Human Aspect
Many data breaches, hacks and attacks are caused by human error. Hackers learn human psychology, and you should too. The following list contains steps you should take to reduce the risk of this happening to you.
0 out of 10 (0%) complete, 0 ignored
| Done? | Advice | Level | Details |
|---|---|---|---|
Essential | Always verify the identity of individuals requesting sensitive information—whether by phone, email, or in person. Call back and use separate communication channels to validate requests. Emails can be easily spoofed. Verify the sender's authenticity, especially for sensitive actions, and prefer entering URLs manually rather than clicking links in emails. | ||
Essential | HTTPS does not guarantee a website's legitimacy. Verify URLs and exercise caution with personal data. | ||
Essential | Limit the amount of personal and professional information available publicly on social platforms. This helps reduce the risk of attackers gathering details to craft convincing scams. Check and update your social media settings, as unsafe defaults may affect your privacy. | ||
Essential | Common techniques such as phishing (emails that impersonate trusted entities), vishing (voice scams), smishing (SMS scams), baiting, pretexting, and tailgating are used by malicious actors. Read articles, watch online courses, and review real-life case studies to learn how they look like. Treat unsolicited calls, emails, or messages offering free tech support, giveaways, or “too good to be true” deals with extreme caution. | ||
Essential | Familiarize yourself with biases like authority bias (trusting figures of authority), social proof (following the crowd), scarcity (the lure of limited opportunities), reciprocity (feeling obliged to return a favor), and others. | ||
Essential | Develop a habit of “double-checking” any request for personal or financial information. Ask yourself, “Does this trigger an emotional response?” If yes, take extra time to analyze it. Excitement around winning or loosing, threat or danger to you and family is often exploited by criminals. | ||
Optional | On every occasion remove yourself from public databases and marketing lists to reduce unwanted contacts and potential risks. Do not provide additional personal information when opting out of data services to avoid further data collection. Example opt-out page for a service which downloaded 50 billions of photos to provide commercial face recognition services. | ||
Optional | Use different combinations of fake names, addresses, and emails for all non-important, non-government interactions. Let the bookshop think you are another person. The delivery service can call you by a fake name without knowing it. Your nonexistent sibling purchases all these board games from a local store. When this data leaks (Have I Been Pwned? is listing thousand of the biggest leaks to check), it would be a nightmare for anyone trying to compile your profile. | ||
Advanced | Keep different areas of digital activity separate to limit data exposure in case of a breach. Your work laptop and accounts shouldn't contain your personal data. Your child should never be allowed to use your devices. Encrypt everything you archive. If you have fewer than 5 separate encrypted containers now, you are probably approaching it wrongly. Don't save top-secret stuff on an encrypted volume you mount daily. Trade cryptocurrencies and run your wallets in a separate browser that is not used for other activities. | ||
Advanced | Create a checklist for handling sensitive communications. For instance, decide that you will never share passwords or financial information over unsolicited phone calls, chats or emails without independent verification. Write down your own “rules” and refer to them when you’re unsure. Use encrypted messaging apps within your family circle. |