You move into your college dorm for the year and get your room decorated, but you’re still not done. Then you buy your textbooks, but you still have more work to do. You’ll soon also have homework. . . and you definitely need to take steps to protect yourself on the internet.
Hackers, catfish, and identity thieves are always on the hunt for college students who don’t have their guard up. They’ll happily take your money or your identity. So, it’s up to you, your roommates, and your friends to create a safe internet environment. You need to protect your personal information, update your devices, and download trusted security software. You’ll need to ensure you can connect safely online so nobody can hack your accounts.
Resources for Before and After College
Stalking and Harassment
On the internet, stalking is known as cyberstalking. If this happens to you, it means that someone is maliciously following and harassing you. They know where you are, and what you are doing, and they don’t plan to stop.
Here are some activities might qualify as cyberstalking:
- Calling you repeatedly, sometimes hanging up
- Sending letters, emails, gifts, or texts that you don’t want
- Monitoring your use of the computer or your phone calls
- Repeatedly driving by your place of employment, home, or school
- Looking up your public records; going through your trash; using an online search service to find out about you; talking to your co-workers, family, neighbors, or friends to learn more about you
- Taking other actions to scare you, control you, or track your whereabouts
- Following you around and appearing wherever you are
- Damaging your belongings, home, or car
- Using hidden cameras or GPS to track your movements
- Threatening to hurt your loved ones, pets, or friends
If someone is determined enough, they can get access to any credit cards or debit cards you may have. In 2017, there were 16.7 million victims of identity fraud. From taking your debit or credit cards out of your wallet to correctly guessing your passwords, they will be able to steal your credit and use it for themselves.
Some investigators may ask if you physically had your credit/debit cards in your wallet. They may also ask if you know anyone in your circle of friends or family who may have been able to get into your bank account or if you’ve had any visitors to your dorm room or apartment. As you answer these questions, you may realize, painfully, that the perpetrator may be someone you know. In 40% of fraud-related crimes, the victims knew who had stolen their financial information - this is what is called “friendly fraud”, even though there’s nothing friendly about it.
When you realize your Samsung, iPhone, tablet, or computer are missing, you might be tempted to freak out. You have homework assignments, syllabi, and personal information stored on them!
For your phone, you can use the “Find my phone”, or similar, app to help you locate it. Using another device, you can mark yours as lost and even erase all of your personal information from the phone. (Caveat: Once you erase your device, you can’t track it. Call your carrier and report the loss. Your carrier may be able to use one of several identifying numbers to disable your device.)
However, it’s best to always keep your devices in your possession. Never leave it in an unlocked vehicle, no matter where you park and use plain bags or cases to carry your computer or tablet with you. If you have to leave your computer in a room, you can lock it with a cable lock. This lock should wrap around a heavy item so that the device can’t be carried away and opened elsewhere.
If you were walking to your next class, and you spotted an abandoned USB stick sitting on a bench, what would you do? You’d probably be curious, you might pick it up intending to return it to its owner. After all, if you lost a paper because someone didn’t return your flash drive, that’d be really annoying. However, you’ll want to think twice before inserting it into your laptop so you can find out who owns the drive.
That thumb drive could easily be infected with viruses or malware. Cyber thieves can easily download a file containing a virus or other infected code onto the device and set it to upload to your system when you click on a file. Some skilled hackers have even figured out how to disguise their own devices that link your computer to theirs as flash drives, so when you connect it to your device, they gain instant access to your entire system. The Stuxnet attack was downloaded with a thumb drive. Either ignore that drive or take it to the lost and found so that no one else gets caught by sneaky malware either.
Phishing is an online attack that is usually spread through an email disguised to look like it is from a trusted friend, business, or even from your school. The message in the “email” convinces victims into thinking they need something that has been promised, often this causes the victim to send some sensitive information to the other party, opening themselves up to further attack.
If you have an Amazon account, a cybercriminal may create a fraudulent email that looks as if it’s really from Amazon. It even has the Amazon logo and it only asks you to verify your account or payment information, which Amazon has anyway, right? You’ll find a link in the email that you are directed to click on. Once you click on the link, malware in the link gives the perpetrator access to your personal information.
