American Greed

The 'American Greed' report: 6 steps to securing your online privacy

hackers cyber security
Getty Images

Is any of our information truly private?

Last month, President Donald Trump signed a bill repealing Obama-era regulations that would have required internet services providers like Verizon and Comcast to get consent before collecting, using and selling users' web-browsing data.

Also, WikiLeaks recently leaked documents revealing that the CIA has the ability to conduct surveillance through devices like smartphones and smart TVs. And of course, cybercriminals may hack into your computer or phone in order to try to steal your identity.

Taking steps to protect your privacy can help you take ownership of your information, says Steve Weisman, a Bentley University professor who has written several books on scams and identity theft.

"I don't have a problem with opting in for certain information sharing. I even want to get certain kinds of targeted advertising. But I want to control, I want to be the one to make that decision," he said.

Set tight privacy settings

"People just aren't aware of how much personal information is being taken and regularly used in fashions that invade their privacy," Weisman said. "It's not as bad as you think, it's actually quite worse."

Sites most of us use regularly, like Facebook, Google and YouTube, already collect our data. "Every time you click 'like' on a Facebook page, Facebook is gathering that information and getting a profile on us that they're able to sell. There's nothing free on the free internet," says Weisman.

Take advantage of the privacy settings on these sites. The settings can sometimes be tricky to navigate, so set aside some time to go through them. Weisman advises making the security settings as strong as the site will let you.

Use a secure browser

Internet service providers are able to potentially gather much more information than individual sites, which Weisman finds concerning. "Unless we're using secure browsers, they're going to be able to access a lot more information about everything we're doing online," he said.

Secure browsers, like Tor, exist for users who want to remain anonymous. Tor prevents people from tracking your location or the sites you visit. "Tor gets a lot of flack because Tor has been used by criminals," Weisman said. "But individuals seeking to use the internet privately can also use Tor, and there are other secure browsers that maintain your privacy, and they're not difficult to use."

One downside? Using a secure browser can slow down your internet connection.

Use a virtual private network

Virtual private networks create a secure, encrypted connection between your computer and a server operated by the VPN. Using VPNs can help protect against mass data collection and cyberattacks.

"It will maintain your privacy online, keep you from being hacked, and the websites you go to also will not be able to see where the connection is coming from," Weisman said. Using a VPN is especially helpful when connected to public Wi-Fi networks, like in hotels and coffee shops. However, be aware that VPN speed and connectivity can be spottier than traditional connections. Also, VPNs can be pricey. While there are free VPNs, you tend to get what you pay for, and they may not be as secure as paid VPNs.

Be smart about your passwords

You should ideally have a unique password for each of your online accounts. This can sound daunting, so Weisman recommends starting out with a base password that has capital letters, lower-case letters and symbols, and changing the end of each password.

Another strategy is to use a password manager like Dashlane, LastPass or 1Password. Password managers generate strong passwords, sync them across your devices, and store them for you so you don't have to remember each individual password. You only have to remember one master password to get into the applications.

Emmanuel Schalit, CEO of Dashlane, says his company has never had a major security breach, and that Dashlane has built an infrastructure that secures your information by ensuring your master password is not stored on any of their servers. "We at Dashlane don't have access to it, it can't be stolen from us, or we can't be forced by a government to give it because we don't have it. It's only in your head," he said.

To people who are reluctant to put all their eggs in one basket, Schalit has this analogy: "Would you rather your money in the form of bank notes [be] in 17 places in your house, or would you rather put it in the bank?" If you're going to use a password manager, make sure to pick a complex master password and make sure to never share it with anyone or send it in an email.

Be careful with your security questions

Be sure not to pick security questions that can be easily researched. "When Sarah Palin's email was hacked, her security question was, where did I meet my husband? And the answer was Wasilla High School. And the hacker just went to Wikipedia," said Weisman. Better yet — just make it up. You don't have to answer the question honestly — it just needs to be something you'll remember.

"When you're setting up your security question 'what is your mother's maiden name,' say 'my mother's maiden name was fire truck,'" said Weisman.

Keep your devices secure

In light of the WikiLeaks revelation that the CIA has the ability to hack into smart TVs and smartphones, it's important to be smart about security.

"The biggest thing is to keep yourself from not being the low hanging fruit," Weisman said. These devices are not only vulnerable to the government, but to cybercriminals who want access to your devices in order to steal your identity, install ransomware, or extort money from you. Ransomware is a type of computer virus that blocks access to a computer, server or mobile device, and encrypts the data stored on that device. The victim is forced to pay to unlock the data. Last year, Hollywood Presbyterian Medical Center in Los Angeles paid around $17,000 to unlock its computer network after becoming infected with ransomware.

"It's connected to the Internet, it's vulnerable," said Weisman. Install security software, and make sure that it's updated as soon as new updates come out to protect your devices against the latest forms of malware. Also, make sure your router has the latest security updates and that you've changed the default password to a unique password. This is especially important as the internet of things concept grows and more people have devices like smart toys, security cameras and smart refrigerators connected to their routers.

Making the effort to check your routers, install new browsers, and set new passwords can be time consuming, but after you spend the time, it's a "one and done," Weisman said. "Once you've set these systems in place, they pretty much take care of themselves."

Disclosure: Comcast is the owner of NBCUniversal, the parent company of CNBC and

CNBC's "American Greed" looks at the dark side of the American Dream.