By Lisa Eadicicco
AP/Jerry LaiIf we've learned anything about cyber security in 2014, it's that hackers are becoming more of a threat than ever before.
Within the past two months companies such as Microsoft, AOL, and eBay have been the victim of security breaches.
And let's not forget about the Heartbleed bug — a giant vulnerability that was discovered within an encryption protocol that guards a massive chunk of the internet.
If you've been laid back about your online habits, now might be a great time to change your ways.
Here are some tips to help prevent your digital life from being stolen, whether it be a password breach or an internet-wide vulnerability.
Make sure you've got a superstrong, unique password. In other words, ensure that your password is difficult to guess. One way to come up with a creative password is to brainstorm a random sentence. Take the first letter of each word in that sentence and use that acronym as the base for your password.
Don't use the same password for multiple services. Using the same term for all of your passwords leaves your entire digital life vulnerable to attack. This means that if a hacker has one password, he or she has all of your passwords.
Enable two-factor authentication. Many services, including Google, offer two-factor authentication for logging into your account. Instead of simply entering a username and password to log in, the website will prompt you to enter a code sent to your smartphone to verify your identity.
Apply software updates when necessary. Apple, Google, and Microsoft typically include security bug fixes and patches in their most recent software updates. So don't ignore those annoying prompts and keep your software up-to-date.
Carefully read the permissions before installing apps. This is one of the most prominent ways in which malicious apps can gain access to your personal information. These types of issues have been especially present in the Google Play store. A lot of apps ask for a lengthy list of permissions, and that doesn't mean they're all ill-intentioned. But it's important to be aware of the types of information your apps are accessing, which can include your contacts, location, and even your phone's camera.Check the app publisher before installing. There have been numerous instances in which scammers have published apps in the Google Play store posing as another popular app. For example, in late 2012 an illegitimate developer posted an imposter app in Google Play pretending to be "Temple Run." A quick look at the publisher shows that the app comes from a developer named "apkdeveloper," not the game's true publisher Imangi Studios.
Avoid inserting hard drives and thumbdrives you don't trust into your computer. If you find a random USB stick, don't let your curiosity tempt you to plug it in. Someone could have loaded malware onto it hoping that an interested person was careless enough to insert it into their device. If you don't trust the source, you're better off not putting your computer at risk.
Make sure a website is secure before you enter personal information. Look for the little padlock symbol in front of the web address in the URL bar. Also, make sure the web address starts with the prefix https://. If these things aren't there, then the network isn't secure and you shouldn't enter any data you wouldn't want made public.
Don't send personal data via email. Sending critical information such as credit card numbers or bank account numbers puts it at risk of being intercepted by hackers or cyber attacks.
Keep an eye out for phishing scams. A phishing scam is an email or website that's designed to steal from you. Often times, a hacker will use this email or website to install malicious software onto your computer. These web entities are designed to look like a normal email or website, which is how hackers convince their victims to hand over personal information. Phishing scams are typically easy to spot, but you should know what to look out for. Many of these emails contain spell errors and are written in poor grammar. Here's a great example of a standard phishing email from Microsoft's security blog:
Avoid logging into your important accounts on public computers. Sometimes you've got no choice but to use a computer at the coffee shop, library, or local FedEx. But try not to do it frequently, and make sure you completely wipe the browser's history when you're finished.
Back up your personal files to avoid losing them. You should keep a copy of all important files in the cloud and on some sort of hard drive. If one of them gets hacked or damaged, you'll still have a backup copy.