We are living in uncertain times, with the pandemic forcing us to shift ever more of our activities online. Whilst this change may be good for our health, it has also highlighted some of the dangers that still plague the digital realm. There are many strategies that hackers can use to compromise your data, but here are some of the biggest threats affecting users in 2020.
1. Weak passwords
For years security researchers have been telling people to start using more secure passwords and yet millions of people still use easily the same guessable dictionary word to secure all of their online accounts or worse. The top five most popular passwords people still use in 2020 are “123456”, “123456789”, “qwerty”, “password”, and “12345678”, and none of them are any help in terms of security. The average password length may have gone up a couple of characters over the last decade, but none of that matters with these phrases still at the top of the list.
Some people like to write down their passwords in an offline notebook, but online password managers like 1Password and LastPass have made it incredibly easy to create and maintain unique secure passwords for every account. If you are not using a password manager yet, now is the time to start.
Few people like the increasingly intrusive ads that clutter up websites, but advertising remains the most popular monetisation option for many websites, including this one and will be around for a while to come. Most reputable publishers will try to maintain certain quality requirements for ads, so no popups and nothing with auto-playing audio, but others, particularly on the less savoury parts of the web, are happy to bombard their users with popups, push notifications, and more, with some nefarious actors even managing to inject malware via ad-codes.
Most modern web browsers will block the majority of popups and you can turn off push notification requests, but it is a game of cat and mouse with advertising networks looking to squeeze the last bit of revenue from users. This has led to the situation with some browsers, such as Opera and Brave, blocking ads by default, and other users turning to ad-block plugins like uBlock Origin to block all ads in Chrome of Firefox, and all websites losing out on ad revenue. We would hope that you trust us and appreciate our content enough to whitelist us from your ad blocker, but we know that over a quarter of our users have not done so.
Some advertising networks, with Facebook a particular culprit, will track you around the internet and help companies target you with ads for anything you may have looked at or searched for. This is related to the annoyance and vulnerability issues with online advertising, but more to do with privacy.
Various ad-blockers will block cookies and pixel tracking, which are the two easiest and most reliable ways to track users around the web, but advertising services will also track you via IP address and other methods. The only way to truly protect your identity from such tracking is to use a Virtual Private Network (VPN), which will encrypt your traffic from prying eyes and mask your IP address so advertisers do not even know which country you are visiting from.
4. Poor website security
No matter how well you protect yourself, if you are using a website that does not follow security best practices your information could still be compromised. Hackers are always looking for soft targets, and that often means websites with poor security. All websites should have SSL security certificates installed, which helps protect against man-in-the-middle breaches, and if you are paying for something then using Google Pay or Apple Pay is a more secure solution than putting in your card details. Some banks will also let you use temporary disposable card numbers and you can use temporary email addresses if you want and extra layer of security.
Any website can be vulnerable to hackers, with big brand named like Talk Talk, LinkedIn, and BA all falling victim to major breaches in recent years, but by keeping an eye out for the padlock to show SSL security and avoiding adding your credit card number to untrusted websites can offer some protection if that company is hacked.
5. Bad company behaviour
Whilst most breaches of personal information are down to lax security and hackers finding a way in, there are also numerous cases of companies selling on their users’ data. Sometimes these companies ask for permission with clauses hidden in the terms and conditions that nobody reads, but other times they fail to ask at all, which is a clear beach of GDPR and other regulations and can lead to some serious mistrust when people have shared their data for good reason such as the recent push towards track and trace.