Super Simple Security Principles

Episode summaryA forwarding alias is an email address that passes along email to your real email address without the original sender ever knowing what that email is.They usually allow you to reply, with the email coming from your alias also, thus providing privacy in both directions.Unlike burner aliases, you will need to create an account in order to start creating forwarding aliases. One solid option is 33 Mail.There are lots of ways to use forwarding aliases, but the one that provides the most benefit is to create a unique alias for every website or company that you share your email address with.This gives you the most power to block spam and thwart phishing attacks.LinksEmail Alias Provider: 33 MailGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryBurner aliases are short lived. You don't have to register an account to create one, or share any personal information.Some of the services that provide burner aliases automatically delete the alias after as little as 10 minutes. This is a great security and privacy feature.I mostly recommend burner aliases for cases where you want to receive only a single email, and nothing super sensitive or critical. Also, if a service requires a browser extension to use it, I recommend against it.If you want to play with this type of service, here's one to check out: 10 Minute Mail.Linkshttps://10minutemail.com/Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryThere are three types of email aliases. They each work quite differently but share the same purpose: to avoid exposing your real email address to abuse.The first type is a burner alias. These are very short lived email aliases, often used for receiving just a single email.The second type is a forwarding alias. These stay around for as long as you need them, but can be deleted at any time. They can do almost everything a burner alias can do, but often cost money.The third type is an integrated alias. These are quite similar to forwarding aliases, but a bit simpler and safer to use. They can do everything forwarding aliases can. They are by far my preferred choice of alias, and the one I use almost exclusively.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryEmail has a lot of flaws. One of the biggest is that anybody can send you an email without your permission.They don't have to know you - they just need to discover your email address - by any means.Email aliases can't directly fix this flaw, but they can do a lot to help mitigate the problems it causes.The idea of an email alias is simple.It's an email address that will deliver email to you, but without exposing your real email address.There are 6 benefits that email aliases, used correctly, can provide:Privacy: Prevent your real email from being exposed in data breachesSpam Control: Disable individual aliases to totally shut down spam.Organization: For the control freaks among us (like me), aliases are a great tool.Tracking: Never wonder again who sold your email address.Account Protection: Prevent stolen login reuse.Phishing: Enables clear and reliable identification of phishing emails.That all may sound too good to be true, but it's not. Stay with me, and I'll teach you how.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to firstEpisode 96: Why Your Email Account Should Only Be For EmailEpisode summaryThey say pick your battles. Well, I'm picking mine. I want you to ditch Gmail.Maybe you're holding back because you think that means giving up Google Docs, Google Drive, Google Photos, or some other Google service.If this is you, I have great news. I promise: you can ditch Gmail, but keep all the rest of the Google services you use.Option 1 - Let your Gmail account survive, but transition away from ever using it. Not using the Gmail service doesn't stop you from using any other Google service.This works great if you are a heavy user of Google services.Option 2 - Create a new Google account, using a non-Gmail email address. I know that might sound crazy and impossible, but it's easy.It works the same as creating an account at any other website, other than the fact that Google makes it the default to signup using Gmail.Drop me a note when you've made the switch!Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryProton provides a lot of the same services as Google, but with a privacy focus. From the beginning, their core values have been privacy and security. They offer a great, useful free version for many of their products. For full functionality, a paid subscription is required.They started with email (Proton Mail), and have expanded to other core services comparable to what is offered by Google - Proton Drive, Proton Docs, a password manager, a VPN and more.I am super grateful for Proton, and their foundational focus on privacy and security. It's something that few companies truly prioritize, especially amongst the giants in the tech space. They have been steadily growing, and I hope they continue to grow, and one day even take a notable share of customers away from Google.One major obstacle standing in their way right now is the usability of their products. Many of them are still far more clunky than their Google counterparts. For those who care enough about privacy and security, they will overlook this.But if Proton really wants to grow, they need to spend a lot more time polishing their products. I hope that before too long, they will stop adding new stuff, and turn all the good services they have into truly great ones.LinksProton - a privacy focused version of Google servicesGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryMy top choice for email app, both on my phone and my laptop, is the native Fastmail app. This app only works though if