These days, it’s impossible not to leave some kind of digital footprints. We spend so much time on the web. And for most of that time, we actually share personal information ourselves.
We do it intentionally, when posting our breakfast on Instagram, our job promotion on LinkedIn, and our holiday experiences on Facebook.
Or unintentionally, when we ignore the websites and services that store cookies on our devices and grab personal information that will later help build us user profiles for targeted ads.
The fact is that privacy has become a fickle concept, to say the least.
Do you know what the web knows about you?
If, for some reason, you suddenly want to protect your privacy, you will want to first assess the situation. For sure, there are so many places where you would have to look up for traces you already left on the web…
You’d be surprised to discover that there is information about you and your loved ones, pretty much anywhere. Think of governmental online resources, forums, marketplaces, and social networks.
Yet those are only the tip of the iceberg, the part of personal information promoted online willingly, knowingly, visibly. If you were to dig up on notorious data leaks, data brokers’ resources, or even darknet sources, the findings might trouble you for good.
Long story short, it’s not a matter of if your information is available online. It is rather a matter of where exactly you’d find that information.
If you don’t know, it is because you haven’t paid interest in it. Rest assured, those who do pay interest already know where to look you up, if they want to.
Question is, can you look up in all that? Should you look up in all that? And why not prevent rather than treat? At least now, when you’ve become more aware and willing to do something about it.
Coming up next, we’re going to show you a handful of simple, common-sense ways to protect your privacy online. If you want to know how can you protect your privacy on the internet, this is a great start. Follow the lead and you’ll instantly start feeling better, more secure.
Go for the most complex authentication options
With only so many access points for intruders, it helps to get the best protection available out there. So, for your computers and smartphones, or for pretty much any other device/account that supports authentication, always aim higher.
6-character passwords or 4-digit PINs? No, thank you! Try instead 16-character passwords and 6-digit PINs. Or 2-step authentication with mobile app confirmation. Or biometric authentication with face unlock or fingerprint reading.
There’s nothing that can go wrong from taking the highest protection measures you have at hand.
Use secure passwords – like really secure passwords
We’re getting tired of talking about the importance of using secure passwords. But when it comes to how to protect your privacy online, it looks as if keep talking on this topic is more important than ever!
To put it differently, using weak passwords for accounts where you store personal information is as reckless as not using passwords at all. Naturally, you don’t just want strong passwords for each of your accounts. You also want different passwords.
In the unfortunate event that one of them will be hacked – because no password is unhackable, after all – you can at least be sure that the attackers won’t be able to use it to reach other accounts of yours.
Using a password manager can help keep your accounts under control. If anything, you only need to memorize one long, complicated password, which is the master password.
Watch out for the public Wi-Fi hotspots
If you can choose, chose not to connect to a public Wi-Fi. We’ve talked about the public Wi-Fi risks here. And you know better than to trust your personal data to a connection that virtually anyone can take a peek at.
Assuming the world is on fire and you have no alternative than to use a public Wi-Fi, don’t log into any account while doing so. And don’t make any online payments. Use a VPN for better protection and stick to the minimum amount of actions that expose as little as possible from your credit card details, passwords, logins, etc.
Enhance the security of your home Wi-Fi
So, you’re not using public Wi-Fi networks. You should know that this doesn’t mean you’re 100% safe with your home network. If you’d like to learn more about how to enhance the security of your own Wi-Fi, check out this comprehensive guide.
For what is worth, keep in mind that you should always set your own router password. And equally important, you should take the time to go through its settings. Adding a firewall to it may also come in handy, on the same principle that you just can’t be overprotected when it comes to your online privacy.
Don’t share your phone number unless you really have to
Keeping your phone number private will spare you from dealing with lots of spam. Need it to validate certain accounts? You can still work around the perspective of giving your phone number… Simply use a dual-sim phone.
Make one of the two SIMs your main SIM and only share it with the people you trust. Then use the other SIM for services where you can’t seem to get around without providing a phone number.
