Total Defense

Security & Safety Resource Center

Learn about today's current internet threats and how to stay safe and secure.

Security Tip of the Day

Daily tips to create awareness of cyber threats and empower Total Defense users to be safer and more secure online.

May 2021

Require additional information to reset your Twitter password

If your email address or phone is compromised, a hacker might attempt to access your Twitter account by resetting your password. In order to catch any attempts to do this, you should set additional requirements for requesting a password reset. You can set up your account so that you have to enter a code sent to both your phone and your email instead of one or the other, which adds a layer of security. To do this:

  • Go to your account.
  • Check the box next to Password Reset Protection under Security.
  • Add your email address and phone number.


Choose a unique email address

Your choice of email addresses may affect the amount of spam you receive. Spammers send out millions of messages to probable name combinations at large ISPs and email services, hoping to find a valid address. Thus, a common name such as jdoe may get more spam than a more unique name like g28r03k9. Of course, there is a downside – it’s harder to remember an unusual email address.


Use your Alexa voice remote and mute the microphone on the Alexa device

Alexa devices only store relevant information, but if you would like to make sure it only records you when you speak specifically to it, you can turn off the microphone and only talk to it through the voice remote, which comes with the device. To turn off the microphone, just push the mute button on the device. To use the voice remote, press and hold the talk button until you hear the sound, and then give your command.


Beware of phishing scams related to the COVID-19 vaccine

The Federal Trade Commission (FTC) recently warned about potential scams related to the coronavirus. Now that vaccines are being rolled out and people are waiting their turns, scammers may contact people and tell them that they can sign up for a vaccine by providing personal information. Research where vaccines are being offered in your area and sign up through their website, not an organization you’ve never heard of.


Check privacy policies and uncheck boxes

Check the privacy policy before you submit your email address to a website. See if it allows the company to sell your email to others. You might decide not to submit your email address to websites that won’t protect it.

When submitting your email address to a website, look for pre-checked boxes that sign you up for email updates from the company and its partners. Some websites allow you to opt out of receiving these mass emails.


Don’t ever give out your DoorDash password

DoorDash tells its customers, “No one from DoorDash will ever request your password or security code, nor will anyone from DoorDash ever give you a specific password you should use.” A scammer may try to steal your personal information by sending a text message or calling and pretending to be Support. They may even know information about your most recent order to make the attempt sound more convincing. If they ask for your password or any personal information, don’t give it to them — it’s a scam.


Utilize a kill switch with your virtual private network (VPN)

If your VPN malfunctions, you will be automatically connected to your regular internet network. With a kill switch enabled, preselected programs will automatically quit so that you do not end up using personal accounts on a less secure network. Make sure to preselect all of the accounts that contain private information, like your bank account.


What is “Do Not Track”?

Do Not Track is a setting in most internet browsers that allows you to express your preference not to be tracked across the web. Turning on Do Not Track through your web browser sends a signal to every website you visit that you don’t want to be tracked from site to site. Companies then know your preference. If they have committed to respect your Do Not Track preference, they are legally required to do so. However, many tracking companies today have not committed to honoring users’ Do Not Track preferences.


How does tracking in mobile apps occur?

When you access mobile applications, companies don’t have access to traditional browser cookies to track you over time. Instead, third party advertising and analytics companies use device identifiers — such as Apple iOS’s Identifiers for Advertisers (“IDFA”) and Google Android’s Advertising ID — to monitor the different applications used on a particular device.


Disable Universal Plug and Play (UPnP)

UPnP is what allows your devices to recognize each other because they are on the same network. For example, if you buy a new printer and connect it to your Wi-Fi, it might recognize your computer automatically. While UPnP is convenient, it makes it less complicated for hackers to access your accounts. You can turn off UPnP on your router.


If you forget to log out of Facebook, do so remotely

If you forget to sign out of your Facebook profile from a public or shared computer, you can and should do so remotely to ensure that your account is secure. To do this:

  • Log into Facebook on another device.
  • Go to Security and Login Settings.
  • Go to Where You’re Logged In.
  • Find the session you want to end.
  • Click the three dots next to the listing.
  • Click Log Out.

What is device fingerprinting?

Device fingerprinting can track devices over time, based on your browser’s configurations and settings. Because each browser is unique, device fingerprinting can identify your device, without using cookies. Since device fingerprinting uses the characteristics of your browser configuration to track you, deleting cookies won’t help. Device fingerprinting technologies are evolving and can be used to track you on all kinds of internet-connected devices that have browsers, such as smart phones, tablets, laptop and desktop computers.


Be wary of of P2P websites

Peer-to-peer (P2P) websites are fraught with risk. To share files, like games and music, through a peer-to-peer (P2P) network, you download software that connects your computer to other computers running the same software – sometimes giving access to millions of computers at a time. This has a number of risks. You could mistakenly download malware, pirated or copyrighted material, or pornography, or allow strangers to access and share your personal files. Best not to visit P2P sites to begin with.


Use a no-log virtual private network (VPN)

When searching for a VPN, be sure to look at the company’s terms of service to ensure it’s a no-log VPN. This means the network will not save any of your personal information. You remain anonymous, even to the VPN provider. This ensures that even if someone is able to hack into your network, there won’t be much data available to them.


Use a privacy screen for your laptop while traveling

If you need to use your laptop in a crowded place, as airplanes and airports can be, you could be in very close proximity to other people. Privacy screens make it difficult for people to decipher what’s shown on the computer unless they are looking at it from directly in front and at very close range.


Use a few email accounts

Having multiple email accounts can be beneficial to your cybersecurity, though it may appear like more trouble than it’s worth. A system like this lets you avoid giving out your personal email to email newsletters and marketing campaigns, which can reduce the risk of phishing and limit the volume of spam might receive.


Use Whois to look up vendors

If you decide to shop from an e-commerce website you’re unfamiliar with, it’s important to take precautions to ensure that it’s a legitimate business. One way you can do this is by looking up the domain name on Whois, which will tell you who owns the domain name or IP address as well as the registrar through which it was purchased.