Do VPNs prevent you from getting hacked & what else can I do to secure myself?
In short No, using a VPN will not prevent you from getting hacked. No single thing will protect you from getting hacked. The best way to minimise getting hacked is called “Defence in Depth”, meaning you need to build layers and different things to protect yourself. No single protection is proof against hacking on its own – You are merely delaying the hack by using 1 single defence method.
Think of it like protecting your house, CCTV, alarm, Doorbell with camera – it deters burglars, but it may not keep them away forever.
Good Example of VPN Usage:
Let’s say that you go to your local coffee shop with your laptop. You connect to the network there named “Guest-Wi-Fi”, put in the information that the guest Wi-Fi requires to grant you Wi-Fi access (that’s first and last names, email address, and postcode for those keeping track), and then you’re on a Wi-Fi network. You check your bank account balance, log in to Amazon to buy something, pay your phone bill, and send an email to a friend.
BUT, that “free” Guest Wi-Fi, is poorly configured or just insecure that you just connected to wasn’t really being provided by the coffee shop, it was from an attacker that first connected to the Guest-Wi-Fi, and then broadcasts an identical SSID (wireless name) from their computer.
This is one type of man-in-the-middle attack, and it allows the attacker to see everything that goes through their computer on its way to the real Guest-Wi-Fi.
They use ssl strip from their privileged position between you and the internet to remove the SSL from your bank website, and from amazon’s checkout, and from your email provider, but that’s not something you explicitly check for every time, so you missed it. The attacker now has your bank account credentials (and can empty your account), your Amazon account credentials (and can buy unlimited items up to the limit of your credit card) and worst of all—control of your mobile phone and email.
You go to that same Guest-Wi-Fi. Connect to the same ‘attacker’s’ network. After connecting, you turn on your VPN before interacting with your bank, Amazon, your phone provider, and email. Now, the attacker can see a bunch of encrypted communications, but doesn’t know where it is going, doesn’t know what it contains, doesn’t know anything other than what you gave them before turning on your VPN (I guess that’s still your names, email address, and postcode!) But now that’s a lot less valuable to them and slows the hacker down – however if they can see a reason for an attack, maybe because they was able to see worthy information to steal, they can monitor the traffic coming in via your PC to the VPN and then the traffic back and start building statistics to track your movement across the web.
Also the wrong VPN will help you get hacked.
A VPN does very little to protect you. A VPN is nothing but an encrypted tunnel to another computer. Who owns that computer and what is their motivation for providing you with a VPN?
Most internet traffic is https (emphasis on the “s”), which means data is encrypted between your computer and the server you are talking with anyway – so no different to a VPN tunnel.
A VPN also hides the IP address of the server from anybody monitoring your internet use at your school/workplace/home. However, some VPNs harvest this information and sell it.
Can a VPN Keep Viruses and Malware at Bay?
VPN services do use powerful encryption protocols, true. However, that doesn’t mean they have the power to stop computer viruses and malware programs from attacking your data. We recommend you always use a reliable anti-virus program. Thus, you get to keep hackers at bay and make sure your computer/device is not affected by viruses and malware.
Simple ways to prevent you from being hacked
If you are serious about wanting to protect yourself, you need to build layers of security up between you and the hacker, just doing 1 single defence method WILL NOT PROTECT YOU! You MUST carry out as many as possible if you want to protect yourself.
- Use two-factor authentication 2FA (The MOST important protection) Two-factor authentication requires you to enter a code sent to you in a text message or another service to access your account after you enter your user name and password. This makes it more difficult for a hacker to access your information, even if they are able to crack your password. If the service you are using provides 2FA then enable it straight away.
- Create complex passwords. Your passwords to access your accounts on apps or websites should consist of a combination of numbers, upper- and lower-case letters, and special characters that is difficult to guess. Don’t use the same password for more than one website or account. This limits the damage to you if a hacker happens to crack one of your passwords.
