Total Defense

Security & Safety Resource Center

Learn about today's current internet threats and how to stay safe and secure.

Security Tip of the Day

Daily tips to create awareness of cyber threats and empower Total Defense users to be safer and more secure online.

July 2021

Change your privacy settings on Spotify

Like many other account-based services, Spotify collects information about its listeners. It only collects relevant information, but if you want to have as much privacy as possible, you can update your privacy settings. For users of the free service, you can opt out of ads that are tailored to your preferences (users of the paid service do not receive ads at all). Any users can also refuse to grant Spotify access to their Facebook information.


Beware of macros in Microsoft Office documents

Macros are powerful, useful commands in Microsoft Word and Excel. Nevertheless, they can also be used to distribute ransomware. Consider restricting them from within the applications if you regularly receive a lot of documents and spreadsheets and aren’t certain of their safety.


To protect your identity limit what you share on social media

Social networks are enormous, highly searchable data storehouses. Given that, it’s typically a bad idea to post any personally identifiable information on them because you don’t know who might see it. Don’t ever share your address, birthday or Social Security number in any online public forum, whether Facebook, TikTok, Twitter or a message board.


Search for yourself online using operators

Doing a quick Google or Bing search of yourself can help you find out which of your personal information is publicly available. You may also be able to find out if any unauthorized people are using your name. By using operators, you can adjust your search to find out this information. Add an @ sign to the end of your first and last name to discover possible email addresses in your name. Add filetype:doc to the end of your first and last name to find documents that contain your name.


Use parental controls to limit the content your kids can view

If you are a parent, you might wish to limit your family’s access to certain apps or websites. Most major computing platforms have parental control features allowing you to do so. For example, you can disable specific programs for individual users, oversee a child’s device and/or require your express approval for any purchases.


Choose a VPN provider located in a country with strong privacy laws

VPN providers are all over the world, and you can use one from just about anywhere. For the most secure network, choose a VPN provider in a country with strong privacy laws. VPN providers that are located in countries with few, weak or nonexistent privacy laws may not be able to keep all of your data confidential.


In case your PC is ever lost or stolen when traveling, encrypt your hard drive

Losing your computer while traveling can be as bad as losing your wallet or purse, since it probably contains a lot of extractable personal information, including financial particulars. Disk encryption reduces this risk by making all data on your hard drive inaccessible to anyone without a specific key (password). You can try FileVault2 son macOS or BitLocker on Windows, but be sure to remember your key.


See what others can learn about your family on

Family history websites are a fun tool to learn about your family history. But anyone can search for anyone, and there might be information you don’t necessarily want available to the public, like names of close relatives or their places of birth. You can remove your family history from the website by clicking “opt out” on your listing, if you so choose.


Consider identity theft coverage in your medical insurance plan

If someone gets their hands on your social security number, they could use it to access your insurance plan and receive medical services, incurring debt in your name. Some insurance plans have identity theft coverage, so you won’t be held responsible for any of the costs or damage to your credit.


If your card gets declined, investigate the situation

If your card gets declined and there’s no reason it should have, there’s a chance someone has stolen your identity and is racking up debt under your name. Look into any outstanding bills to ensure they are all yours. To be extra cautious, freeze your credit temporarily while you investigate.


Enable notifications for credit or debit card purchases

It’s important to always look out for fraud on your credit or debit card purchases. Even if no one has stolen your physical card, there are ways they can use the number. If you don’t want to take the time to review your purchases frequently, you can instead opt for text or email notifications whenever a purchase is made. That will enable you to see fraud as soon as it happens and report it to your bank.


Remove mobile apps when you are finished

Many of us download apps for specific purposes, such as planning or a special event or vacation, and no longer need them afterwards, or we may have previously downloaded apps that are no longer useful or interesting to us. It’s a good security practice to delete all apps you no longer use.


Be wary of “free” VPN services

There are some VPN providers that claim their services are free, but be skeptical of these providers. Find out how they are able to make money. If that information is not available — and even if it is — it’s possible that the main source of their income is collecting and selling your personal information.


Limit who can see your journeys on Strava

Strava is a fitness app that tracks users’ runs or bike rides, with a social media twist. Users can connect with their friends through the app to see other athletes’ bike or run paths. Unless your privacy settings are updated to your liking, it’s possible that anyone can see where you are running or biking. To limit who can see your journeys:

  • Go to the Privacy Controls tab in the app.
  • Go to Activities.

