If you use two-factor authentication (2FA) to protect your logins, there’s still some risk if the 2FA code is sent via SMS. YubiKey (a hardware authentication device) offers a safer alternative to text messages, in the form of a USB stick that must be physically plugged into your Mac/PC during login. It’s already compatible with […]

If you want to give someone on a message board or social network you email address, it’s best to send it to them via a private message. Alternatively, you can type out the address, substituting actual words for the “@” and “.” symbols. These techniques protect you from having your email captured by automatic scanners […]

Unsubscribe buttons are useful for removing your email address from high-volume mailing lists, like those from political campaigns or big box stores. However, they can also be used against you by spammers: Clicking one of these buttons confirms your account is in active use and in some cases redirects to you a compromised webpage. Flagging […]

Flash is a holdover from a previous era of the web, when most traffic was from PCs. Mobile devices don’t even support it and there are now safer desktop alternatives, such as HTML5, for running certain browser apps. Consider uninstalling it to shield yourself from the many threats that exploit it.

Staying logged in to a website or app is convenient, but it creates some security risks. Attackers may be able to impersonate your session ID and hijack your account. Log out when you’re finished and use a password manager so it’s easy to log back in.

Before supplying any information online, consider the answers to the following questions: Do you trust the business? Is it an established organization with a credible reputation? Does the information on the site suggest that there is a concern for the privacy of user information? Is legitimate contact information provided? If you answered “No” to any […]