How to Better Protect your Data Against Corporations and Ransomware

Your credit card information, emails, and stored photos and videos – all around us, our data is being used and monetized by third parties on all fronts, from our own Google services to Chinese ransomware groups.

Recently, the FBI warned about a cyber-criminal group called “Ghost,” which is targeting over 70 countries with ransomware. Meanwhile, Google has a new policy that tracks your devices without an option to opt out. These companies and hackers collect more than just what you click on — they gather details about your time zone, browser, battery level, and even your hardware, making it easier than ever to track you.

Google’s methods aren’t new. Companies collect data to show ads based on our interests. If you’ve ever talked about a camping trip and then seen ads for tents and gear on your phone, you’ve experienced this firsthand.

Companies collect more data than we realize. They don’t just track what we like and click on—they also gather details like our time zones, web browsers, and even battery levels, making it easier to identify us.

According to security.org, Google collects information such as IP addresses, system activity, the time and date of requests, app usage, and the type of phone or computer we use.

Many search engines also save personal details like usernames, phone numbers, payment info, YouTube comments, and even stored photos and videos.

Why you should care:

• Identity Theft – If someone steals your personal information, they could open credit cards or take out loans in your name. This can happen if a company’s database gets hacked.
• Financial Attacks – Hackers might use your payment details to buy things without your permission or even steal money from your accounts. They could also lock you out of your own accounts.
• Blackmail and Ransom Threats – If sensitive or embarrassing information is stolen, criminals might threaten to share it unless you pay them.
• Phishing Scams – Scammers can use stolen information to trick you into giving up even more personal details, like passwords or other account info.
• Privacy Violations – Your personal data is yours, but companies may still use it for things like showing you targeted ads, which you may not be comfortable with.
• Government Surveillance – In some countries, companies might hand over your data to the government, which could lead to people being watched or monitored.

Remember, even if you take steps to attempt to delete your data, Google or another corporations may have already taken steps to store it. According to Google’s Privacy and Terms page, “Some data you can delete whenever you like, some data is deleted automatically, and some data we retain for longer periods of time when necessary.”

Steps to Take:

1.) Choose privacy-oriented browsers and search engines – The reality is that many companies make a profit out of collecting your information and monetizing it, exposing you to the risks discussed above.

• One way to minimize these risks is to use browsers and search engines that prioritize your privacy. Oftentimes these will be run by a non-profit, which has less financial incentive to sell your information.
• Important note: “Incognito Mode” isn’t as private as you think. According to Wired, while your history and cookies will be erased, your data can still be tracked. As soon as you log into certain accounts (Amazon and Facebook, for instance), your activities across platforms can still be linked.

The following, in no particular order, are examples of privacy-oriented browsers recommended by several sources (NOTE: Always do your own research and download them from a trusted source):

• Waterfox
• Epic
• DuckDuck Go
• Librewolf
• Tor Browser
• Bromite
• Vivaldi (keep in mind that enabling their “sync” option will involve data sharing between devices)

The following are privacy-oriented search engines, based on several sources:

• StartPage (known for showing Google’s results while protecting privacy)
• DuckDuckGo (will also “grade” the privacy of websites you visit)
• SwissCows
• QWANT
• MetaGer
• Mojeek
• Peekier (lets you preview webpages)
• Searx

This is not a complete list of all the privacy browsers out there, but these should give you a good start. We considered adding Brave to this list, but they got busted for auto-completing URLs when it profited them.

2.) Use a VPN, especially with unsecured public wifi (coffee shops, airports, etc.) – VPNs encrypt (essentially scrambling) your information, providing a secure connection between your device and the internet. This will hide your IP address from third parties and make it more difficult for them to track your online activities. This is especially valuable for coffee shop wifi users as those networks are very often unsecured, making you vulnerable to cyber-crime. One entrepreneur shares her horror story here.

3.) Use complex, high security passwords

• Use a password at least 12 characters long, with a combination of upper and lower case letters, numbers, and symbols.
• Consider a password manager with two-factor authentication to keep track of them, and avoid using the same password on different accounts.
• Remember to use complex passwords not just for your bank and email accounts, but your wifi connection as well.
• Remember that reputable banks and services will never ask you to provide your password unsolicited.

