You’ll want to start from the beginning and read this (but do not do anything yet, just read it) before continuing:
Advice for Home Admins
A lot of people are being scammed right now. Some online (via text, email or website) and some with a simple phone call – let’s stop the madness! Securing your digital profile will take about twice as long as you have been online – meaning those who have been online for 5 years can expect it to take 10 years to see their digital profiles flicker out. To be “real”, there will always be a remnant – it will never really disappear – depends on how long you’ve been online, what you did online, how many social media sites you frequent and who bought that information/data/photos/etc from the sites you originally put it on – they’ve been selling your data since the day you signed on with them and it will be impossible to delete that data because you will never know who they sold it to…
The only thing you can do is try to undo what you have already done at locations you have done it to break the links from that direct data to you. This is a long process, and most folks won’t do it. All I’m gonna say is don’t call me when someone scams you or steals your identity. I’m putting it all out here – do it or don’t do it – it’s on you now:
1. Get a pen and paper and in 10 minutes (without your phone in the same room – just you, a pen and a piece of paper) write the name of individuals you regularly talk to on the phone (or text) – also write down any family or friends you would need to contact if there was an emergency. If you can not think of them in 10 minutes they do not belong on the list.
2. Turn that piece of paper over after the initial ten minutes is up and gather your monthly bills and write the contact number from that paperwork for those companies. Do the same with your quarterly, semi-annually and annual bills. Don’t forget the local DMV, doctors office, bank branch and all those companies – just the ones you deal with.
3. Go get an old fashioned phone book (small enough to fit in your back pocket would be great) and write down all names, addresses and phone numbers of the family and friends from the list your wrote above (#1) in the this book (use pencil for everything – things do change over time).
4. Then do the same for all the companies and agencies you deal with regularly (from #2 above) such as banks, electric company, water, gas, phone, social security admin, hospital, doctor – all of them – write the “main number” in your book for the local branch (the branch you use most often).
5. Change Your Phone Number and Main Personal Email Address – not joking – this is probably the single best way to protect yourself. People who have the money to hire their own security experts do this often – they’ll never get a call, text or email from someone they did not specifically give their info to…. If you do this it will be rare you have to deal with points #9 and #10 below for a good 12-18 months simply because all the databases out there (that you do not update yourself) will have your old info…
I grew up with the sons and daughters of a few very high end doctors, lawyers, actors, movie producers/directors and professional athletes in Orange County California in the 80’s – even in the 80’s, these folks changed their phone number every 12-18 months. We had to remember our friends numbers back then, so it was always “a thing” for us kids – this was before cell phones, everyone shared the phone line in their house…. Their office number never changed, but they changed their personal number often…
6. Walk in to the local branches of as many of the companies/agencies in Steps #2 and #4 as possible and give them your new number – talk to a few folks who work there, get the card of the folks you get along with so you can call them directly – this is how we use to do things, face to face…
7. Go back to your original list in point #1 of folks you regularly talk to (as well as friends and family) – now, delete anyone from your phone’s address book who is not on that list
8. You can do one of two things now.
A) As you need to contact people, do so and then let them know your new info. This is the smartest thing to do because fewer people will have your info.
B) Contact all the people in your analog phone book (it won’t be nearly as many as you think there will be) and let them know that you changed your phone number and that you no longer have email or texting capability (whether you do or not) and if they want to contact you immediately it needs to be with a phone call.
There will come a time when one of your friends wants to email something to you. That’s fine – the thing is, you are controlling who has that information…. Tell them not to pass it around and not to group email with your address in the mix – if they want to email you they can do it directly. You can control who has this information – and if it’s someone who you don’t think can follow your rules then give them your “other” email address (the old one that gets all the spam)…
——————————
Here comes the hard part,
9. Keep your phone in “Airport Mode” if you are not using it (such as when you are asleep, taking a shower, in church, in class, doing chores, etc…)
10. Do not connect to wireless networks – your carrier signal is much more secure – not completely secure by any standard, but much more secure than the wireless network in your home, coffee shop or office.
11. Don’t answer your phone unless a familiar name pops up (in other words, only answer the phone when someone from your address book is calling) – if it is not them on the line then hang up and call their significant other, their kid or their neighbor to find out why someone else was using their phone.
