- Former FBI agent Jason Hogg shared five tips to stay safe online.
- Hogg emphasized the importance of verifying messages and being cautious with social media.
- He advised using VPNs on public WiFi, restricting credit information, and not reusing passwords.
This as-told-to essay is based on a conversation with Jason Hogg, a former FBI agent and an executive at the private equity firm Great Hill Partners. It has been edited for length and clarity.
I can’t talk too much about it, but I was a special agent with the FBI.
As a member of Special Operations Group 13, I was exposed to a wide range of humanity’s worst — from organized crime and terrorist activity to financial abuse and online death threats.
After I left the FBI, I became the global CEO of a cybersecurity firm, where I ran everything from digital forensic investigations to penetration testing.
The problem with staying safe on the internet nowadays is that the horse is out of the barn. But there are still things you can do.
Here are five simple things to bear in mind on the internet:
Always be suspicious
If you receive a video, phone call, voicemail, email, or direct message, try to confirm independently with the sender that it’s real.
If you don’t recognize the number on a phone call, but it sounds like the person, put them on hold and independently verify it.
Someone once tried to execute a deepfake call on my mother. They sounded like my eldest daughter. My mom was 80 years old then, but the good news is that multiple people in her family were FBI agents or detectives, so she was immediately suspicious.
She called me to check, and my daughter was with me, so she knew it was fake. Other people have not been that careful in the past.
Listen to your phone
You know how your phone sometimes tells you your passwords have been compromised in a data leak? Some people just ignore that, which is astonishing to me.
My father was the former CEO of MasterCard and a former FBI agent himself, but he still ended up having a significant amount of money removed from his checking account due to compromised credentials that he did not reset.
Check the list of apps that have compromised passwords — you might be surprised at how many websites you have a password for in the first place — and go into the apps and change your passwords, at least for the important ones.
Don’t use the same password for absolutely everything. You don’t need to have 150 passwords for 150 websites — but spread them out.
I know it’s a pain, but you are better safe than sorry.
Free WiFi is a risk
If you are going to be using free WiFi at coffee shops or stations, definitely think about installing a VPN on your phone. It’s so easy.
And do not make financial transactions on a public WiFi network. You don’t know who could have access to that information.
Lock your credit information down
It’s easy. Just call the reporting agency (like Experian) and tell them you want to lock your credit bureau. They will develop a passkey for you to unlock it later.
My lifelong friend’s father had his identity stolen once, and he didn’t have his credit bureaus locked down.
The criminals used a false identity to purchase real estate in Brooklyn in his name and used the real estate to conduct fraudulent transactions.
It was quite a personal and financial disruption in his life.
This is something a lot of people don’t do, but it’s a free procedure that makes you instantly more protected against fraud.
Post intelligently
Whenever you are posting, always assume it could be used in some form against you. Would you still post it?
It’s one thing to post pictures of you having a good time — you do you — but it’s another thing to go and publicly tag every person in the photo.
For all the positive things that come from social media, it creates a treasure trove of information for bad actors. You have video, you have pictures, you have associations of friendship. You also have machine learning that can go through all of that at an incredible rate of speed — something that we’ve never seen before until now.
There are service platforms and ransomware on the dark web that accelerate these exploits. That’s also how deepfakes are becoming more and more convincing — they use voice and image models from videos and photos that are out there already.