Fastmail is your email provider - which I highly recommend. I have been using Fastmail as my primary email account since 2013.I also have several gmail accounts and for them, I use the gmail app on my phone, and Mimestream on my laptop. It's a strange sounding name I know. Unfortunately, it's only available on Mac, and it costs money, but it's built specifically for gmail and works beautifully. I've tried a lot of different apps, and Mimestream is my favorite.For Windows (also works on Mac), my top paid recommendation is Spark.If you're looking for a free option, Thunderbird works well. If you are a Mac user (like me), then Apple Mail is also a solid free option.LinksExcellent paid MacOS Gmail app - MimestreamExcellent paid Windows/Mac Gmail app - SparkExcellent free Windows/Mac email app - ThunderbirdGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryI've talked about it endlessly. I will keep doing so. Your email account is vital to protect.But most people are missing a simple and powerful layer of protection for their email account: using an app to check email instead of the browser.Virtually everyone uses an app to check email on their phone - that's a good start. But most people use a browser when they check their email on their computer. This is where we have work to do.If you always use an app to check your email, and follow my advice in Episode 96: Why Your Email Account Should Only Be For Email, your email account will be extremely well protected against a phishing attack.During the recording of this episode (99), I realized that the advice in episode 96 can be a challenge to follow for heavy Google users, which many of us are these days. I will be making an episode soon to give you a way to do this without giving up everything you use and love about Google, so keep reading!Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryWhat do I mean when I say your home network is compromised? I mean that one of the devices in your home has been taken over by a hacker without you knowing it.It could be any device that connects to the internet, not just your phone or laptop. Cameras, doorbells, routers, appliances, and smart TVs are all valuable targets.There's a tool that can help figure out if this has happened. It's super simple for anyone to use. It won't answer all your questions, but what it can tell you is if it knows about devices being compromised either in your home network or somewhere in your digital "neighborhood".Click here now to check - it's free and immediate. If you do find a problem, feel free to reach out on the forum for help.LinksCheck Your Digital Neighborhood for Compromise1.8 Million Smart TVs hijackedGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryThere is a simple feature that can help you greatly in the fight against phishing. Yet all the email providers I've checked, aside from Fastmail, lack this feature.What is the feature? The ability to route emails you receive based on whether the sender is a known contact.Here’s how you use it:1 - Set up a rule to route all email from unknown senders to an “Unknown Sender” folder.2 - Go carefully through each email in that folder, and for any email you trust, add that sender to your contacts.3 - For any email you don’t trust, mark it as spam or block the sender.Then, when a phishing email comes in trying to impersonate a sender you trust, it will end up in the "Unknown Sender" folder. This is the folder where you carefully review every email, and if it is pretending to come from a known sender, you will know it’s a phishing attack.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryI believe your email account should only be for email. Instead, most free email providers turn your email account into an account for all their services.Google is probably the worst for this. Your Gmail account is actually a Google account that gives you access to Google Docs, Google Drive, Google Photos, Google Chat, YouTube, and much more.On top of that, many websites allow you to "Log in with Gmail." This expands even further the number of accounts that are directly connected to your email account.Taken all together, this is a security nightmare. Email accounts are already enough of a master key to your online identity, just through their ability to reset forgotten passwords.All these accounts being tied to your email also means a lot more opportunities for you to get caught in a phishing attack - because you’re entering your email password not just to access your email, but to access all sorts of other services as well.Linkshttps://workspace.google.com/blog/identity-and-security/defending-against-account-takeovers-top-threats-passkeys-and-dbschttps://blog.checkpoint.com/research/phishing-trends-q2-2025-microsoft-maintains-top-spot-spotify-reenters-as-a-prime-target/Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryBlocking all spam before we see it is tough. Email providers are reluctant to block it entirely, in case they are wrong and it’s not spam. The compromise is that they send it to the Spam or Junk folder, where it can be recovered.As the reader of that email, though, it’s often easy for us to identify it as spam and say, "I never want to receive email from this sender again."This is where the "Block Sender" feature that some email providers have, including Gmail and Fastmail, comes in.There’s a big difference, though. In Gmail, the email still ends up clogging up the Spam folder. In Fastmail, it goes straight to the Trash, so I never have to see it.That may sound like a little thing, but when you’re dealing with spam, it adds up. What’s more, I think it’s symbolic of Fastmail's greater commitment to fighting spam.