With social isolation sweeping the nation, businesses are rapidly switching to remote operations. Now more than ever before, we’re all using personal and company devices and new apps to work from home, triggering privacy concerns from IT pros and end users themselves.
But how do you know you’re truly safeguarded when using your work device remotely? How about when using your own personal computer, tablet, or smartphone?
Unfortunately, without proper precautions, cyber privacy can be easily violated. That’s why Kevin joined Dr. Phil— to discuss simple ways to improve your personal cyber security and privacy— and today, their chat is reaching new heights of relevancy.
In the interview, Kevin cautions everyday users to be on the lookout for:
One of the most common tactics bad actors use to hack into your system is social engineering. A cybercriminal can easily acquire information about you online— say, from your social media channels or other public websites available to the general public— and they use this knowledge to trick you into gaining access to money or data.
Commonly, these malicious actors will target you via email, imitating an important figure like your boss. “They’ll have a good pretext, a good story that makes sense,” Kevin explains on the talk show. For instance, ‘your boss’ may tell you they’re in a meeting and not to bother them, but they need you to immediately transfer a large sum of money from their account to this routing number. You agree to cooperate, Kevin explains, trusting the lookalike email address is really your boss and fearing repercussions for not following orders.
In other instances, unsuspecting employees may follow instructions in these malicious emails and “agree to type something in their computer,” Kevin shares, or, “install some software, put in their username and password, and do the action that allows (the bad guy) to gain control of their computer.” In a matter of seconds, your device is compromised.
Kevin goes on to explain some important ways to protect yourself from these attacks, such as thinking before you click, connecting to a VPN, and more— all on Dr. Phil’s show. Tune in, or protect yourself from social engineering attempts by reading this article.
It’s easier than you may think to crack passwords these days, especially if you have poor password hygiene and use passwords that are easily guessable. Bad actors can potentially intercept your hashed password on your local network and crack that hash offline.
“And unfortunately,” Kevin explains on the talk show, “people have the tendency to use the same password on a bunch of different sites. Or, they might change it up with a number at the end. Usually, you can identify a person's pattern.” From there, these cybercriminals leak your private information on aggregated websites like dehashed.com, where other bad actors can purchase breached data dumps.
“And from these data breaches,” Kevin continues, “they either create phishing attacks like we just discussed, (saying) ‘Hey, I know your password. We've been watching you through your webcam; we're gonna publish all these videos to Facebook unless you pay us five grand,’ or they actually use those usernames and passwords to try to hack your email.”
A few ways you can protect yourself from poor password management are to start using a password manager or enabling multi-factor authentication, all discussed during Kevin’s chat with Dr. Phil.
Bad actors are also invading your privacy by seizing control of your device’s webcam and spying on your conversations and interactions. “If your computer's infected with malicious software,” Kevin explains on the talk show, “and a hacker was able to get malicious software on your computer, they could absolutely turn on your webcam.”
From there, they can record conversations or watch in live time what you’re saying and doing. This is an easy way for them to get the information they need to blackmail you for money, or to retrieve other information to use against you. One shocking story Kevin shares on Dr. Phil is about a high school in the midwest that was using school laptops to spy on students outside of class. The school called a student in for ‘doing drugs’ in his bedroom while not even using the device— really, he was just eating Jolly Ranchers— and “the school got in a bunch of hot water, because here a school that you trust is monitoring their students in their bedrooms!”
You might be wondering, “won’t I see my webcam is lit up and on?” Kevin explains, “it's much harder to turn on your webcam and not have the light show. It's definitely possible, but much more difficult.” To play it safe, increase your webcam privacy by putting a piece of tape over it when not using, Kevin recommends. For a more permanent solution, you can purchase a small flip cover for your laptop webcam.
During this extended period of working-from-home, it’s imperative to look out for Internet-related threats. More remote workers are connecting to public WiFi networks— or even home networks.
Kevin cautions against connecting to any unknown WiFi networks, as they could be insecure. As a personal user, he suggests buying a hotspot or adding a hotspot plan onto your current phone service with T-Mobile, Verizon, AT&T, etc. “The downside of that is cost,” Kevin acknowledges on Dr. Phil. “If you're using a lot of data, (say) you're watching a lot of movies, it's better to use public WiFi, because it's essentially free. And if you use your data, it's going to cost you money.” But for anything personal like accessing bank accounts, logging into personal drives, etc., it’s always better to use a hotspot or VPN.
“VPN stands for virtual private network,” Kevin explains, “and when you use a VPN you're using a secure network. (Say) you're at a hotel, you're at the airport, you're on the street, you're at your favorite coffee shop or restaurant and you hook up to the WiFi, the first thing you should do is connect to a VPN service.”
“One thing that people should consider when they're signing up for these services is to use a VPN provider that's trusted,” Kevin recommends. “Why? Because you're trusting them with your network connection. So you want to look at the reviews: are they over four-star reviews? Do they have at least, you know, 30,000 reviews? That way, you're using a provider that has a good reputation, because you certainly don't want to be using a VPN in Russia.”
Have you noticed a lot of advertisements on your devices lately? On the talk show, Dr. Phil mentions how he discussed an off-topic subject while playing tennis, and “by the time we finished playing, two people had ads popping up on their smartphones about that subject matter.”
Kevin says that many smart devices make up the Internet of Things (IOT), or devices that are always listening to send and receive data. Devices like the Amazon Echo are “listening for your voice to turn off the light, open the garage,” etc. Kevin cautions against enabling smart IOT devices that are always listening— like Siri on Apple products or integrations with smart refrigerators or household devices— to avoid spammy ads and promote greater privacy. He even shares how he watches what he says while driving his Tesla.
As for ways to protect yourself? Kevin shares how, “anybody could download a TOR browser. The whole idea of the TOR browser is to be able to surf the Internet without revealing your identity or your real IP addresses.” “Personally, I just use an adblocker. I get emails, but none of this garbage gets onto my screen because I just use an adblocker app to bypass it all.”
If you watched the talk show or discovered a few interesting takeaways from this article, you’ll absolutely find value in Kevin Mitnick’s newsletter. Join our mailing list to stay in-the-know on cyber threats from the world’s most famous hacker and his Global Ghost Team.