Choose between Everyone, Followers, or Only You.


Only visit HTTPS websites if possible

HTTPS encrypts the data you exchange for websites that use it. On the other hand, HTTP sends that same information in plain text. Look out for a padlock in the URL bar of your browser to verify HTTPS. It’s best not to perform financial transactions such as e-commerce purchases over HTTP. You can use the HTTPS Everywhere Tool from the Electronic Frontier Foundation to safeguard the connection to every site you visit.


Personalize your YouTube ads

If your family shares a computer and you want to be able to control the types of ads your children or other family members see, you can personalize your ads in your YouTube settings. Otherwise, YouTube will try to show you targeted ads based on the data they collect about you and your family. To personalize your YouTube ads:

  • Go to your Google Account settings.
  • Go to Personal Info & Privacy.
  • Choose your ad preferences.

Find publicly available information about yourself on Pipl

Pipl is a website that finds public identity information. When you search for yourself on this website, Pipl’s identity resolution engine service collects whatever online information about you it can find and shows you what other people can see. Keep in mind there are several other sites that do this, too, and Pipl alone might not collect every bit of information out there.


Beware of mysterious links and attachments in emails

Ransomware encrypts your files and demands payment for their decryption. It can start with a malicious link or attachment targeting vulnerability in outdated software. Be sure not to click these items if you don’t recognize them and/or if they were flagged by your security software. Also, the FBI says you should never give in and pay the crooks, since they don’t guarantee safe return.


How to donate safely online

If you are thinking of donating online, be sure any charity you donate to is a legitimate non-profit organization and that you type the web address in a browser instead of following a link. Identify your charity. Online or offline never give to a charity that you don’t know anything about


Use Startpage for private browsing

When you use the internet for private purposes — whether you’re looking up directions from your home or making purchases — you may want to use a browser that keeps all of your information private. Startpage is a great option because it never saves or shares any of your information, and it does not allow trackers or cookies.


Don’t recycle passwords, use a unique password for every account

Reusing the same password across accounts means that if it’s stolen even once, everything from your personal email to your Facebook could be hijacked. Also, the most frequently reused passwords are easily guessed, such as “password” and “123456.” Use a password manager to produce and securely store strong, unique passwords for every login.


Use system restore points as insurance against issues

If your computer starts slowing down and doesn’t respond to reboots, it could be time to return it to a system restore point. System restore functionality is native to both macOS and Windows. If enabled, it allows you to completely reset your operating system to a backup first created when all was still acting correctly.


Cancel microphone access for apps you aren’t using

Have you ever questioned if someone was secretly eavesdropping on your conversations? Many mobile apps, including hundreds of popular games, do exactly that, by scanning for ambient audio cues to better target their advertisements. For your own privacy, think about restricting microphone access for such applications unless you’re actively using it in them.


Download a copy of your personal data from Spotify

Spotify only collects relevant personal data, but if you are interested in seeing what they collect, you can request a ZIP file containing what they’ve collected. You can download this file on the Privacy Section of your account page. If you have a more specific request, you can email [email protected]


Learn all of the information you can collect on yourself with OSINT Framework

If you want to see how much of your personal information is publicly available, it might seem like there are an infinite number of sources you have to search. Conducting this research is called Open Source Intelligence (OSINT), and there is a resource that provides a number of services for collecting online information called OSINT Framework. Some of these services cost money, but some are free.


Be sure to install and update antivirus software

All of your computers and mobile devices should be equipped with antivirus software, firewalls, web filters, and antispyware. Your software should be updated regularly; out-of-date security software offers no defense against the latest threats. Set up automatic updates or at minimum manually apply each upgrade. Be sure this security software is operational when you download something or use an unfamiliar, possibly unsafe Internet connection like public Wi-Fi.


Review the company’s privacy policy before creating an account

When you make an account with an organization, they will begin collecting some of your information to better understand your spending habits as well as their client base as a whole. It’s normal for a company to collect information on purchase history as well as some demographic information, like age. The data that a company collects should be listed in their privacy policy. If you see anything listed that you aren’t comfortable with, don’t create an account with that company.