What should a person do when his or her account is hacked? How to ensure that your privacy online is protected?

I could make the strongest PW I know of, or use a random generator. But at the end of the day I'm still connected to the internet while making accounts to websites.

Would an assailant have to be sniffing packets at the exact time that I'm setting up my account to be able to see my PW as it's being created?

Or is this not really a concern because of HTTPS?

Thanks.

Sincerely,

A security noob.

https://preview.redd.it/sbjs0icpxl8e1.png?width=900&format=png&auto=webp&s=635d82138f69d809fd9e5ca5c6bcbfee580a8a4d

One of your best ways to monitor and protect your money is through online banking. Online banking is a free, safe, and convenient way to access your accounts anytime, anywhere. Most banks and credit unions encourage their customers to use online banking to monitor and access accounts 24 hours-a-day, seven-days a week, transfer funds between accounts, and pay bills online. In addition, you will receive alerts regarding any fraudulent activity or problems that might potentially cause you financial damage or loss.

As a precaution: Monitor your online banking accounts two to three times a week.

Before using online banking, consider the following:

1. Does your bank or credit union have a user-friendly, well-established, online banking platform with adequate customer service support?
2. Do you have the required computer skills to access the web and navigate the online banking platform?
3. Do you have a dependable smartphone or computer with the necessary software?
4. Is your computer and/or mobile device set up with a secure internet connection, a firewall, and/or antivirus system?
5. Does your computer have problems connecting to the internet? Are you using a reliable internet service provider with adequate coverage in your area?

If your answer is “no” to any of the questions above, you may want to opt out of online banking until you can answer “yes” to every question.

The Dos of Online Banking

https://preview.redd.it/fepbg78rxl8e1.png?width=900&format=png&auto=webp&s=b9ee23c0d9aee572e8732290d505ce4de6d5bb61

1. Use Strong Passwords

Your password is your first line of defense against unauthorized access. Create a strong, unique password for your online banking account that combines:

• At least 12 characters
• Upper and lowercase letters
• Numbers and special characters

Avoid using easily guessable information, like your name, birthdate, or favorite pet's name. Consider using a password manager to securely store and organize your login details.

2. Enable Two-Factor Authentication (2FA)

Two-factor authentication adds an additional layer of security by requiring not only your password but also a verification code sent to your phone or email. Most banks offer this feature, and enabling it significantly reduces the chances of unauthorized access.

3. Monitor Your Account Regularly

https://preview.redd.it/uzitcli0yl8e1.png?width=900&format=png&auto=webp&s=09904916e3ac128504418ee9a79b58137687d467

Frequent monitoring helps you catch unauthorized transactions immediately. Log in to your online banking account weekly and review your statements for:

• Unfamiliar charges
• Unexpected withdrawals
• Account activity outside of normal hours

If you notice anything suspicious, report it to your bank right away.

4. Keep Your Devices Secure

Malware and viruses can compromise your online banking safety.

Here’s how to maintain secure devices:

• Install and update reliable antivirus software
• Avoid jailbreaking or rooting smartphones
• Keep your operating systems and apps updated with the latest security patches

5. Only Use Trusted Networks

When banking online, stick to private Wi-Fi networks, like your home or office. Public Wi-Fi networks, such as those in cafes or airports, are often unsecured and prone to hacker attacks.

If you must use public Wi-Fi, protect your information by using a trusted Virtual Private Network (VPN) that encrypts your internet connection.

6. Know How to Spot Phishing Scams

Phishing attacks are designed to trick you into sharing sensitive information, such as login credentials or credit card numbers. These scams often arrive disguised as emails, texts, or even calls pretending to be from your bank.

To spot a phishing scam:

• Check the sender's email address for slight misspellings
• Avoid links or attachments from unknown sources
• Be skeptical of messages with urgent requests like "Act now to avoid account closure!"

When in doubt, contact your bank directly through official channels.

The Don’ts of Online Banking

https://preview.redd.it/g6atytltxl8e1.png?width=900&format=png&auto=webp&s=f995e966bfbd24f6a1baf43171747ab99d8a9c4e

1. Don’t Share Your Login Credentials

Your bank will never request your password, PIN, or 2FA code via email or phone. Never share these details, even with people you know. Scammers often pose as trusted entities to gain access to your account.