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryYou have an email account, but how did you pick your email provider? Do you use Gmail simply because that’s what everyone you know uses?I want your choice of email provider to be intentional, not accidental. Today is the first in a series of episodes where we’ll examine my most important considerations when picking an email provider.Some will be "micro" considerations: specific, individual features. Do they have tags or folders? A "Report Phishing" button? How many aliases do they allow?Some of them will be "macro" considerations: bigger-picture sorts of questions. How do they make their money? What kind of customer support do they have? Are they working to improve the email ecosystem for everyone?I’m going to show you why I prefer Fastmail to Gmail and the other big free providers, like Microsoft, Yahoo, and Apple.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryWhen I choose a digital or tech service, I look for a company with a clear focus that aligns with mine. For each option, ask yourself: what’s the one thing this company does really well?Take Gmail, the most widely used email provider. If you ask what Google’s "one thing" is, some people might say email - but I’d argue most would say "search." For me, I see it as building the internet by means of an advertising economy. A great thing in many ways, but does nothing to make me think they are going to be the best email provider.That’s why I prefer companies with a single, obvious focus. It’s a simple principle, but it’s guided me well. It's no coincidence that most of my favorite security tools share this trait: Fastmail, 1Password, Little Snitch, Syncthing, and Signal.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryWhen you join the email workshop, you will be making some decisions. The first two are simple but important: which email provider you’ll use, and which email client.Your email provider is the company that gives you an inbox and stores your messages on their servers. The big ones are Google (Gmail), Microsoft (Outlook, Hotmail, Live), Yahoo, and Apple (iCloud).An email client is the app you use to read and send email. There are a lot of options. On your phone, that might be Apple Mail or the Gmail app. On your laptop, it's most often your web browser.Personally, I’ve used Fastmail as my provider since 2013. On my phone, I use their custom app (which I love), and on my laptop, I use a browser.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryMost people I know have email inboxes that are overflowing. I can’t count how many times someone has proudly (or sheepishly) shown me their phone with hundreds - sometimes thousands - of unread emails piled up.That would drive me comletely insane. For me, ending most days with an empty inbox isn’t just satisfying - it’s also a big security win. That’s why we’re tackling it in the workshop.Reaching inbox zero takes the right tools and strategies. But the most overlooked piece is mindset. If you don’t accept the reality of the tiny amount of time you have to read email, you’ll never make the changes needed to get to inbox zero.If you’re ready to hit inbox zero - daily, weekly, or even monthly - join me in the email workshop.LinksDigital Organization Guru I likeGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryPrivacy is a popular buzzword these days, but not one you have heard a ton about from me. Especially with email. Mostly because the email system we all depend on was not built for strong privacy.Some companies, like Proton and Tuta, provide encrypted email services. I trust, respect, and am in fact, extremely grateful for their efforts to compensate for such a huge failing in our email system. But when I want true privacy, I don’t count on email - I use tools built for it, like Signal.Life is full of tradeoffs, and choosing an email provider is no different. In the workshop, we’ll dig into those privacy tradeoffs and help you find the option that best fits your needs.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryThis may be the fourth priority in our email workshop, but it’s truly #1 in importance: protecting your email account from takeover. Your email is the master key to all your online accounts. If you want to keep anything secure, you have to start here.The good news? It doesn’t take much. The first step is simple, but it’s something most people still don’t do: use a unique password. I'm not asking you to stop reusing passwords in general. For now, please just start by never reusing your email password - keep that one password unique to your email account.After that, you should enable two-factor authentication for your account. Ideally through an authenticator app, not a text message to your phone.There are a few more advanced steps depending on your situation, but if you have a strong, unique password and 2FA, you’ve built a solid foundation for keeping your email - and everything it unlocks - safe.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to firstEven a Security Expert Can Get PhishedEpisode summaryToday's priority for our email workshop is learning how to dodge the phishers. Too often the only advice we hear is: don't click the wrong thing. While true, that also means living in a state of what Mad-Eye Moody calls constant vigilance! That sounds exhausting.The real problem is that email was never designed with strong safeguards against impersonation. I still remember, as a teenager, emailing my friends - pretending to be Santa. Email has gotten better in the last 30 years, but not by much.In the workshop, you’ll learn two extra layers of phishing protection that almost nobody uses. First, use a unique email address for with each website that sends you email. I'll show you how to make this simple.Second, only allow approved senders into your inbox. This provides a specific trigger to raise your caution level when it's needed the most.Join me if you're ready to stop being an easy phish to catch.