zudell.io.

Digital Hygiene is a euphemism for a persons information security posture. It is the degree of paranoia you have that some one is out to get you. Paranoia is the appropriate response because they are out to get you.

# Whomst are they?

They are identity thieves, credit card scammers, and hackers And they out to steal yo' identity, yo' credit card, and yo' online banking information if you let them. The common factor between them all is they look for easy targets.

## Identity Thieves

Identity thieves collect information about you largely from bulk data releases. You have had your personal information leaked by companies or surreptitiously exfiltrated by hackers. Take the equifax security breach for example it affected 147 million Americans that we know of; adding insult to injury the security lapse that allowed this leak was due to a publicy accessible web portal having a default admin password. The Office of Personnel Management has an equally clown shoes levels of security. OPM is responsible for managing background investigations on government employees with security clearances. OPM leaked millions of records by allowing unencrypted hard drives to fall off the back of a moving truck.

## Card Scammers

Card Scammers broadly break into two categories: thems that buy credit card data to abuse, and thems that collect credit card data to sell. Of the thems that collect data there are two categories Card Skimmers and hackers that compromise point of sale systems.

### Card Skimmers

Card skimming can happen with or without physical contact. Contactless credit cards function based on a device called a retro reflector. Essentially it is an antenna and an integrated circuit. When exposed to radio waves the retro reflector becomes passively powered and transmits a radio signal containing your card information. Card skimming can also happen when a disguised physical card reader is slid over a real card reader. You swipe your card; the merchant processes your transaction and the bad guys have your credit card info.

## Hackers

Point of Sale systems can be e-commerce stores or merchants with card readers. There are rules and regulations surrounding how to process payment card information. You can reasonably expect businesses to care about this about as much as they care about keeping your data private, which is to say not at all ^{in some cases™}. When these systems are hacked tens of thousands of cards can be compromised. They sell the cards for about $10 a pop

# What you can do about it

Open your wallet and pay for these services; or don't and use the free plans idc:

• privacy.com
• Nord Pass
• Google Authenticator

## privacy.com is badass

You can create "virtual credit cards" with spending limits, transactions restricted to one merchant, or limit the number of transactions per month. This will insulate you from hackers, carders, and shady online businesses. Your cell phone carrier won't "accidentally" charge you twice in one month.

## Nord Pass

Manage login credentials, create strong passwords on the fly, and create email masks so you donn't have to give out your email! Nord Pass has an app for your phone and add ons for your browser; it will fill in login and passwords almost automatically. Use it, you won't regret it. Unless NordPass gets hacked then god help you. You will need to set up two passwords. An account password and a vault password.

## Google Authenticator

Passwords are not enough, two factor authentication is the bare minimum. You don't have to use Google Authenticator but you should at least enable another form of auth. Don't store additional auth factors in a password manager.

# Enjoy

Stress less about hacked accounts, forgotten passwords, email spam, double billing, over spending, and those bastards that want your credit card. Check have i been pwned dot com to see if your email has been compromised.