The following are highly rated password managers available at no cost, according to sources such as security.org and and PCMag.com:

• ProtonPass
• BitWarden
• RoboForm
• NordPass
• TotalPassword
• Keepassium
• LogMeOnce

Note: Many of these will require one “Master” password to access the password database. While you want a secure password for this, it will be one you need to remember or you risk losing access to all of your passwords. If you have a private physical safe, it is worth considering keeping a physical copy of your password there.

4.) Use Two Factor Authentication for your accounts – Two factor identification is an added layer of security. In addition to a password, you will need to provide a second form of proof to confirm it’s you. Common methods are a code sent to your phone, an authentication app, or a backup email address, or a fingerprint or face scan.

• To enable Two Factor Authentication, go into the app or account settings and locate the option for security or privacy. If you have difficulty with this, run a browser search on how to enable it on that platform. Tip: In the event you lose your phone, have a backup option in the form of a different email address.

5.) Enable social media privacy settings

• Limit information you share online, especially if you are planning on going out of town. Post vacation pictures on your return, not when you are leaving your home alone and undefended. Link (https://www.cnet.com/home/security/ways-youre-compromising-home-security-on-social-media/)
• It’s also a good idea to limit sharing information about when you go on vacation. You never know if an acquaintance with your home address may make you a target.

6.) Keep your antivirus apps, software, and devices updated – Updates often come with important security patches. Consider enabling automated updates.

7.) Use encrypted text messaging and data storage

• After an “unprecedented cyber attack” on companies like Verizon and AT&T, the FBI warned that foreign cyber-criminals took advantage of unencrypted texts between Android and iPhone users to steal intelligence from over 100 government officials.
• While Android-to-Android and iPhone-to-iPhone texts are encrypted, Android-to-iPhone messages are not.
• Consider moving to a secure messaging app like Signal.

8.) Be aware of text message and email phishing scams – Many bad actors will pretend to be from other agencies.

• Typical scams are URLs and links sent via text message by agents purporting to be from the Post Office, Amazon or UPS, or a Toll company.
• They often are phishing for secure information, or attempting to scam you by getting you to send money on fraudulent terms.

9.) Secure your phone and mobile apps – Consider using a biometric or a strong password. Especially when traveling, ensure your phone data is backed up to a cloud or similar, in the event it is lost or stolen.

Warning on biometrics: Some jurisdictions allow police and other law enforcement to scan your face when you are under arrest to unlock your phone. However, most case law states that law enforcement cannot force you to give up a password or pin. This is an evolving area of law, however. Some legal experts deem it safer to use a pass code or password.

10.) Use two-factor authentication with Venmo, CashApp, and similar – This will add security in the event your phone is stolen, possibly preventing the thief from sending themselves money from your account.

Here are some common methods:

• Text Messages
  • Pros: Easy to set up and use on your phone
  • Cons:Won’t work if you lose access to your phone (loss, theft, etc.)
• Authentication apps
  • Pros: Arguably more secure than text, and can work without internet
  • Cons: If you lose your device and get locked out, you could lose account access
• Biometrics (face or fingerprint)
  • Pros: Not reliant on a device
  • Cons: Can be fooled with photos. Also, see above for issues in some jurisdictions (link to segment in article)
• Email Codes
  • Pros: Easy to use
  • Cons: Problem if you get hacked or you get locked out of your email
• Push Notifications
  • Pros: Easy to use
  • Reliant on internet

11.) Keep an eye on your bank accounts

• Check not only large transactions, but small ones. Oftentimes, a third party who has snatched access to your credit card may attempt small purchases before larger ones.
• After having my credit card skimmed at a gas station credit card reader, someone booked a plane ticket using my information. Contact your credit card company and report the fraudulent charge if it happens to you.

With the new ways of stealing and monitoring your data, the internet is becoming an increasingly dangerous place. But with the right tools and knowledge, you don’t have to be a victim. Your privacy is worth fighting for. Take action before it’s too late.