2. Don’t Use the Same Password Across Platforms

Using the same password for your online banking and other accounts (e.g., email, social media) is a major security risk. If one account is hacked, all other accounts with the reused password are also vulnerable.

3. Don’t Stay Logged in on Shared Devices

When accessing your online banking account from a shared or public device, always log out once you're done. Additionally, avoid saving your login credentials on such devices.

4. Don’t Click on Suspicious Links

https://preview.redd.it/y15fu82yxl8e1.png?width=900&format=png&auto=webp&s=9ba4c21fcd4714635b6ce0804e177be99cefc59f

Sometimes, scammers create fake login pages that look identical to your bank’s website. Clicking a link from a random email or text and entering your credentials could result in account theft.

Always access your bank’s website directly by typing the URL yourself or using a secure bookmark.

5. Don’t Ignore Updates From Your Bank

Banks frequently upgrade their security systems and features. Ignoring these updates, notifications, or prompts could leave you vulnerable.

Take these updates seriously—whether it’s about a new app version, added security measures, or changes in your account policy.

6. Don’t Transfer Money Without Verifying

Be cautious when transferring money, especially to individuals or organizations you don’t know well. Double-check account details and verify the recipient via alternate contact methods before sending money.

Final Thoughts

Taking charge of your online banking habits today can save you from major headaches down the line. Stay informed, and bank smarter!

**Article Originally Published on Smart Strategies for Successful Living at: https://www.agegracefullyamerica.com/online-banking-digital-tool-safety/

Hello!

I am just starting to learn about cybersecurity and was wondering what should I do to be more secure, I recently moved to another mail that isn’t from google and also started to use a password manager, but I don’t know if I should get email aliases or create 2FA for my password or what else I should do.

Thanks for any help!

Things which I have done so far:

1.All my passwords are atleast 100 characters long with all of them being randomly generated. I have saved all of them in Bitwarden with nicknames which only I understand and after that i finish encrypting the passwords twice using different keys with aes. Before saving them (just incase someone gets access to my bitwarden). With 2fa enabled everywhere I can.

2.I use orbot for everything.(while isolating destination addresses)

3.I have changed most of my apps to Foss with the help of fdroid and aurora. And have deleted my google account switching to proton and tutanota, while using anonaddy for all my accounts.

4.Made sure to hide my ssid of my router, WPA/wpa2 personal with aes and turned on ap isolation.(with my wifi pasword being 32 randomly generated characters),turned on ipv6 and 1pv4 firewall, ICMP-Flood Attack Filtering:High, UDP-Flood Attack Filtering:High, TCP-Flood Attack Filtering: High, turned on dos protection, updated my wifi firmware and turned off WPS. Changed every default username and password related to my router. I use a different network than what my family uses.

5.I started using an app called skewy to mask my audio in public to protect from stuff like silverpush.

6.I started using another app called Hypatia which i guess is one of the few antivirus apps that scans in real-time. Along with this I use Kaspersky and avast.

7.I also used an app called Extirpater which basically exchanges the deleted files which could be recovered with random data.

8.Whenever I send an image I make sure to remove all the metadata.

9.I use signal full time nowadays.

10.Aes encrypted all of my sensitive files and my notes. I also locked my sim card with a randomly generated pin. And checked all my app permissions to only allow the essentials.

11.I use the multiple users feature to compartmentalize different aspects of my life.

12.All the while I use bridges whenever I use orbot or tor browser. With Cloudfare dns and https everywhere extension.

13.I also bombed my data using email bomber services on my gmail and provided fake data about myself and deleted everything I could before I completely deleted my gmail.

14.I use mobile data instead of wifi for certain sensitive tasks.

15.I deleted most stock apps and switched to three secure cloud services to protect against Ransome attack s.

16.I deleted most social media and the ones I still use I access them through the tor browser.

17.I only use two extensions https everywhere and no script in tor.