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to first10 Spam Per YearEpisode summaryThe second priority of our email workshop is eliminating spam. It’s one of the biggest sources of email stress -- see episode 86 for why this matters so much.Cutting out spam also removes most phishing attempts before they ever reach you. Yet many people see spam like death and taxes: unavoidable.I’m here to tell you that spam IS avoidable. With the right tools -- and the skills to use them effectively -- you can beat spam. I’ve done it myself, keeping my spam to just 10 messages a year (see episode 17).Join me in the workshop and learn how to make spam a thing of the past.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryThe first priority of our email workshop is simple: reduce your email stress.It might sound surprising, but I see lowering email stress as a vital -- and often overlooked -- security improvement. When we’re stressed, we think less clearly and are more likely to click on something we shouldn’t.Some people are so overwhelmed by email that they check it as little as possible. That’s also a security risk -- most security alerts arrive by email, and if you aren't checking your email, you may not see them until it's too late.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryIn this episode, we’re exploring who can benefit most from our email workshop. If email causes you stress, frustration, or fear -- this workshop might be for you.But improving your email situation requires doing things differently, and you need to be ready to do that. There are many strategies, and I’ll work with you to find the ones that best match your needs and priorities.The hardest change I recommend? Setting up a new, paid email account. If you can't or won't, I'll still do my best to help you, but in the world of email, the saying holds true: you get what you pay for.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryEmail has never been more important. It’s the master key to all your online accounts and the universal way we communicate.But for many of us, email is also a constant source of frustration -- spam piling up, the fear of clicking something dangerous, or just feeling overwhelmed by the flood of messages.That’s why I’m going to be running a live, interactive group workshop over Zoom. We’ll meet in multiple sessions, with short educational videos and practical homework in between.By the end, you’ll have the skills and tools you need to take control of your inbox and conquer your email woes for good.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to firstDo I Need to Upgrade to Windows 11?Should I Upgrade to Windows 11?Episode summaryIf you are sticking with Windows 10, I highly recommend installing the InControl app from my favorite security podcaster, Steve Gibson.Fair warning: his website looks like it’s straight out of the early 2000s and is geared toward technical folks like me. If you poke around, just be ready for some serious computer geekiness.The good news: his app is dead simple to use. Download it, double-click to run, click the "Take Control" button, and the big red text will turn green -- letting you know that Microsoft can't trick you into accidentally upgrading to Windows 11 before you're ready.LinksInstall Steve Gibson's InControl appGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to firstDo I Need to Upgrade to Windows 11?Episode summaryIf you’re wondering whether to upgrade to Windows 11, the answer is probably: yes - if your computer can handle it.If you have an older PC, it might not meet the requirements. You can check by installing Microsoft’s PC Health Check App.From a security perspective, there’s not a huge difference between Windows 10 and 11. But, if you decide to stick with Windows 10, please make sure you pay for security updates. I explain how and why that’s important in episode 79.LinksThioJoe talks about Windows 11 upgradeLeo video about Windows 11 upgradeLeo article about Windows 11 upgradeHow to use the PC Health Check appGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryWhen shopping on Amazon, how do you decide what product to buy? If you're like most people, you look primarily at the cost and reviews, and maybe the brand.What most people are missing out on is paying attention to the seller. You can find this just under the Buy Now button - each product has 2 sellers - the "Ships From" and the "Sold By".Anytime you are buying something "Sold By" someone other than Amazon, click on the seller link. It takes you to their mini website on Amazon.There you can find lots of useful information, the most important of which is their reviews. I personally avoid buying from sellers with anything less than 90% rating here, and seek for much higher than that. There's plenty that have 100% or close to it.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to firstThe Safe Website Checklist EpisodesEpisode summaryOne tool that can be useful to help you shop safely online for quality products is paying attention to brands. On the other hand, sometimes the brand doesn't matter much.If you can look at a product and determine for yourself if it's well made, then brand doesn't matter so much. My daughter knows how to sew, so she can evaluate the quality of dresses, so when we bought a dress online recently, we didn't stress the brand.Anytime I buy electronics, which is often, I care deeply about the brand. In large part because it is very difficult to gauge their quality quickly, even for a computer geek like me - it takes using them over a long period of time.When you are on Amazon, and you are wondering if a brand is a good one, check to see if they have a website. Then, apply all the lessons you learned in episodes 70-74.Also useful to ask when you are evaluating a brand on Amazon: are they mainly an amazon seller with their own website just to seem legitimate? Or, are they an independent seller that is trying to truly build a good brand, and just using Amazon to get more sales?Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryAfter October 14, 2025, Microsoft will no longer provide free updates or fixes for the many bugs found each month in Windows 10. That means it's time to make a hard decision.Option 1: Do what Microsoft recommends and upgrade to Windows 11. There's many good and valid reasons not to, and my personal plan is to avoid it for hopefuly 5 years still.Option 2: Pay Microsoft $30 for one year more of fixes, then upgrade to Windows 11. I may do this for a year, then switch to option 3 before moving to Windows 11.Option 3: Pay 0 Patch about $30 per year for up to 5 years, then upgrade to Windows 11. This is my most likely plan.Option 4: Don't upgrade to Windows 11, and don't pay any money for any bug fixes. Options 1-3 are fine, but this is the option I highly recommend against! One of the most universally important things you can do to stay safe online is keep Windows (and all software) updated with the latest bug fixes.LinksMicrosoft announces end of support for Windows 100 Patch offers 5 years of bug fixes for Windows 10Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryIf you shop at Amazon much, you've seen a lot of weird brands. I just searched for juggling balls, and here's a sample of the brands it showed: Duncan, Zeekio, POITOI, Schylling, GloFX, Elcoho, Leitee, GoSports, Lawei, URATOT, Cedilis, DSJUGGLING, speevers.Have you ever wondered why? If not, now's the time to consider it, because the way Amazon does business has massive implications for every American.The short version is this: Amazon actively recruits oversea sellers, particularly Chinese. Amazon incentivizes all sellers to participate in their Brand Registry program, which requires a trademark. Trademarks currently take 12-18 months to get, and picking random letters and smashing them together makes it faster because it's obvious there's no conflict with an existing trademark.We will be discussing some of the implications of this system, and strategies for finding quality products in the crowded Amazon marketplace. In the meantime, take some time to ponder what all this means to you.LinksAmazon Brand Registry RequirementsHow Long to Register a TrademarkNY Times - How Amazon is causing us to drown in trademarksWhy Amazon Products Have Those Weird NamesGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryHave you ever looked at a supposed sale price on Amazon, and wondered if it was real? Wonder no longer!There's an awesome tool with a funny name - CamelCamelCamel. You just copy the internet address from the item you're looking at on Amazon, and paste it into CamelCamelCamel.com, and you get a detailed price history.To make it even easier, you can add a special "bookmarklet" that you can click on whenever you're on an Amazon page, and it will take you to CamelCamelCamel.com with that product selected.It's safe and free - install it now!LinksAdd the Camelet BookmarkletThree Colts - The makers of CamelCamelCamelGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryAfter recording nearly 80 episodes, I've learned a lot about how I like to teach. So it's time for my next experiment.I want to try again to make episodes of about 10 minutes. I want it easier for you to find what you're looking for, and catch up on just the parts that are of greatest value to you.I also want more flexibility, so we are dropping the opening questions, and the call to actions will only happen sometimes.I'd love to hear your thoughts on our experiment. Thank you for listening!Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to firstIntroduction to Privacy.comQuestions we answer in this episodeWhat is Makani's most used online shopping tool?What are 2 key features it provides?What 3 subscription problems does it fix?Episode summaryPrivacy.com offers super powered Privacy Cards that you can use to shop online. You create a unique Privacy Card for each business, then pause and set a spending limit for each card as needed.No more free trials that turn into surprise bills, no more forgotten cancellations, and no more awkward phone calls just to say no.Call to actionIf you've ever been burned by a subscription, this is the tool you didn't know you needed. Start by listening to Episode 14, so there's no surprises when you signup.Then click here if you want us both to get a $5 signup bonus. Or click here for the non-referral link where neither of us get a bonus. Either way is great, I just want you protected.LinksTODO: create my official referral policy somewhere and link to it hereSignup for Privacy.com here and we both get $5Signup for Privacy.com here and neither of us get $5More tips from Privacy.com on subscription managementGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to firstCheck #1 - Is the website less than a year old?Check #2 - What does Trustpilot say?What is a Protection PartnerQuestions we answer in this episodeWhy does this check sometimes get skipped?What’s one super simple way to spot a fake shopping site?Why might a scammer want you to contact them?Which red flags in a reply should make you walk away?Episode summaryThe third item on our Safe Website Checklist is all about communication: Can You Get an Answer?Reputable shopping sites usually offer multiple clear ways to get in touch - a phone number, social media, and live chat - not just email. If those channels are missing, broken, or fake, that’s a big red flag.But even if you can reach someone, don’t let your guard down. Scammers can and do reply - sometimes quickly. The key is how they respond and whether it feels trustworthy. If you’re unsure, bring in your Protection Partner for a second opinion. Trust your gut, or as I call it, your spidey sense.Call to actionPick a trusted shopping website and check which contact methods they offer. Is there a phone number? A real social media presence? Maybe a live chat? Get curious - and the next time you’re on a new site, you’ll know exactly what to look for.