a nearby public charging station, but unsuspecting users may find their data and device at risk. Hackers can modify these stations to download information without user consent or install malware onto a phone. In such cases, the best thing to do is to bring along a portable charger or connect a charging wire to a trusted personal computer that will refresh the device’s battery but not endanger the smartphone or its data. For example, Apple has recently added a feature that asks the user to either grant or deny trust to the computer when charging with a USB. If the user denies trust to the charging computer, the USB will only allow for the battery of the smartphone to be charged and not for any data to be transferred.” —Hagay Katz, VP of Cyber Security at Allot.

Data security concept image.gremlin/Getty Images

They update their security software regularly

“You should have antivirus software on your phone, laptop, and other devices to keep them safe. However, these programs can only protect you from the threats they know about. Companies will add new protections to their software as emerging cyber threats are identified. If you don’t keep your software up-to-date, you won’t be protected from the latest threats.” —Colton Devos, a marketing and communications specialist at Resolute Technology Solutions.

Woman sitting in Cafe and working late at night. She is typing on her Laptop.Thomas_EyeDesign/Getty Images

They come up with creative answers to security questions

“Set up difficult security questions to avoid having someone find the answers online. Get a little more creative with the answers, and never share this data with anyone.” —Rachel Wilson, Investigative Coordinator, Client Relations, at The Smith Investigation Agency and The Smith Training Centre. Here are some tips on how to make your password recovery questions harder to hack.

Cropped shot of a businessman using a digital tablet at night in an officePeopleImages/Getty Images

They keep things manual

“Turn off any sharing or auto-downloads activated on your mobile device to limit access to Cloud-based applications or stored information on your device.” —Heather Paunet, VP of product management at Untangle. Next, check out these 17 everyday things you didn’t know could be hacked.


Joe McKinley
Joe McKinley is a regular contributor to Reader's Digest, covering cars, careers, tech and more.

Newsletter Unit

CMU Unit

Subscribe & SAVE Save Up To 84%!