Russian hackers were able to convince the Hillary Clinton campaign chair, John Podesta, to give them his Gmail password. He did and the rest is a sad, historical episode. A Facebook Messenger scam works in a similar way. A user’s account is hijacked, friends and family of the victim get a message with an image link where they are taken to a fake YouTube site and told to download a browser ad-on so they can see a video. The link has malware and steals sensitive personal information, which then continues to spread itself to that victim’s friends and family.
Nonconsensual Image Sharing
If you have sent suggestive images to your romantic partner, you may not know that these images can be used against you in something known as ‘revenge’. After a breakup, your partner may decide to start sending your intimate images to someone you may not know, without your permission. You may have sent the images back and forth consensually with your partner and, while that doesn’t give them the right to share them, there is no getting those images back once they are out in the world.
Even if your ex or current partner would never share your personal images, it’s entirely possible for a hacker to get into your romantic partner’s online accounts. There, they may find and steal those photos and share them, again without your permission. This has happened to female celebrities; an Illinois man stole, then published, more than 500 celebrity images. He stole their login credentials using phishing attacks.
The images don’t have to be sexually explicit. Comedian Leslie Jones, who used to be a Saturday Night Live cast member, was hacked at one point. They stole her private information, including personal information and nude photos, and Jones’ private website was also compromised. Not sending or storing images of this type is the best way to avoid the nonconsensual sharing of intimate images.
Unsecured Public Wi-Fi
Going to study at your favorite coffee shop is always a good idea. What isn’t a good idea is to log into your personal accounts (like a bank account or online shopping account) on the coffee shop’s public Wi-Fi. Coffee shops and restaurants rely on public Wi-Fi, which doesn’t require that you use a personal password to get access.
Hackers virtually place themselves in the center, directly between you and the store’s Wi-Fi connection point. As a result, you aren’t just linking to your bank account. Instead, you’re linking through a hacker’s system and into your bank account. Once they have your passwords, they can easily log into your bank or your Amazon account long after you used the public Wi-Fi at the coffee shop.
You have a few options to protect yourself from this type of attack. The easiest is to avoid using public Wi-Fi to log into sensitive data. You can wait till you get home to access your bank or, if you really need to know how much money you have left or when that Amazon package might arrive, you can turn off Wi-Fi and log in using your data, which is much more difficult for hackers to intercept.
You could also use a virtual private network, or VPN. With this, all of your data is securely encrypted before it goes into the public network. Or you can use a secured public network, which may require you to login or register to use its services.
Be Aware of What You Put on Social Media
The best cautionary tip for online use is, “If you question whether it’s safe to do, it’s probably not safe.” That’s your instincts telling you, “Don’t do this!” and you might just want to pay attention.
You’ve probably seen social media posts that made you cringe and think, “Why did she do that?” If you just got some expensive new tech (laptop, Camera) or piece of bling, you probably shouldn’t share it online, publicly. For the same reasons, saying you aren’t at home may sounds like an invitation for someone to break into your dorm or home. Ranting about your job? Just don’t.
Change Your Passwords
If you work for your university on work-study, you may be made to change your password monthly. Yes, it’s a pain. And no, you shouldn’t have to change your password that often. First, it’s hard to remember a new password every month and that could actually make it even easier for someone to find your password written down on a sticky note. And there goes your office privacy.
You should only change your password:
- After a break-in on your account
- If you haven’t changed your password for more than 6 months
- After a security incident
- After you logged in from an unsecured or shared computer
Don’t Download Free Content
That new music comes at such a sweet price: It’s free! Hold on. Before you begin downloading it, remember that some sources of free content are crawling with malware. Malware, viruses, key loggers, and Trojan viruses. Once these vicious little bugs download themselves onto your hard drive, you are at high risk of losing everything you have stored including personal photos, passwords, and usernames. Torrent sites and those websites that enable direct downloads are especially risky. While the cyber-criminals who use them may be in a different country, they are just waiting to get into your accounts.