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to firstEpisode on Safe Website Checklist Item #1Questions we answer in this episodeWhat is Trustpilot?How did they help Makani identify a highly enticing scam?How can you use Trustpilot to help you stay safe while shopping online?When does Makani use Trustpilot?Episode summaryTrustpilot helped me avoid a scam for a bogus body scale, called Body Pod and sold by Hume Health.Trustpilot is a fabulous, independent source for website reviews.Anytime you are considering shopping at a new website, please look it up on Trustpilot first.Call to actionGo test out Trustpilot by looking up a website, or searching by category. This will help you remember to use it the next time you are thinking about shopping at an unfamiliar website.LinksSearch TrustpilotBrowse Trustpilot CategoriesTrustpilot review of humehealth.comTrustpilot review of myhumehealth.comGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to firstDon't Let Websites Send You NotificationsGive Every Website a Unique EmailQuestions we answer in this episodeWhat bad stuff can happen when you are browsing a new shopping website?How has browser safety changed over the years?What are 4 rules to stay safe while browsing the web?Episode summaryBrowsing the web today is safer than it's ever been, as long as you're not doing anything shady.To stay as safe as possible, there's 4 rules I recommend you follow:1 - Only use a modern browser, and always keep it updated.2 - Do not give a website any permissions it doesn't need, including the ability to send you notifications.3 - Do not download or install anything, especially browser extensions.4 - Do not enter any personal information.Rules 2-4 can be broken the more you get to know and trust a website, but start with following them strictly until you are confident they are worthy of your trust.Call to actionMake sure that you are using a modern, updated browser.If there's any question in your mind about this, please come to the forum and I will help.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Episode summaryKem humbly shares his "epic fail" (his words, not mine!) story so we can all learn from his mistakes. As the story opens, Kem searches for a nice picture of Wellington, New Zealand for his wife's computer wallpaper.As he was speeding along, he accidentally clicked yes on a popup he shouldn't have, giving some malware backdoor access to his computer. As it tried to spread farther through another popup, he realized his mistake.Thankfully at that point with just a few minutes of effort, he was able to kick the malware out and shut the door. I love happy endings! A couple of days later, he took the time to document his story here to share with the world. Thank you, Kem!This was a powerful reminder that we all need to take time to Read the Signs. When we're driving, road signs are vital to our safety.On a computer, signs are also vital to our safety, including popups. We need to take time to learn what the signs mean so we can avoid the hidden dangers.Call to actionTake time to read popups, and especially learn what they mean so you can respond to them wisely. If you don't know what one means, please come to the forum and ask!LinksKem's story with all the detailsGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to firstMakani Leaks His Own DataQuestions we answer in this episodeWhat's the first skill we need to stay safe shopping online?What are the two buckets of bad shopping websites?What are the two buckets of phishing websites?What is the first item on our "safe website" checklist?Episode summaryA vital skill in staying safe while shopping online is knowing how to tell if a website is safe. You need to be on the watch for not only phishing sites, but scam websites too.We usually think of phishing websites as clones of specific websites, like gmail, where the objective is to steal your password. But with shopping, the objective of a phishing website is to gather as much personal information about you as they can, including your credit card.The first question on our safe website checklist is this: is the website less than a year old? If the answer to that question is yes, my advice is: run away, do not shop there, do not even browse there.Call to actionVisit linklantern.com, put in any website, then look for the answer to the first item on our checklist:is the website less than a year old?LinksLink Lantern: shine a light on an unfamiliar websiteFind out when a website was registeredGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to firstWhat is a Security StackQuestions we answer in this episodeWhat are the 6 layers in the Bulletproof Stack Formula?How are they grouped?What are the most neglected layers?Episode summaryThere are 6 types of layers we can review to help us build a Security Stack. They help us build redundancy into our Security Stack. Yes, that's a good thing! We want as many layers of defense as we can to keep the bad guys out.We divide the 6 layers into 2 groups of 3. We have the solo layers: knowledge, skills, and habits.And the team layers: people, tools and services.Call to actionHelp me build a system that is going to work for you by sharing your thoughts. What layer do you feel like you depend on the most? The layers are: knowledge, skills, habits, people, tools, and services. Let me know on the forum.