Recently a friend reached out to me for some advice on behalf of his girlfriend.
Long story short: She is at the tail end of a bitter divorce and her ex used some unscrupulous tricks to try and remain in control and involved, including gaining access to her email, social media, etc.
As I went through a laundry-list of suggestions it struck me that most of them were items I've written about here, however they may have lacked context. This is a real-world example of where you need to take control of your digital presence.
1) Have your computer(s), tablet(s), and smartphone all checked for remote control or logging software by a reputable source. If you suspect someone is accessing your devices remotely you need to take action. In this case the woman used Geeksquad to look around and they found some remote-access software that needed to be removed.
2) Set up 2-factor authentication for all the accounts you can. This includes gmail, facebook, etc. Using 2-factor authentication means that even if someone guesses your password they still can't get in to your accounts.
3) Change ALL your passwords. Every single one. This means more than just your online accounts, change your wifi password at home, change the admin password on your home router, change the unlock code on your phone. Change them all to complex passwords, and don't use the same password twice. If you're worried about remembering them all see item 4...
4) Use a password manager. A password manager will securely keep track of all your passwords. The good ones will also sync across all your devices and offer to make new secure passwords for new sites/services you sign up for.
Personally I like Encryptr, it's secure, free, and syncs across all devices using the internet. There are others like Dashlane or Lastpass that you can use, however they tend to be subscription-based.
5) Lock down your privacy settings in Facebook. A surprising number of people have their Facebook pages open to be viewed by the whole world. There are a number of reasons this is a bad idea, including potential employers being able to view personal information you'd rather not share.
In this case it means her ex could easily create a fake account and use it to keep track of her posts. Lock down your posts so they are only viewable by your friends, and review who is in your friend list. Reviewing your friend list should be an annual exercise.
6) Set up a free Protonmail account for communicating with your lawyer/accountant/doctor etc. Personally I believe everyone should do this regardless, why have sensitive information like your taxes etc traverse the internet unencrypted? For this situation it allows her to communicate safely with these professions regarding her divorce, finances, etc.
7) Install or update your anti-virus software. I've spoken with a lot of people who "used to" have anti-virus software and either uninstalled it when it expired, or just left an old version running indefinitely because they didn't want to pay for new software.
Do yourself a favour, get new anti-virus software, preferably one that auto-updates itself. I recommend Sophos Home edition to friends and family, it will protect up to 10 devices (PC or Mac) per account, and it's absolutely free. you can get it at home.sophos.com
8) Start using Signal Messenger by Open Whisper Systems. It can handle all your texting. If you are sending a message to another Signal user the messages look and feel like texts, but are end-to-end encrypted.
You also have the option of calling other Signal users through the app, and the voice conversation is also end-to-end encrypted. (It might annoy CSIS or the NSA, but it prevents any digital eavesdropping)
Lastly, don't be afraid to report unauthorized access to the authorities. In most places remotely accessing your hardware or accounts without your permission is illegal, and law enforcement may be able to help.
It can feel overwhelming if someone more digitally savvy than you whom you previously trusted abuses that trust, but you can take control.
Stay safe and happy surfing!
-The Home Geek
No comments:
Post a Comment