12. If anyone else calls, listen to the message and do not ever call the number they leave on the message – always call the “main line” to the company or agency and tell them you were “called pertaining to…”. If the call was real then they will put you through to the right person or be able to help you themselves – if the call was bogus then they will have no idea what you’re talking about. If it is a call from an individual or company you never heard of, consider it spam – you know who you deal with, who they work for and what their voice sounds like, so only deal with them.
13. “Block” numbers of bogus calls and texts in your phone settings and you’ll never see that number again…
——————————
I know you’re going to text – but be cognizant of just texting with folks you know. Do not respond to someone whose name does not appear – don’t even ask “who is this?” – do not respond at all…. Swipe left and delete the text – DONE…
Now, the harder part. I call this the “harder part” because it’s really hard for people to give up convenience:
1st, you have to have an Apple Device
2nd, do not download an app which has it’s own website – use the website
3rd, do not download an app you do not need – don’t download something just to try it, you are not a beta tester with the pay and all the layers of security that comes with that
4th, do not download any app made by Amazon, Facebook, Google, Microsoft or is home based in another country – if you have them, delete them and use the website (if you really need to use them)
5th, turn off all “Location Services” – “Find My” and “Maps” are the only thing you really need Location Services for anyway
6th, turn off all “Tracking”
7th, turn off “Siri”
8th, turn off “Airdrop”
9th, turn off “Background App Refresh”
10th, turn off “Automatic Updates” – do them manually a week or two after you have read how it may effect your device (which is usually a week or two after the initial update) – so, yes, wait 4-6 weeks
11th, turn off “Bluetooth”
12th, turn off access to all “Privacy” settings within each Apple app so no other app can access any of your personal data, microphone or camera
13th, take all pics offline – out of the cloud. You probably don’t have space for this on your device so on your computer, or an external HD, is probably going to work best
14th, take all data offline – out of the cloud. You probably don’t have space for this on your device so on your computer, or an external HD, is probably going to work best
15th, “close” all your social media accounts – there’s a trick to this, first thing you want to do is get in there and delete pics and data. Then don’t do anything for 3-6 months – do not login at all. To simplify, this “breaks” the links associated with meta-data related to your data and pics from your account. The meta-data links have to be broken for a few months so that web-spiders can properly kill those links.
After 3 months start searching for yourself (and your family members you may have posted pics or info about) on the Internet and see if anything pops up.
If nothing pops up – do nothing. Keep the account (so no one can open an account in your name and pretend they are you), just don’t login.
If something you don’t like pops up in your search after six months, then you have to contact the company directly to delete your digital profile – some may do it, some will not do it.
Just so you’re aware of it, if you do have to contact the company to delete your digital profile and they agree to it, they will most likely simply delete your account (so whatever data and pics you left in there will still be on their server/s)
16th, do not save any usernames, passwords or payment information within any app or device – we weren’t always so lazy, we use to memorize this stuff all the time – here’s the “funny” thing, people always tell you not to write it down, but if you’re saving them to your device, or allowing your device to save them, then that is actually more dangerous. If you need to, go old school. Get an old pocket phone book and write all the usernames, password and (oh yeah) phone numbers in there – and keep it on you just like we use to. If you must, make a code that only you and a few family members understand in case you lose it – and write in pencil so you can easily edit when needed. Once you have them in your book, delete them from your device.
17th, encrypt as much as possible
18th, I actually put a piece of electrical tape over the camera of my devices (just in case) – take it off and put it back on as needed
19th, Don’t forget to turn off “cookies” within Safari itself – you can turn them back on (and off) as needed – the cool thing about this is, if a website won’t work without cookies, once you turn them on to use the site you know the entire time you are on that website that everything you’re doing is being tracked – knowing when you’re being tracked and by whom is a good thing
20th, use “DuckDuckGo” as your default search engine – I really don’t trust DuckDuckGo either, but they feign to be secure. I personally use old school search engines because no one else does (so they’re faster), they tend to produce better results and I can use them with “cookies” turned off
21st, Always clear history, cache and cookies at the end of each session in Safari – just in case
The less interaction your device has online the less data there will be on you out there in the wild – if you need to interact, do not let it be something happening in the background (within an app) that you are not directly interacting with – shut all that down immediately. Basically, you want to make yourself a hard target so the bad guys will move on to a softer target – there’s 5 billion active internet users – they’ll move on to someone else pretty quick… |
Now, unless your kid is driving and you need them to be able to call for help if/when they get stuck on the side of the road, there’s no reason for a kid to have a cell phone. PERIOD. For all the more daring parents out there, secure your children’s phone – the school will provide the un-secure device they need for school work – there is no reason their phone should be anything other than a phone. PLEASE. If they want to screw it all up when they turn 18 and move out, fine…. But, while they’re under your roof, keep them safe. At the very least they’ll know what to do the first time someone scams or hacks them.
