Much of our lives is conducted online these days, and many consumers are taking full advantage. If a major shopping or financial site we use suffers a data breach, there's not much we can do about it except change our password or get a new credit card. While some breaches are out of our hands, there are some steps we can take to be more secure online:
Avoid using your work email address to sign up for an external site. If you’ve signed up for an external website using your work email address and/or password and the site has suffered a data breach, hackers will use those credentials to try and access your work account and will use them against other popular websites, or they may attempt to phish or compromise you. Only use your work email address for work-related websites, benefits providers or vendors.
Keep an eye on personal information. Check on haveibeenpwned.com to see if your information has been compromised in a data breach. If so, immediately change the password for that email on the breached site, and any other websites where you’ve used the same username and password.
Keep your passwords secure and up to date by regularly checking them to ensure they are not being used on multiple websites or applications. Password managers like 1 Password can do this automatically. Create strong and unique passwords by using combinations of letters, numbers and symbols or using a passphrase instead of just a word.
Use different and difficult-to-guess passwords across external websites. In the event that your credentials are compromised, having a different password for each application or website you use can prevent a fraudster from successfully logging into any of your other accounts, even if the username is the same.
Keeping multiple passwords can seem complicated, but there are ways to keep track of them, like Google Password Manager. It will allow you to see, change, or remove passwords you saved using your Google Account. On iOS devices, Apple offers iCloud Keychain to keep passwords and sensitive information secure. For the whole family, you can also consider using one of the many password managers available for download.
Consider using unique aliases to manage email better. Apple’s iCloud permits users to create email aliases so that they can understand where unwanted messages come from. Google’s Gmail has similar functionality wherein a user can add a plus sign to the email address and still receive the email. For example, you can create an email address like email@example.com to sign up for a newsletter. That allows you to create rules on how the message is handled, but also know that any attempts to sign into other accounts using those credentials will fail.
To learn more about how you can protect yourself, visit telus.com/security as well as some helpful resources here.