Privacy & Cybersecurity tips for beginners

After having a large sum of money stolen in a cyber attack, I recently started taking cyber privacy and security a lot more seriously. I have officially switched from iPhone to GrapheneOS on a Google Pixel 8 and have been using it successfully for about a month. I know fully de-googling is not realistic for everybody so I wanted to share the things I've implemented ranked by difficulty. This way people wanting to dip their toe in the water can start at level 1 and go as far as they feel comfortable. I am still learning on this journey as well and would welcome any feedback for ways I can improve.

Level 1: No Excuses

  • Stop reusing passwords
    • use a password manager to generate and store random, unique, secure passwords as well as two-factor authentication codes
    • I prefer Proton Pass, it allows you to store unlimited passwords for free
    • write down your master password and keep it somewhere safe
  • Create an email account exclusively for financial institutions
    • don't give out this email address except for your most important accounts
    • use two-factor authentication as an extra layer of protection
    • this is a great way to get started using a privacy focused email such as Proton Mail
    • remember, if you are using a Gmail account through the Apple mail app, both Google and Apple are reading all of your emails
  • Use a privacy-focused web browser and search engine
    • I recommend Brave browser as it has a built in blocker for ads and trackers as well as many other advanced privacy features
    • I use DuckDuckGo for search but there are lots of great options for both browsers and search engines

Level 2:

  • Stop giving out your email address freely
    • the free version of Proton Pass allows you to create 10 unique email aliases, and unlimited with a subscription
    • by giving out a unique email each time it makes it a lot harder for hackers to get into your accounts
    • if your unique email address is sold or leaked you will know which company compromised your data
    • if you are getting spammed you can disable the email alias with a simple toggle switch
    • Apple offers unlimited email aliases via hide-my-email, but keep in mind Apple also reads all your emails created this way
  • Use a VPN, especially on public networks
    • this is easy to do and gives you an extra level of privacy by masking your IP address
    • Proton VPN can be used on one device completely free and is available on mobile
  • Disconnect smart devices when possible
    • there are countless cases of privacy invasion via smart devices, and they can also be a weak point in a network for hackers to exploit
    • a billion dollar heist was committed by sending malware through a printer

Level 3:

  • Update your Wi-Fi password from the default on the router
    • go do it now
  • Subscribe to a data broker removal service
    • this is the only service on this list that can't be done for free
    • I have used Incogni for about two years and it is super effective
    • when searching my name on Google half the links used to give out my current and past home address, email address, and phone number
    • they have removed my data from over 800 data brokers and now my personal info doesn't come up on Google and spam calls are super rare
    • if you use my referral discount code that would be cool too: incogni.cello.so/Dmm94hW7hGp
  • Enable number lock with your phone service provider
    • this prevents your phone number from being switched to a new phone without additional verification
    • this is known as a SIM swap attack and can be used to bypass two-factor authentication

Level 4: These will take a bit more effort to implement but are worth the efforts

  • Remove your personal info from Google manually
  • Place a security freeze on your credit
    • you can create a free account with Equifax, Experian, and TransUnion and initiate a credit freeze
    • this will prevent hard credit checks and can be easily lifted any time if needed
    • this prevents somebody else from opening an account in your name and racking up debt, which may be a lot more common than you think
    • it also protects against unexpected credit checks lowering your credit score
  • Go through your privacy settings on your phone, computer, web browser, Google account, Apple account, etc.
    • carefully consider what data you are willing to share
    • there are many videos online to help you decide which settings you can turn off to extend battery life and protect privacy
    • by default, most services collect, buy, sell, and trade your data. Take the steps to opt-out wherever you can

Level 5: For the tech savvy

  • Switch to GrapheneOS
    • switching from Apple to Graphene was actually a lot easier and smoother than I expected
    • there is a learning curve, and I cannot recommend it unless you are tech savvy and enjoy exploring all the corners of a software
    • for almost every paid service on Apple there is a free and open-source alternative on GrapheneOS
    • there have been some sacrifices switching from Apple, but there are many improvements as well. The trade-off has been worth it for the increased level of privacy and security it provides

Thank you for reading. These are all things I have implemented and I hope they will help you too.