Opsec
<img src="https://media3.giphy.com/media/v1.Y2lkPTc5MGI3NjExa2lhOTgydGd4OXdhOWppZ2hxYmw1NDZlaWh0YjFiZm1wYWlyZDBtcyZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9cw/0H7amEwdOgyeuqqBRH/giphy.gif", width="500", height="500">
Rookie OPSEC mistakes
Yo, listen up! If you wanna keep your personal info safe and avoid any drama, you gotta steer clear of these rookie OPSEC mistakes
-
Using Personal Email for Work: Don’t be mixing your personal and work emails, man. It’s like leaving your front door wide open. Keep ‘em separate to avoid sensitive info spilling out.
-
Sharing Too Much on Social Media: Chill with the oversharing on social media, bro. No need to post every detail about your job, where you’re headed, or what you’re up to. Creeps and scammers are always lurking, looking for that kinda info.
-
Work-Related Searches: Avoid using your personal email for work-related Google searches. The feds can subpoena your account and pull out those searches.
-
Weak Passwords: Quit it with the weak passwords. Go for something strong and unique for each account. None of that “password123” junk. Use a password manager if you have to, but keep your passwords tight.
-
Insecure Browsing Habits: Don’t be hitting up sensitive sites or checking your bank account on public Wi-Fi without a VPN. Hackers love that easy access. Protect your data like it’s gold.
-
Phishing Scams: Stay sharp with those sketchy emails. If it looks fishy, it probably is. Don’t be clicking random links or downloading weird attachments. Double-check the sender’s email address and think twice before you act.
-
Poor Disposal of Documents: When you’re done with papers that got personal info, shred ‘em. Don’t just toss ‘em in the trash where anyone can snatch ‘em. Protect your info from dumpster divers.
-
Location Sharing: Turn off your location services unless you absolutely need ‘em. You don’t need everyone knowing where you are 24/7. Keep that info to yourself and stay off the grid.
-
Unauthorized Software: Only download apps and software from legit sources. None of that pirated stuff – it’s usually packed with malware that can jack your data. Stick to official app stores and trusted websites.
-
Insecure Storage of Devices: Keep your gear locked down. Don’t leave your laptop, phone, or USB drives lying around where they can get snatched. Use passwords and encryption to keep your data safe if your device goes missing.
-
Unencrypted Communications: When you’re sending sensitive info, use encrypted emails or messaging apps. Don’t let anyone eavesdrop on your convos. Apps like Signal or ProtonMail are your friends here.
-
Public Charging Stations: Watch out for public charging stations. They can be rigged to steal your data. Always carry your own charger and use a power bank if you need to juice up on the go.
-
Personal Devices for Work: Avoid using your personal phone or laptop for work stuff. If your company doesn’t provide devices, make sure you have separate user profiles and strong security settings to keep things separate.
-
Auto-Connecting to Wi-Fi: Disable auto-connect for Wi-Fi on your devices. You don’t want your phone hooking up to sketchy networks without you knowing. Always check and connect manually.
-
Turning Off Wi-Fi When Not in Use: Turn off Wi-Fi when you’re not using it. Attackers can see your previously connected Wi-Fi networks and potentially discover your physical location through wardriving.
-
Software Updates: Don’t slack on software updates. Keeping your OS and apps up to date patches security holes that hackers can exploit. Set your devices to update automatically if you can.
-
Bluetooth Security: Turn off Bluetooth when you’re not using it. Hackers can use it to send keystrokes or access your device without you even knowing. Keep it off and stay safe.
-
Multi-Factor Authentication (MFA): Use multi-factor authentication wherever you can. It adds an extra layer of security by requiring more than just a password to access your accounts. It’s like having a double lock on your door.
-
Physical Security: Don’t forget about the physical side of security. Lock your laptop and phone when you’re not using them, and don’t leave them out in public or unsecured places.
-
Browser Extensions: Be cautious with browser extensions. Only install ones from trusted sources and check the permissions they ask for. Some can spy on your browsing habits or worse.
-
Using Long-Range Antennas: If you need to connect to public Wi-Fi, use a long-range antenna to tap into a signal from a distance. It helps hide your actual location and keeps you more anonymous online.
-
Clearing Metadata: Before sharing files or photos, strip out any metadata. This info can reveal where a photo was taken or what device was used. Tools like ExifTool can help with this.
-
Secure Backup: Regularly back up your data, but make sure those backups are secure. Use encrypted drives or cloud services that offer strong security measures to keep your data safe from loss or theft.
-
Device Encryption: Encrypt your devices so that if they get stolen or lost, your data remains protected. Most modern smartphones and laptops have built-in encryption options – just make sure they’re turned on.
-
Screen Sharing: Avoid screen sharing as it can lead to personal information leaks or accidentally share your identity. If you must share your screen, be mindful of what is visible and close any unnecessary tabs or documents.
-
Linking Personal Accounts: Don’t link your personal accounts or any IRL-related account info (like Spotify, Steam, etc.) on platforms like Discord. Keeping these accounts separate helps protect your privacy and prevent personal information leaks.
Stick to these tips and keep your personal info on lockdown. Protect yourself and stay ahead of the game. Stay safe out there!