Five Steps To Prevent iMugging
Posted on September 1, 2013 by AAR
By Ron LaMee, senior vice president, Business Services and Technology, AAR
The sting of having an online account hacked or your identity stolen may not be physical, but it can still prove to be painfully inconvenient and even financially harmful for years to come. Don’t make it easy for bad people to hurt you! Here are five steps for protecting your business and personal life from iMugging.
1. Secure your email
The single most important thing you can do to protect yourself is create a very complex password for your main email account. Think about it. If you forget your Amazon.com or Chase or Facebook password, where do you have the reset sent? Your email account. If someone gains access to your email account because you have a lousy password, they can change passwords for every important online account you have in 15 minutes or less. Not only can they drain your accounts and rack up charges, but you’ll have the pain of manually resetting all those accounts. Use a strong password and reset it once in awhile (See the “It’s easy to be hard” password sidebar.)
2. Secure your phone and tablet
Is this you: “I love using my tablet and phone for email, because it’s fast and convenient—it’s always there without logging in!” If so, that means that if bad people grab your mobile device, they can log right into your email (See #1 above). Every mobile device allows you to set a PIN number or password every time you light up the screen. It’s a little less convenient, but using a device login screen can protect your email and all of your content from easy access. While you’re at it, make sure your laptop is also protected.
3. Review your privacy settings on social media
Facebook is great for connecting, but it isn’t your friend. You profile information and the information you share can give would-be iMuggers useful information about your whereabouts. Think twice about checking-in or posting that you’ll be out of town. Likewise about posting about a big purchase such as a new car or 100-inch TV. While this may be exciting to you, the bad guys see it as an opportunity to strike. If you must share this information, limit the amount of people who see it to just family and friends (real friends). You can do so by setting up different lists in Facebook and control who sees what information. A good tutorial is here. Do the same thing for Twitter, Foursquare, Yelp! and your other social accounts. Don’t link anything to your personal Facebook account and (for heaven’s sake!) don’t use your Facebook login as a shortcut to other accounts. For useful information about Facebook privacy, go to http://lifehacker.com/5813990/the-always-up+to+date-guide-to-managing-your-facebook-privacy
4. Get a password manager
Password managers are programs that help you collect all your passwords and keep them secure. You choose one really good master password, then all your other passwords are immediately available. Good password managers work across all platforms (Windows, Mac, iPad, iPhone, Android, etc.). I recommend RoboForm—check it out at http://www.aaronline.com/efficient-business-tools/roboform and take advantage of our special AAR-only member discount.
5. Use anti-virus software and patch everything
Was that two? Anyway, find anti-virus software of some kind, regardless of what device you use. Macs, iOS, and Android devices are vulnerable, too. There are good, free ones, but if you decide to pay for one, it’s worth the peace of mind. While you’re at it, make sure that every time MacOS, Windows, Firefox or another one of your programs offers you an update, do it. Read each step carefully and don’t accept installation of special “free” toolbars like Bing, Yahoo!, Ask, Google, eBay. None are worthwhile and can ruin performance.
Following these basic steps will go a long way to making you safer from iMugging.
It’s Easy To Be Hard: Making Good Passwords
If your password is strong, it’s probably hard to remember, so I’m going to show you how to make it easy. Most passwords must be longer than five characters, but apply this same technique in creating a longer password:
Begin with a phase you can remember: “Mary had a little lamb”. Take the first letters of each word: “Mhall”. Switch out with numbers and characters that resemble the letters: “m#@1L”.
Now, “Mary had a little lamb” is your reminder that your new password is “mh@1L”. Use a longer phrase for a more complex password and you have a password that’s hard to crack, but easy to remember. For more information, here is an interesting article: http://www.baekdal.com/insights/password-security-usability
In a recent poll, AAR Members answered the question:
“Do you password-protect your smartphone or tablet homescreen?”
59% said Yes, while 41% said No