Cyber security 101 courtesy of Wallet monkey:
First off, many people out there still think this isn’t important will scoff at this and ignore because they don’t think it applies to them and I am here to tell you that’s a big mistake. In 2024 alone I had one of my staff infect a computer with Maleware (losing years of data and footage as it was one of those pay X amount of bitcoin to get the key to unlock your files type deals) and a family member opened up a fake PDF file on their phones and scrapped two phones and a notebook from a compromised business contact (from a document they were expecting by the way).
The level of attack is getting way better each and everyday, we are way past the years of the Nigerian prince that wants to send you a million dollars if you only send him $5k first. Hackers are using these data leaks to map out your profile and life (this is called social engineering) to get a more complete picture of you and target you better.
And I haven’t even mentioned that because they have so much personal data now, ID theft is at all time highs (this is where people just assume your identity in order to process loans, credit cards, mortgages or anything to get their hands on money through destroying your life.
ID theft is hard to combat once its happened because of all the automated systems the banks, the credit bureaus etc are all using now, it boxes you out pretty hard from getting real help.
So let me lay out the basics.
Lock down ALL Credit Reports (3 main and second tier as well)
Setup ID theft alerts so you get notified
Have an anti-virus
Have firewall protection beyond windows/IOS
Use a VPN, even while working/doing basic browsing
Setup 2FA (at least) and I suggest to setup multiple backup options (also having a phone that is not setup to a data plan will help lower 2FA attacks)
Backup your life (move away from keeping everything on Google drive, create backups and separation so if someone did gain access to your gmail, they wouldn’t have your whole life)
Don’t click on dumbsht in your email accounts no matter who its from (USPS, Fedex, you won a giveaway, they hacked your site and pay them etc.)
If you get an email claiming they have access to a website/social media account of yours, immediately go visit the site in another browser/tab and make sure (if its your website do a maleware scan, check error logs and htaccess files immediately)
If you have questions make sure you reach out to your hosting support
Lastly, make sure you take backups of your site from time-to-time to ensure if your website gets taken down you can get it put back up
Always get confirmation on attachments people send you (even if you know them and are expecting it) because sometimes accounts can be taken over for a short period of time and in that window they can send you something that will infect your computer, so a quick check or phone call to confirm that is the file/attachment you were expecting won’t hurt.
Use more than 1 email account for your life (banks, crypto, social media)
Split between at least 2 email accounts, both different with different passwords, with Yubikeys backing them up and 2FA
Try to setup an email just for junk that you don’t really care about so you don’t mix that with a good email account
Move away from Gmails and Hotmails, into something like Protonmail and use the paid version (they also offer a full gdrive like suite now)
Use more than 1 phone number for your life (banks, crypto social media)
split between at least 2 phone numbers on your banking and important accounts
You may even want to keep one phone completely un-sim’d so you can’t get sim swapped
Don’t setup all bank accounts with same email and same phone, at least split 50/50 on 2 emails and 2 phones
Use Yubikey as a backup to your email accounts and any accounts that will let you
If you are too lazy to use something like Yubikeys, at least use google authenticator or some sort of pin system they either email or txt you.
If you are going to use something like Lastpass for your passwords, make sure your root password is strong and back that up with Yubikey
Also don’t put all your banking passwords on there, only 25-50% and memorize the passwords for the rest
Never use the same passwords ever
Switch up the username you use on accounts
Don’t use your personal email and phone on business checking/credit cards, make sure to use proper business email you setup and have yubikey backing up and business phone.
Keep email access tight among staff and family to limit risk
The whole concept here is simple, spread out the risk, which yes this adds complication and you will have to retrain your habits around your banking and business this way but its worth it in the long run.
Ok so what about protection layers beyond that?
On the ID theft front many banks now offer this, Credit Karma and Wallet Hub do, as well as credit cards like Discover offers both a free and paid one.
For removing your life back off the internet from 3rd party data brokers (just google yourself to see what I mean), you can use Aura, Deleteme or Incogni (I would suggest to use multiple from this list to ensure you’re removing your personal data from google search results completely).
Its a bit of a fire hose if this is your first look at cyber security and protecting yourself, but its not terribly hard to layer in new habits and change up how you currently have things stacked in your life, just make sure to either write down all the changes or go through it enough times so you memorize your new system and process vs the old one.