Don’t Store Payment Info on Websites or in Browsers
If you’ve heard about the huge security breaches on websites belonging to Target or other online retailers, you may know that millions of people had their credit card information stolen. In 2013, 40 million of Target’s customers had their credit card information compromised. Even worse, the theft took place from point-of-sale machines, not the store website.
Even the convenience of autofill is dangerous, though it might keep key loggers from getting to your information. If you have to use a credit or debit card, don’t save the numbers to the store’s site. Also, always keep in mind that using a credit card may be the safest option, as it’s easier to get your money back.
Software and Safety Options
One city accidentally placed private employee data on its Facebook page. Employees’ Social Security numbers were exposed for a few hours, leading to at least one employee receiving fraudulent data collection calls and credit card offers. Thanks to alert, opportunistic cyber thieves, this could happen to you, too. If your information is stolen or before it’s stolen, you can request credit monitoring of your bank account and any credit cards you may hold. If a company offers free credit monitoring to you after a data breach, accept it. While it isn’t money in your wallet, it will protect the money in your bank account from being stolen.
Those alerts reminding you of system updates are a royal pain, but they are necessary. It takes time to update your phone, computer, and/or tablet. However, it’s worth the time it takes. These updates correct existing flaws in the system, so that hackers who have figured out the current backdoors they can use to get at your data have to start all over again with a new patch. Therefore, you should always keep up with updates and try to back up your data frequently, as well. You can back your data up to an off-site service where your information will be encrypted and stored on well-protected servers.
Virus protection keeps malicious viruses from infecting your computer and stealing your information. Before continuing, what is a virus? It’s a bug or piece of code that is created to move from computer to computer (host to host). Computer viruses, like the viruses we get, can duplicate themselves.
Computer viruses work by changing how computers function. Some viruses have the ability to destroy your system or corrupt the data on your hard drive, while the really bad ones will first track everything you do on your computer first, like logging into your bank account, paying your bills, and ordering items off e-commerce sites. By installing antivirus software, you enable your computer to remove the infection from your computer hard drive. It’s worth the time to stay protected.
Tips for Keeping Your Data Safe
Don’t use Public Computers for Personal Information
If you have no choice but to use a public computer, you need to take several steps to protect yourself and your data.
- Assume that the antivirus protection on every public computer is out-of-date
- Don’t carry out any personal transactions on public computers. This includes passwords
Most later-generation smartphones have a “find my device” app available on the store or even pre-installed from the factory. If your device is lost, you can click on the “find my device” app. You’ll hear a tone that tells you where it is. If you still can’t find it, it will allow you to lock your phone or remotely erase all information.
Use Strong Passwords - and Don’t Reuse the Same One?
Include 12 characters when you create a new password: symbols, numbers, upper- and lower-case letters. Never use the same password for different accounts - hackers easily figure these out and will go through each of your accounts, changing them to their own passwords.
- Use Two-Factor Authentication
This method requires you to use two steps to get into your account. This adds extra protection to each account using two-factor authorization. Usually, you’ll enter a password, then you’ll be given a PIN on your phone via a text message. A hacker who hasn’t also stolen your personal devices won’t be able to access the PIN, which will keep them out of your other accounts.
- Keep an Eye on Your Accounts
Be watchful about all accounts and devices that connect to the internet. You may notice suspicious activity on your account: security settings have changed, you’re getting activity notifications you shouldn’t be getting, or you may see strange unauthorized activity on your bank account. These may be signs that a hacker has your password.
- Use Two-Factor Authentication
Be Aware of Scams
If you have signed up with a dating app, you may find a scammer (catfish) rather than finding love. Catfish scammers have tricked people out of millions of dollars - $143 million in 2018. The average loss is about $2,600; for people older than 70, the loss is about $10,000.
Use Those Privacy Settings
You may sometimes share more than you intend when you are on social media. After innocently posting to Facebook, you could become the victim of cyberbullying. Luckily, there are privacy settings for that . Facebook, Twitter, and Instagram all have settings that allow you to share only with your immediate friends or “friends of friends”. You can choose to use the tightest privacy settings available, or at least use ones that let you lock out those who are not a part of your group of friends and family.