PRIVACY & SECURITY

Tips for privacy and security.

CONTENT

E-BANKING

It is important that you adopt the right reflexes to protect all of your confidential banking data, in particular the access codes to your e-banking platform and the codes of your bank cards.

1. Never access your e-banking platform by clicking on a link, shortcut or favorite.

- Always enter “the adress” in the browser and check for the presence of the padlock or the words “https://” in front of the address.

2. Be wary of links presented to you to carry out a financial transaction (pay, receive funds, etc.) with a card, TWINT, your e-banking or another means of payment.

3. Attacks from scammers can...

- Go through all channels, electronic (e-mail, SMS, messaging, classified ads site, social networks, etc.) or traditional (telephone, etc.).

- Be hidden behind a message or a contact appearing to come – with name and logo – from your bank, IT support, the police or justice, a package delivery service, or another service provider, or even a known person.

- Put forward various pretexts: alert to false IT support, activation of a new security device, transaction on a classified ads site, costs for receiving a package, etc.

4. Never give out your access codes.

- A bank advisor, employee or employee will never ask you for these codes (e-banking or cards). They are reserved for access to bank services or for your transactions, for your exclusive use.

5. Stay attentive when browsing the internet.

- Be careful with attachments: they may contain malware (malicious software).

- Beware of malicious links, which can be found in an email, a chat, an SMS, an instant messaging conversation or a website.

- A name or logo can be usurped: always check the consistency between the signatures, the address of the issuer and the links.

6. Keep your computer's operating system, antivirus, and software up to date.

-Never install software that allows a third party to take control of your computer, even if they claim it is to help you.

7. If in doubt, call your bank immediately. Outside of opening hours, you can have your accounts blocked.

- If you have allowed access to your computer, turn it off immediately, disable the internet connection and, when you turn the computer back on, immediately scan the entire hard drive with an antivirus.

FRONT-ENDS

Save yourself from ads and tracking with privacy-friendly alternatives and front-ends through Farside.

PRIVACY-PRESERVING SEARCH ENGINES

Brave Search A privacy-preserving search engine based in the US. Search results are based on its own index. DuckDuckGo A privacy-preserving search engine based in the US. Search results are mainly based on Bing. eTools.ch A privacy-preserving meta-search engine based in Switzerland. MetaGer A privacy-preserving meta-search engine based in Germany. Search results are based on the index of other search engines and their own. Startpage A privacy-preserving search engine based in the Netherlands. Search results are mainly based on Google.

AVOID TRACKING FROM APPLE AND MICROSOFT

If you value your privacy, you should seriously consider switching to Linux.

Personal Opinion: If you use your computer to browse the internet, check email, play games, perform office tasks, write, in fact anything that doesn't involve proprietary software like Abobe (there is alternatives), there is no reason not to move to GNU/Linux. Linux does all this in a "cleaner", private and secure environment, it's so much better! Give a try!

IDENTIFY PHISHING EMAILS

Quick tips for spotting phishing emails.

Unexpected Requests:

Be cautious of emails asking for personal information.

Urgency Tactics:

Phishers often create a false sense of urgency.

Check URLs:

Ensure links match the sender’s domain.

Look for Errors:

Authentic emails are professionally written, and free of errors.

Verify Sender’s Address:

Genuine emails only come from official domains.


STAY PROTECTED

· Double-check the sender’s email addresses.

· Avoid clicking on suspicious links or downloading unknown attachments.

· Keep your antivirus software updated.

· Keep your account secure by enabling two-factor authentication.


source: pCloud

WHAT MAKES A STRONG PASSWORD

Here are some key factors in password entropy:

  1. Length: Aim for at least 12 to 15 characters. Longer passwords are generally stronger.
  2. Complexity: Use a mix of letters (both uppercase and lowercase), numbers, and symbols.
  3. Avoid predictability: Don’t use easily guessed passwords like “123456”, “password”, or “qwerty”.
  4. Avoid personal information like birthdays, names of your pets or loved ones, or anniversaries.
  5. Uniqueness: Each of your accounts should have its own distinct password. If you reuse a password across multiple services, then a data breach on one service can result in hackers gaining access to all the other services secured with the same password.

source: Proton

MOBILE DEVICE BEST PRACTICES

Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.

source: National Security Agency (NSA)'s mobile device best practices guide

AVOID

DO

DO NOT

DISABLE

WI-FI

DO NOT connect to public Wi-Fi networks. Disable Wi-Fi when unneeded. Delete unused Wi-Fi networks.

APPLICATIONS

Install a minimal number of applications and only ones from official application stores. Be cautious of the personal data entered into applications. Close applications when not using.

TEXT MESSAGES

DO NOT have sensitive conversations on personal devices, even if you think the content is generic.

POP-UPS

Unexpected pop-ups like this are usually malicious. If one appears, forcibly close all applications (i.e., iPhone®2: double tap the Home button* or Android®3: click “recent apps” soft key).

CONTROL

Maintain physical control of the device. Avoid connecting to unknown removable media.

TRUSTED ACCESSORIES

Only use original charging cords orcharging accessories purchasedfrom a trusted manufacturer. DO NOTuse public USB charging stations.Never connect personal devices togovernment computers, whether viaphysical connection, Wi-Fi,or Bluetooth®.

CASE

Consider using a protective case that drowns the microphone to block room audio (hot-miking attack). Cover the camera when not using.

PASSWORDS

Use strong lock-screen pins/passwords: a 6-digit PIN is sufficient if the device wipes itself after 10 incorrect password attempts. Set the device to lock automatically after 5 minutes.

BIOMETRICS

Consider using biometric authentication for convenience when protecting data of minimal sensitivity.

SOFTWARE UPDATES

Update the device software and applications as soon as possible.

CONVERSATIONS

DO NOT have sensitive conversations in the vicinity of mobile devices not configured to handle secure voice.

ATTACHMENTS/LINKS

DO NOT open unknown email attachments and links. Even legitimate senders can pass on malicious content accidentally or as a result of being compromised or impersonated by a malicious actor.

MODIFY

DO NOT jailbreak or root the device.

BLUETOOTH

Disable Bluetooth® when you are not using it. Airplane mode does not always disable Bluetooth®.

LOCATION

Disable location services when not needed. DO NOT bring the device with you to sensitive locations.

POWER

Power the device off and on weekly.

USE YOUTUBE WITHOUT YOUTUBE

If you want a privacy-friendly front-end alternative to Youtube, replace www.youtube.com by farside.link/invidious in the URL, or copy and past the link in freetube.

YOUTUBE CHANNELS

These Youtube channels talk about Privacy.

The links below direct you on Youtube! If you want a privacy-friendly front-end alternative, replace www.youtube.com by farside.link/invidious in the URL, or copy and past the link in freetube.