For those looking after their elderly parents I’d give the same advice. They will fight you tooth and nail, but secure their lives for them – over 60 and under 20 are the targets the bad guys are going for.
To take ALL OF THE ABOVE further, if you have an iPhone and absolutely want to have the most secure phone possible, do the above and then:
In “Settings” go to “Privacy & Security” and then scroll all the way down to the bottom of that page.
You’ll find “Lockdown Mode”, click on that and then click on “Turn On Lockdown Mode”.
“Lockdown Mode” will NOT allow your phone to do anything stupid – which means a lot of stuff you typically do (and think nothing of it) suddenly isn’t going to work – it will definitely help you to realize what you’ve been doing wrong because it won’t allow you to do it…
If you want your iPhone to simply be a phone with with iCloud interoperability, “Lockdown Mode” is definitely for you…
Now, I said “Do The Above” before considering lockdown mode because lockdown mode may not allow you do get into your Amazon, Google, Microsoft or Social Media Accounts to do what you need to do to secure yourself…. So you need to do Steps 1 through 15 in the box above before you look into “Lockdown Mode”…. The last few steps (16 through 21) in the box above are daily things you’ll have to pay attention to and do…
Apple’s website has more specific info on what “Lockdown Mode” will do – click here for Apple’s “Lockdown Mode” page
To summarize:
“When Lockdown Mode is enabled, your device won’t function like it typically does. To reduce the attack surface that potentially could be exploited by highly targeted mercenary spyware, certain apps, websites, and features are strictly limited for security and some experiences might not be available at all.”
“ When Lockdown Mode is enabled, some apps and features will function differently, including:
- Messages – Most message attachment types are blocked, other than certain images, video, and audio. Some features, such as links and link previews, are unavailable.
- Web browsing – Certain complex web technologies are blocked, which might cause some websites to load more slowly or not operate correctly. In addition, web fonts might not be displayed, and images might be replaced with a missing image icon.
- FaceTime – Incoming FaceTime calls are blocked unless you have previously called that person or contact.
- Apple services – Incoming invitations for Apple services, such as invitations to manage a home in the Home app, are blocked unless you have previously invited that person.
- Shared Albums – Shared albums are removed from the Photos app, and new Shared Album invitations are blocked. You can still view these shared albums on other devices that don’t have Lockdown Mode enabled. When you turn off Lockdown Mode, you need to turn Shared Albums on again in your device settings.
- Device connections – To connect your iPhone or iPad to an accessory or another computer, the device needs to be unlocked. To connect your Mac laptop with Apple silicon to an accessory, your Mac needs to be unlocked and explicit approval provided.
- Configuration profiles – Configuration profiles can’t be installed, and the device can’t be enrolled in Mobile Device Management or device supervision while in Lockdown Mode.
Phone calls and plain text messages continue to work while Lockdown Mode is enabled. Emergency features, such as SOS emergency calls, are not affected. ” |
Oh, almost the most important point here, when you have these phone conversations (or any conversation really) be in a room with no smart devices (none, zero, nada) – nothing like being recorded while you’re changing passwords or account numbers…
…and… finally… put that analog phone book in a safe place… Do not carry it with you… Do not leave it out at your house… Put it somewhere safe…
If you want to make sure you can be reached even if electrical goes down, get a landline in your house – do not allow the phone company to digitize this line, keep it POTS (Plain Old Telephone System). Of course, if no one else has one it will do you no good for reaching out – but if one of your friends or family can find a pay phone they can call you (even if there is no electricity). The moment you get an unsolicited call, change the number and alert all your family and friends of the new number. I say “the moment” because once you get one of those calls that means the number is now on a list and the calls will not stop…