blissfulsats / Blissful Sats
npub1sq…jusy9
2024-10-30 21:56:16
Author Public Key
npub1sqx9cz3kfzq9vhhn7h3wy69wz5q5phkvmsh927esj4u00kjfl8rqrjusy9Published at
2024-10-30 21:56:16Event JSON
{
"id": "fbe70b08a97309b0b6dbab7bd426902962881863f8e22dfc55b4690dc9220728",
"pubkey": "800c5c0a364880565ef3f5e2e268ae150140deccdc2e557b309578f7da49f9c6",
"created_at": 1730325376,
"kind": 1,
"tags": [],
"content": "Cyber security 101 courtesy of Wallet monkey:\n\nFirst off, many people out there still think this isn’t important will scoff at this and ignore because they don’t think it applies to them and I am here to tell you that’s a big mistake. In 2024 alone I had one of my staff infect a computer with Maleware (losing years of data and footage as it was one of those pay X amount of bitcoin to get the key to unlock your files type deals) and a family member opened up a fake PDF file on their phones and scrapped two phones and a notebook from a compromised business contact (from a document they were expecting by the way).\n\nThe level of attack is getting way better each and everyday, we are way past the years of the Nigerian prince that wants to send you a million dollars if you only send him $5k first. Hackers are using these data leaks to map out your profile and life (this is called social engineering) to get a more complete picture of you and target you better.\n\nAnd I haven’t even mentioned that because they have so much personal data now, ID theft is at all time highs (this is where people just assume your identity in order to process loans, credit cards, mortgages or anything to get their hands on money through destroying your life.\n\nID theft is hard to combat once its happened because of all the automated systems the banks, the credit bureaus etc are all using now, it boxes you out pretty hard from getting real help.\n\nSo let me lay out the basics.\n\nLock down ALL Credit Reports (3 main and second tier as well)\nSetup ID theft alerts so you get notified\nHave an anti-virus\nHave firewall protection beyond windows/IOS\nUse a VPN, even while working/doing basic browsing\nSetup 2FA (at least) and I suggest to setup multiple backup options (also having a phone that is not setup to a data plan will help lower 2FA attacks)\nBackup your life (move away from keeping everything on Google drive, create backups and separation so if someone did gain access to your gmail, they wouldn’t have your whole life)\nDon’t click on dumbsht in your email accounts no matter who its from (USPS, Fedex, you won a giveaway, they hacked your site and pay them etc.)\nIf you get an email claiming they have access to a website/social media account of yours, immediately go visit the site in another browser/tab and make sure (if its your website do a maleware scan, check error logs and htaccess files immediately)\nIf you have questions make sure you reach out to your hosting support\nLastly, make sure you take backups of your site from time-to-time to ensure if your website gets taken down you can get it put back up\nAlways get confirmation on attachments people send you (even if you know them and are expecting it) because sometimes accounts can be taken over for a short period of time and in that window they can send you something that will infect your computer, so a quick check or phone call to confirm that is the file/attachment you were expecting won’t hurt.\nUse more than 1 email account for your life (banks, crypto, social media)\nSplit between at least 2 email accounts, both different with different passwords, with Yubikeys backing them up and 2FA\nTry to setup an email just for junk that you don’t really care about so you don’t mix that with a good email account\nMove away from Gmails and Hotmails, into something like Protonmail and use the paid version (they also offer a full gdrive like suite now)\nUse more than 1 phone number for your life (banks, crypto social media)\nsplit between at least 2 phone numbers on your banking and important accounts\nYou may even want to keep one phone completely un-sim’d so you can’t get sim swapped\nDon’t setup all bank accounts with same email and same phone, at least split 50/50 on 2 emails and 2 phones\nUse Yubikey as a backup to your email accounts and any accounts that will let you\nIf you are too lazy to use something like Yubikeys, at least use google authenticator or some sort of pin system they either email or txt you.\nIf you are going to use something like Lastpass for your passwords, make sure your root password is strong and back that up with Yubikey\nAlso don’t put all your banking passwords on there, only 25-50% and memorize the passwords for the rest\nNever use the same passwords ever\nSwitch up the username you use on accounts\nDon’t use your personal email and phone on business checking/credit cards, make sure to use proper business email you setup and have yubikey backing up and business phone.\nKeep email access tight among staff and family to limit risk\nThe whole concept here is simple, spread out the risk, which yes this adds complication and you will have to retrain your habits around your banking and business this way but its worth it in the long run.\n\nOk so what about protection layers beyond that?\n\nOn the ID theft front many banks now offer this, Credit Karma and Wallet Hub do, as well as credit cards like Discover offers both a free and paid one.\n\nFor removing your life back off the internet from 3rd party data brokers (just google yourself to see what I mean), you can use Aura, Deleteme or Incogni (I would suggest to use multiple from this list to ensure you’re removing your personal data from google search results completely).\n\nIts a bit of a fire hose if this is your first look at cyber security and protecting yourself, but its not terribly hard to layer in new habits and change up how you currently have things stacked in your life, just make sure to either write down all the changes or go through it enough times so you memorize your new system and process vs the old one.",
"sig": "e15a645da62fc3c302b7e4298e283ac80e8e9de71b84923a2bcebbf12d03f4f3fbb619464c14fa55c17c9a9ffdf2be94f818625283d49dadac0554a1d3fcc8d6"
}