Technology

TLDR: Use complex unique passwords for each account, use different emails, one for general, one for banking, etc. Use two factor authentication (2FA) for all accounts that allow it. Don't trust emails, text messages, or phone calls that ask you for passwords, to send money, or allow the caller access to your computer. Email - I recommend having multiple email accounts. I have one account I use for things I don't care about and if it gets hacked I don't loose much. I have one that is only used for banking. I have a couple around in case I want to be professional. There are ways to have one email account but use temporary email addresses, such as Apple's Hide My Email, but those can be complicated, especially if you don't have an apple device.

I used a brand new email account for this website as well as TAN and will be using it for all my political activities, but now I am re-thinking my choice for using my name. I originally chose to do that as I wondered if I might get more traction with elected representatives if I used a professional looking email but now my paranoia is rearing.

Anyways - onwards!

Passwords - these aren't foolproof but we don't have to make it easy for them. I highly recommend a password manager. I use 1Password but there are others. Nordpass, Roboform, Dashlane, etc. https://www.pcmag.com/picks/the-best-password-managers

I usually use a combination of words that are auto generated like "clarify.ROARING-reacts1curve" or "trends@CROWDS0nine0tissues". My grandmother and neighbor have theirs written down in a book - but you know what? Those books can't be hacked. But they can be stolen so there are downfalls to either tactic. What you don't want to do is have the same password for every account.

2FA - this is a system that usually gives you a code to enter along with your username and password therefore making it harder to hack. Early 2FA used SMS (traditional text messages) to send you the code which you then used to login. However SMS is not encrypted and easily intercepted these days. Unfortunately, there are a number of companies that still only offer that option (and even a few that don't offer any option). I recommend the use of a third party program to generate the codes. These aren't perfect by any means but they are an additional layer. 1Password has this built in. Google Authenticator works as well as Microsoft Authenticator and others. https://www.pcmag.com/picks/the-best-authenticator-apps

These are apps that you download on your phone. If a website, like a bank, offers this to secure your account they would provide you a one time code (or sometimes a QR code) to enter into this app. The app then begins to generate a one time code that expires after a short time. When it is time to login you would provide your username, password, and the code from the app. Phishing - You can have all the security in the world, but it is all for not if you open the front door for them. There are many forms of phishing and many names, smishing, vishing, spear phishing, etc. They all have slightly different meanings but the bottom line is someone uses social engineering to trick you into opening the front door. That is why banks and websites (they should anyway) tell you that they will never ask you for your password or pin. Because they don't - if someone is asking for that information it is an attack. That isn't your grandson or nephew on the other end of the phone asking for bail money. If you get an email or text message asking to click on a link, don't - the link can look correct but the attacker is using a special font to change the address under the hood. If it is from your bank or a website that you know, enter the address yourself in your browser. Although you have to be careful with that as well - there is an entire industry behind having websites with addresses that are common misspellings of authentic websites. Like snanpckat instead of snapchat or payce-google which impersonates google wallet. I met an elderly gentleman once who was called by someone who said he was the gentleman's grandson. The grandson said that he was in trouble and to talk to his lawyer. The lawyer told the the gentleman that the grandson was in jail and needed bail money as well as court costs. This 'lawyer' told the gentleman that the judge had issued a gag order so he wasn't allowed to talk to his family. The gentleman ended up sending $30,000 to these scammers before the family found out. Bottom line - don't keep silent, check with your family and friends before sending money anywhere. I have many more examples if people want to hear them. The world was dangerous enough with just scammers. With all the turmoil you can be assured that they are waiting to pounce. Be safe, ask questions, don't trust without verification. Disclaimer - these are suggestions and not the only way to do things. Any errors, please let me know.