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to firstSeven Critical Router Security SettingsHow DDoS Attacks Affect YouQuestions we answer in this episodeWhat are the 5 questions in the Bulletproof Stack Formula?How do they help us?Episode summaryThere are 5 questions we can ask to help us build a Security Stack. These questions help to ensure that our Security Stack is relevant.This means there is a legitimate threat that I care about, and I'm willing and able to take the steps necessary to defend myself.The 5 questions can be remembered with 5 words: assets, threats, risks, options, tradeoffs.Assets: What am I protecting?Threats: What are the threats?Risks: What are the risks?Options: What are my options for defense?Tradeoffs: What tradeoffs am I willing to make?Call to actionHelp me build a system that is going to work for you. How do you feel about the 5 words I chose to represent each question: assets, threats, risks, options, tradeoffs. Are there any you would replace? Let me know on the forum.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to firstOur Super Chatty DevicesQuestions we answer in this episodeWhat are the 4 phases in a Security Stack?How do they help us?Which one is the most important?Episode summaryThe 4 phases of a Security Stack are: Learn, Prevent, Detect, and Repair. This parallels how an attack affects us over time.We want to Learn about an attack before it hits us, and ideally Prevent it from succeeding. But just in case it does get past our defenses, we want to be sure we can Detect the attack and Repair the damage done.Call to actionPlease build this awesome system together with me by sharing your thoughts. Are the 4 phases - learn, prevent, detect, repair - sufficiently simple and clear to you? Let me know on the forum.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to first4 Strategies for Picking Your PrioritiesQuestions we answer in this episodeWhat does Makani love building?What is a Security Stack?How do you build one?What is the twist on our usual Call-to-Actions for this series?Episode summaryA Security Stack is a piece of your Personal Security Plan focused on a specific area. It is comprised of layers of protection that work together to keep you safe.You build a Security Stack using The Bulletproof Stack Formula, which consists of 4 Phases, 5 Questions, and 6 Layers.Call to actionPlease build this awesome system together with me by sharing your thoughts. Does the idea of a "Security Stack" make sense to you so far? Let me know on the forum.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Questions we answer in this episodeWhat is the 4P formula?What are 4 strategies for picking your priorities?What is the theme of our new series of episodes?How many episodes do you think it will take Makani to finish it?Episode summaryThere's a lot of ways you can improve your online security. But where should you begin? It can be a daunting question to answer.Picking your priorities goes a long way. There are 4 simple strategies you can use to get started: activity, threat, value, and speed.You could prioritize by activity: something you spend a lot of time doing or that makes you nervous.You could prioritize by threat: a common threat like phishing, or a less common threat relevant to your situation.You could prioritize by value: maybe your highest priority is keeping your retirement fund safe.You could prioritize by speed: you want protection, but you are super busy and need to be able to do so quickly and efficiently.Call to actionPick the strategy you want to use to kick off your personal security plan. Then come share your pick on the forum.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to firstUnique Email AddressesTroy Hunt PhishedTroy Hunt Part 2Questions we answer in this episodeWhy is Makani sharing his story?What is a domain name registrar?What is whois data?How can it help me stay safe online?Episode summaryA domain name is what we think of as a website - facebook.com or makanimason.com. In order to have your own domain, you need to pay some money and share some personal information with a domain name registrar.This information is then publicly available, unless you choose to make it private through your registrar. Unfortunately for some domains, like ones that end in .us - keeping this information private is prohibited.Unfortunately, I didn't realize this and registered a .us domain, sharing publicly my name, email address, and phone number. It was a great invitation for hackers and scammers to harass me.Call to actionShare your story of being hacked, scammed or tricked online. Give someone the gift of learning from your experience.LinksLink Lantern: shine a light on an unfamiliar websiteFind out when a website was registeredHover: a simple trustworthy domain registrarGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to firstEpisode 62, Even a Security Expert Can Get Phished (Troy Hunt, Part 1)Episode 17, Eliminating Email Exhaustion - Part 2 - Unique EmailsEpisode 42, Website and Email Filtering, Part 3: Email FriendsQuestions we answer in this episodeWho is to blame for Troy getting phished?How can you reliably tell who sent you an email?How can you cut down your email spam?What are two major flaws in our email system?Episode summaryI don't blame Troy for getting phished. I blame the serious flaw in our archaic email system.Anybody can send anyone an email and you have no idea who it's from. No wonder phishing is a problem.You can't fix the system, but if you're willing to take action, you can greatly compensate for that flaw.Call to actionTake one small step in strengthening your protections against phishing.Maybe listen to episode 17 about unique email addresses.Or episode 42 on how to add a friend system to your email inbox.