Use more than one e-mail address
On the same footsteps of protecting your phone number, choose carefully where you register and with what e-mail addresses. As a rule of thumb, keep your main e-mail address private. Use it for online stores or internet services, but not for social networks or other websites where you hang around just for fun.
Need to share an address with some random people? Even more reasons to use the e-mail address that is not associated with your other important accounts. If anything happens or you lose access to one of those secondary email addresses, you should be able not to sweat about it.
Block e-mail tracking with your webmail client
You’d be surprised, but advertisers can tell if, when, and how many times you’ve opened their messages. And they even send away personal data… It can be your e-mail address and IP address, the latter resulting in determining your approximate location.
They can also store browser cookies to spot you when you land on other sites, more or less relevant to the topic of the email they initially sent you. And the list of exploits they have at hand can go even further.
To protect yourself you should, first of all, disable the automatic image downloading with your email client. That’s because many advertisers rely on automatic image downloading (often invisible images) to tell when you’ve opened their messages.
In case you were wondering, yes, Gmail users are protected from this tactic. With this client, all images are initially downloaded on Google’s servers and then sent to you. So, unless the advertisers pay Google to get that piece of information, they won’t be able to tell when you’ve downloaded their images.
Otherwise, you can and you should use VPN to keep your real IP hidden. Or use the private browser provided by your antivirus.
Be suspicious of any request to verify your identity
Doesn’t really matter from what kind of service you’re getting the notification. But especially if it’s a service you’ve been using for quite some time… A sudden, urgent need to reconfirm your profile information should be approached with some degree of suspiciousness.
Did they give you a time frame to update your profile? It’s best if you miss the deadline than if you hurry to give your personal information to the wrong people. Always check and double-check, by going to the alleged source of the message on your own.
Don’t just follow the access path provided by the sender of the urgent message!
Use public storage services for general information only
Are they throwing tens of GB of free storage space on you? We get it, it’s kind of easy to go with the flow and overlook what you’re sharing in there. Still, don’t keep your business book records on Google Docs. Or your travel details, with passport copies included, on your Dropbox account.
Don’t store anything you wouldn’t want to be seen by others, on services that promise you remote access from anywhere. This means they are storing your information somewhere in the cloud. And in case of any security breach, your data is compromised.
When security breaches occur, wouldn’t you like it to inflict data you couldn’t care less if lost?
Don’t trust the incognito mode for more than you should
A simple definition of the Incognito mode goes like this: it’s a private navigation option that keeps your online actions secret from the people with whom you share the same device. The emphasis here is on “the people”, which actually should make you wonder…
Your wife won’t be able to tell you’ve Googled for a particular present for her, because you did it while in Incognito mode. But does that mean you’re completely protected by this mode?
Not really! Even in this privacy mode, there is still data that some parties will have access to. So, it’s not the present in itself and it’s not the wife who sees targeted ads on it. But it can be your service provider…
Or it can be your boss, in case you’ve been using a work device. Or the website you’ve visited. Or even a particular keylogger, or any other spying software quietly running on your PC. Any of these parties can see your IP address and other pieces of trackable information.
The Incognito mode only erases local traces. Who’s to say that those are the only ones you should erase when caring about your online privacy?
Take the time to check the review permissions you’re granting
Whether it’s mobile apps or browser extensions, pretty much anything you install will ask you for some kind of permission. More often than not, just like with the cookies policy, we accept whatever we’re offered. We don’t take as little as five seconds to see what we’ve just accepted.
While it’s true that without granting those permissions, you wouldn’t be able to use the apps… If you really care about your privacy, you should stop for a while. Ponder the benefits you’re getting from using that mobile app or browser extension against the risks you expose yourself to.
If it is still worth the effort, go ahead and install it. If you’re having second thoughts, perhaps you shouldn’t install it altogether. Because, let’s face it, there are only a handful of mobile apps that you really can’t live without.