18.Turned off as many logging and diagnostics collected by apps.

19.In addition to anonaddy I also use 1 proton and 1 tutanota email address for different aspects in life. With anonaddy being connected to my proton mail. Where I regularly delete all my emails permanently along with clearing my clipboard and deleting learner words.

20.Deleted all the apps which I don't need. I regularly update all my apps and my software. And hid notification on always on display. And sensitive apps I hid them and I lock all those apps with a randomly generated password. I also daily reboot my phone.

21.I have deleted almost all my pictures I have uploaded online. And I also us a USSD firewall.

22.I have covered my camera. I turn off all my sensors in android when I am doing sensitive stuff. And I also use a privacy screen protector.

23.I have set up an app to locate and erase my device remotely. When it has multiple failed pasword attempts it deletes all my phone data.(my phone password is also random characters with each user having different random passwords)

24.I also try my best to limit my time online. With deleting and recreating some accounts every year. And I haven't spoken to many people about my threat model just to be safe.

25.I also use a seperate online identities and I use https://thispersondoesnotexist.com/ to find pictures for my online identity where I am sometimes a girl and sometimes a guy. Along with a random name generator.

At this point even if I take a dump it goes through tor.

There's at least 1 person who suffers from their account being hacked each week. I once got locked out of my UE account, and I had to go through a bunch of steps. So I thought I'd make a post on how you can secure your account. Mind you, the steps don't 100% secure it, but continuous practice will surely do.

1. Your Password should be at least 10 letters long, or more, and contain 1 special character (@,# etc) 1-2 numbers and a mix of lowercase and uppercase letters.

2. You shouldn't use the same password for all of your accounts. Also do NOT use common words/numerics/phrases(pets' names, phone numbers, family members' names etc)

3. If you use browsers to generate and save passwords, it would be wise to change passwords once in a while. MS Edge and G.Chrome now show you if your password has been compromised by checking for that information in their database, so it's a neat feature.

4. TURN ON 2FA. Self-explanatory. Turn on 2-Factor Authentication. AFAIK, Epic only provides the 2fa Code in email, but 3rd-Party authentication apps might be an option. Choose whichever seems appealing to you. NOTE DOWN THE BACKUP CODES TOO in case you lose access to authentication codes.

5. Link at least 2 of the social media options. This doesn't prevent you from getting hacked, but in case of lockdown (you getting locked out of your account), if you contact the support, they can find your account and can verify ownership through other social media. Also, if you have previously purchased any product on Epic through Credit or Paypal, preserve the receipt you get on your mail. It is important.

6. DO NOT put your email and password for any suspicious websites impersonating the services (Steam, Epic, Origin). There's a ton of sites that promise they will provide free items, game keys and what not and require you to sign in. NEVER DO THAT, it's a trap. If you trust the sites, then you log-in to the service, then connect your account. Example: Steamdb requires steam login for tracking wishlist price changes. Instead of signing in on steamdb, I would open a new tab, go to steampowered and log-in through there. Then I would connect the accounts. That way, you avoid putting in your account credentials on 3rd-party sites.

7. Never share your account with someone else, it's against ToS. If you do share an account with someone you trust, all of you should change passwords once in a while to keep it secured.

These tips should help you secure your account. In case you do get hacked/locked out, follow the link:

https://www.epicgames.com/help/en-US/epic-accounts-c5719348850459

And follow the steps to contact them via email. Once you provide the necessary details, you will be contacted via email. It might take up to 48 hours though.

These are general thumb rules, and you should follow these for all gaming and/or non-gaming accounts on the internet. Even if you use a password manager, make sure it's a trusted one and still change passwords once in a while.

Apologies if the formatting is wrong, reddit mobile is painful for posting texts.

If you have any other tips or tricks, feel free to list them in the comments. This post should help a lot of gamers from suffering from their accounts getting hacked and losing all of their games and progress.

HI! How do you protect your google/microsoft accounts? I was thinking of entering a strong password + OTP as the second authentication factor (maybe generated by yubikey). Do you use recovery emails/phone numbers? I don't like the idea of allowing access to my account from many access points.