- Use a password manager. Password managers store and auto-fill your credentials for different sites, allowing you to create a complex and unique password for each site without having to worry about entering the password itself more than once. While you should absolutely keep track of your passwords on your own as well, a password manager will help make your device much more secure. ( We recommend MyKi, and not normally any cloud based password managers) – We don’t recommend using any password managers built into browsers, e.g. google chrome/Edge, as they are very secure and don’t always encrypt them.
- Don’t give out your password. This is an obvious piece of advice, but one that bears revisiting: with the exception of some school services, you shouldn’t ever have to provide a site administrator with your password for them to access your account.
This also applies for any tablets, phones or mobile devices that use PIN entry methods, also if you ever have to give out a password change it immediately after they are finished using it.
- Avoid using the correct answer for security questions. When making security questions, don’t make the answer to them the correct answer. Hackers can find out your mother’s maiden name or what street you grew up on easily. Instead, make the answers incorrect, or even better, make them like passwords and don’t base the answers on the questions at all, and store them in a password manager (e.g. MyKi has a secure notes section that is fully encrypted, which works perfectly for this)
- Make sure you’re on an official website when entering passwords and the site is secure. Phishing scams – instances in which a malicious page pretends to be a login page for a social media or bank account – are one of the easiest ways for you to get hacked. One way to spot phishing scams is to look at the site’s URL: if it closely resembles (but doesn’t exactly match) a reputable site’s URL (e.g., “Facebok” instead of “Facebook”), it’s a fake site. Also look for the green padlock/secure notification in your web browser, to make sure your data is being transmitted via encryption.
- Encrypt your hard drive. If your hard drive is encrypted, a hacker will be unable to read the data stored there, even if they manage to gain access to your hard drive. While you’ve taken steps to prevent access, encryption is another method of protecting your information. Windows Pro versions, came with an encryption program called Bit locker and is extremely handy for this purpose to encrypt your whole hard-drive.
- Install updates as soon as they become available. In addition to performance upgrades, system updates often contain improvements to security
- Back up your data frequently. Despite even the strictest security, it’s still possible that your data may become compromised. This may be the result of hacking, or simply computer failure. Backing up your data ensures you don’t lose anything, and don’t just back up to 1 single location as this creates a single point of failure, we recommend at least 2-3 backup copies on different systems, or locations, e.g. Cloud based, USB, External Hard-drive.
- Avoid clicking suspicious links or responding to unknown emails. If you get an unsolicited email, or an email from a sender that you cannot verify, treat it as a hacking attempt. Do not click on any links or give the sender any personal information. This also applies to anything you see online, e.g. Facebook messages or Instagram DM’s – if you don’t know what it’s for, then discard it and ignore, as some of these links may be trying to redirect you to malicious websites.
- Install or activate your firewall. Both Windows- and Mac-based computers come equipped with a firewall, which prevents hackers from gaining access to your computer. However, in some computers, the firewall is not turned on by default, so worth checking. Also to protect your whole network most routers also have firewalls enabled in them, but always worth checking to make sure the “Front door” is already locked before letting them in half-way.
- Install antivirus software on your computer. Antivirus software recognizes and removes potentially harmful files and programs as soon as you download them. We recommend ESET Anti-virus for PCs/Macs and Mobile devices, and generally team this up with Malwarebytes for added protection.
- Keep personal information off social media. You may think you’re just sharing with friends but revealing too much about yourself and your life on social media can make you vulnerable to hackers. Share personal information directly with people who need to know rather than openly posting on social media.
- Use secured wireless networks. Generally speaking, secured networks require you to enter a password before you can connect to them. In some locations (such as airports or coffee shops), they may be open networks, we recommend you try to not connect to any insecure or even wireless hot spots. Try to connect to wireless networks you know, if you do need to connect to an insecure or guest network, try to not do anything on the internet that requires you to login, or enter sensitive information as this could be intercepted by a hacker.