Stop hitting the Accept button with your eyes closed
As the topic of how to protect your internet privacy is poised to soar, something has changed in the online landscape. You might have noticed for a while now that most websites have beginning to display privacy notifications the moment you access them.
It is because of the latest online privacy regulations. They force websites to inform users of what kind of data they store about them and for what purposes. Problem is, however, that many users still don’t pay attention to it.
Instead of going through what they consider to be boring information, when they get the notification about what cookies a website uses, users just accept it. Then, they close the pop up and continue with their navigation.
You, on the other hand, should click on the More Information link. See exactly for what purposes those cookies are used and make some tweaks accordingly, if you have the option.
Keep a close eye on the privacy settings
This one goes for every single one of your social network accounts. The privacy settings are buried somewhere deep within the menus of these platforms. And there’s probably a good reason for that.
Your job, if you’re serious about protecting your privacy online, is to track down the privacy settings of each website where you create an account with. And to make sure you’re not sharing any more personal information that you’re obliged to.
Make this experiment and see what kind of information you have already provided. Or how much of it is visible to other users / or just the platform itself, without you even knowing it. You’d be surprised, if not shocked.
Use end-to-end encryption with your messaging apps
Any online communication form strives to do this. And so does sending messages via dedicated apps. They all want to handle information transfer in a format that would protect it from being intercepted by unauthorized parties.
In fact, many messaging apps brag about doing so. Problem is, however, that they do it with what’s called “encryption in transit”. As the name suggests, this kind of encryption only applies while the message circulates from one end to another.
When it’s encryption in transit, the messages are decrypted on the provider’s end. If someone hacks their servers, your messages become accessible to the hacker.
For these reasons, you want to either use a messaging app that provides end-to-end encryption by default (like WhatsApp). Or to activate it manually, by starting a secret chat (on the Facebook Messenger, Google Allo, or Telegram).
Configure your tagging preferences on social media
What you share online is one thing. But what your friends share online that might include you as well is a different thing. If you’ve noticed you’re being tagged on Facebook or anywhere else, you should know you have the option of blocking this from happening without your approval.
The secret lies, again, in your privacy settings, so here’s another reason for you to carefully go through it all. The more you’ll do it, the more differences you’ll notice. In some instances, you might forbid your connections to tag you. Whereas in other instances you might only forbid the automatic display on your wall of a post where someone tagged you.
Either way, you’re limiting the number of mentions that associate your name with your face on a social network. And so, these actions blocked to protect your privacy are well worth the effort.
Watch out for your smartwatch
Before concluding you’re not that paranoid, consider this: smartwatch acceleration sensors can recover certain types of information from their wearers. Movements, habits, even typed information (based on how the wrist shakes when typing the data) are no longer that difficult to obtain.
As a matter of fact, any hacker can create a smartwatch-dedicated app. One you might really want to try, like a fitness tracker or a fancy clockface. Then, they would insert into it a function that would read the accelerometer data. And make it available to you via Google Play.
This type of data-siphoning app is very difficult to raise the flag of malware screening devices. And it can easily end up in your way one day. So, watch out for your smartwatch and pay attention if its battery starts draining too fast, all of a sudden, or if it starts gulping at your data traffic.
Account information or geo-location permissions required when installing smartwatch-dedicated apps is yet another red flag! We’re aware you didn’t anticipate your smartwatch to raise challenges on how to protect your online privacy. But the reality is different…
Starting to feel like the internet already knows too much about you?
Chances are it really does.
Aside from making sure that, from now on, you pay attention to all of our suggestions from above, there’s something more you can do.
It’s an alternative to our initial suggestion of manually going through all the places where your personal information could be made public. And it’s called Privacy Audit, a web service developed by the Kaspersky Lab’s Business Incubator team.
In 24-hours or so, you’re going to get a full report of your current situation, along with recommendations of action starting from there.
As always, prevention is the best weapon and, from now on, you have no excuse for pretending you lack the knowledge of how to protect your privacy online.