Skip to main content

Your personal information is valuable. That’s why hackers try to steal it. This year, for National Cyber Security Awareness Month, we’ve got tips to help you keep your personal information from ending up in the hands of a hacker.

Protect your phone

Let’s start with protecting the data on your phone. Set your phone to lock automatically and create a passcode to unlock it. Use at least a 6-digit passcode.

When you notice an update for your phone is available, run it promptly. Those updates could include critical security patches.

Back up your phone regularly. That way, if you lose it, you’ll still have access to your personal information.

Use an app that will help you find your phone if you lose it – or if someone steals it. If it’s the latter, you can use the app to remotely lock your phone or erase the data on it.

Protect your computer

To protect your computer from threats like malware use security software and update it regularly, or set it to update automatically.

Protect your accounts

To protect your accounts, use strong passwords. Consider using multi-factor authentication for accounts that offer it. (If you’re trying to enable multi-factor authentication on your account, it might be called two-factor authentication or two-step verification.)

Connect safely

Know what makes a wireless network secure. Start with your own wireless network and router. Then find out how to use public Wi-Fi safely.

Keep your info to yourself

Another way to protect your personal information is to recognize scammers’ attempts to steal it. Phishing attacks by email or text may try to trick you into giving up your passwords, account numbers, or other personal information. Or callers might lie about your Social Security number being suspended and urge you to contact them. (Listen to this recording of a Social Security scam.)

Check out more tips about online security. If you want to get more consumer tips in your inbox, sign up for Consumer Alerts.

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system, and user names also are part of the FTC’s computer user records system. We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.

The purpose of this blog and its comments section is to inform readers about Federal Trade Commission activity, and share information to help them avoid, report, and recover from fraud, scams, and bad business practices. Your thoughts, ideas, and concerns are welcome, and we encourage comments. But keep in mind, this is a moderated blog. We review all comments before they are posted, and we won’t post comments that don’t comply with our commenting policy. We expect commenters to treat each other and the blog writers with respect.

  • We won’t post off-topic comments, repeated identical comments, or comments that include sales pitches or promotions.
  • We won’t post comments that include vulgar messages, personal attacks by name, or offensive terms that target specific people or groups.
  • We won’t post threats, defamatory statements, or suggestions or encouragement of illegal activity.
  • We won’t post comments that include personal information, like Social Security numbers, account numbers, home addresses, and email addresses. To file a detailed report about a scam, go to

We don't edit comments to remove objectionable content, so please ensure that your comment contains none of the above. The comments posted on this blog become part of the public domain. To protect your privacy and the privacy of other people, please do not include personal information. Opinions in comments that appear in this blog belong to the individuals who expressed them. They do not belong to or represent views of the Federal Trade Commission.

October 28, 2019
I've received calls from people threatening to take me to court or have me arrested. First, if you are to be arrested, they are not going to give you an early warning or heads up. Secondly, they are not going to do it on the phone. It will be by letter or messenger with documents. It is unfortunate so many people are not wise enough to recognize BS when they hear it. So, consequently--they get scammed.
October 28, 2019
These criminals target seniors especially. Seniors tend to be more trusting and less likely to question it if they're told their Social Security number has been suspended or a young voice on the other end says "Grandma! I'm in jail in Mexico! I need you to buy a gift card and send me the number so I can get bailed out!" Seniors, we need to get smart about these scams!
October 28, 2019
Is there no advantage to having a VPN to ward off hackers?
October 29, 2019

In reply to by Egn6

VPN will encrypt the data when you connect to un secure internet and will also change your public ip address so your devise can't be tracked
October 30, 2019

In reply to by Egn6

VPN encrypts data between you and the end connection. It does nothing to block malicious email, infected web sites and things a user accesses. This is why people are the weakest link in cyber security. You must be cautious at all times and continually educate yourself on the dangers if you want to stay safe online.
October 30, 2019

In reply to by Egn6

Not if you are being hacked by responding to social engineering attacks, no. A VPN does nothing but keep your network traffic more hidden, sending it using an encrypted protocol rather than traffic that your ISP and others can intercept and read, so in that sense it's safer, meaning that no one can intercept your traffic stream and read your network traffic in plain text, but a VPN does not prevent phishing or any other kind of social engineering. Something like 98% of attacks against individual consumers come in the form of social engineering, meaning tricking someone into clicking, calling, texting, or otherwise responding to a scam.
October 28, 2019
When you become a victim one must obtain fight back knowledge. Actors are attacking every day with new updated skills. You already know there is no real protection. Ask all the major agencies and companies who have been attacked. However, if you take the position to comprehend, part of your daily living activity is to protect your devices and internet activities you will prevail for a good period.
Don't use your…
October 28, 2019
October 29, 2019
Some good suggestions; however, the actual problem has more to do with "How" than "What" to do. For example, I have never been able to figure out the O.S. of my iPhone; and I've given up on finding a decent "users manual" on line, even from the makers of the O.S.! They all seem to cover some basics, but are far from thorough, and generally poorly organized and NOT cross-referenced. I don't understand why the smartphone O.S.' could not have shared a great similarity to desktop O.S.'
October 30, 2019
I have been receiving an "800" phone call saying that there is a warrant out for my arrest due fraudulent misuse of my SS number. has anyone else received this type of call?
October 31, 2019
As a senior citizen I can tell you that I get a lot of phishing emails and phone calls. I also get a lot of threatening phone calls. But I ignore them. Whereas some people don't. Let the buyer beware is an old saying. It applies to scammers as well. First distrust what you get on email and the phone if it is someone you don't know. I keep the voice messages and then delete them after reporting the calls to the federal government.
James Vegas
May 25, 2020
I’m surrounded by hackers at Siegal Suites and its very difficult to catch them. My CC got hit so I at least get to file with the FTC. I wish there was an easy way to convict these con artist . Vegas is nothing but shady chracters.