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Questions we answer in this episodeWho is Troy Hunt?How did he get phished?What are some lessons we can learn from his story?Who will we be inviting as a guest to the podcast?Episode summaryTroy Hunt, a security expert, got phished. He clicked a link in an email, and entered his password into a fake website.The hackers logged into his Mailchimp account that he uses to send his email newsletter. They stole the email addresses of all his subscribers.Troy was humble and brave enough to share his story with us so we can learn. Thank you, Troy!Call to actionShare your story of being hacked, scammed or tricked online. Give someone the gift of learning from your experience.LinksAbout Troy HuntTroy Hunt, Security Expert, Gets PhishedGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Questions we answer in this episodeWhat is the website, ID.me used for?What are the two PIN numbers used in filing your taxes?How can I get an identity protection (IP) PIN?What does it mean (in online security) to plant your flag?Episode summaryWhen filing your taxes, there are 2 different PINs you might use. The first is called your self-select PIN. It's 5 digits long, and pointless.The second is called an Identity Protection (IP) PIN. It's 6 digits long, and awesome. It is a strong layer of protection against a hacker stealing your tax refund.Call to actionClick here to get your Identity Protection PIN.LinksGet an Identity Protection PINInformation about the IRS self-select PINGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Questions we answer in this episodeWhat is a DDoS attack?What social media platform was recently the target of a DDoS attack?How can your home network be impacted by one?What can you do to protect your home network?Episode summaryDDoS attacks are growing faster than the squash in my garden - seriously, it's wild!The slaves in the army? Devices quietly hijacked by hackers.There are millions of them scattered around the globe...And yes, your home devices could be part of the army without you knowing it.Call to actionTake one small action to improve your home network's security.You have 9 suggestions, found in Episodes 51-59.LinksDDoS attack against X/TwitterGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to firstEpisode 40 - Website and Email FilteringEpisode 56 - Home Network Attacks From WithinEpisode 57 - How Firewalls Protect You And What You Might Be MissingQuestions we answer in this episodeWhat is a trojan horse?What are two ways an outbound firewall protects you?What is an outbound firewall's greatest frustration and greatest strength?What is an allow list?Episode summaryIf you want to protect your computer, you need both an inbound and outbound firewall.Almost nobody uses an outbound firewall - despite it's awesomeness.The firewall limits the damage malware can do by blocking it from phoning home or spreading through your network.Sure, you'll need to pay attention when your firewall asks you questions.But that tiny hassle is worth the warm fuzzy you'll get knowing that only apps you trust can make outbound calls.Call to actionJoin the tiny but elite crowd of people using an outbound firewall.If you're on a Mac, get Little Snitch Mini.If you're on Windows or Linux, get Portmaster by Safing.Then report back on the forum how it goes.LinksPortmaster by SafingLittle Snitch MiniGet the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to firstHow to Access Your RouterHome Network Attacks From WithinQuestions we answer in this episodeWhat is a guest network?How can it protect my home network?Does everyone need to use it?What are the 3 categories of Internet of Things (IoT) devices?Episode summaryA guest network is a second wifi network you can set up at home.It lets visitors use your internet without touching your main network.That means your personal devices are protected from any malware their devices might be carrying.If you often have people over, it’s a smart extra layer of protection.A guest network can also protect your devices against threats from your own devices if they get infected.Call to actionLogin to your router, and get a guest network setup today.Please refer to your router's manual for instructions.Get the FREE Bulletproof My Identity Starter KitGet help from Makani

Helpful episodes to listen to first Don't Answer the Phone Bulletproof My Home Home Network Attacks From Within Questions we answer in this episode What is a firewall?Why do I need more than one firewall?Which device already has a firewall enabled?What kinds of devices have an increased need for a firewall?Episode summaryFirewalls in buildings stop fire from spreading.Firewalls on computers do something similar: they stop malware from spreading.Your router has a firewall that blocks threats from the internet before they reach your home network.But what if the malware is already inside your network?For that, you need a firewall on each of your computers.These are especially vital for laptops, which often connect to public wifi.And here’s the secret weapon almost nobody talks about: outbound firewalls.They’re a unique and powerful extra layer of protection - and wildly underrated.Call to actionPlease verify that the firewall is turned on for each computer in your home.LinksChange Firewall settings on MacHow to turn on Windows firewallGet the FREE Bulletproof My Identity Starter KitGet help from Makani