Five Security Tips for Writers

As we publish and promote our work online, we have several security issues to contend with: Protecting our online properties and identities, avoiding being scammed and tricked through email, and even ensuring that our blogs and websites aren’t hacked by people whose idea of a good time is to ruin someone else’s work.

Writers, especially if you’re not very tech savvy, are vulnerable to all kinds of cyber attacks, hacks, and scams. And if you don’t know how to protect yourself, you could fall prey to any number of attacks. So here are five things you should do to protect your online work, your online properties, and your identity from hackers, thieves, and ne’er-do-wells.

1. Get strong virus protection

You probably have virus protection software, but you need to make sure it’s up to date, strong enough to catch everything, and able to keep up with the latest changes and developments. If you have Windows, you probably have something like Norton or McAfee. And while Mac users may assume their computers aren’t vulnerable to attack, think again: there are plenty of Mac specific viruses out there.

If you don’t have virus protection, especially Mac users, get the free version of Avast. I like it because it sits quietly in the shadows, protecting your computer, without drawing any attention to itself. You can relax, knowing your computer is protected from the worst the Internet has to offer.

And if you’re a PC user who doesn’t like the bloated software programs you currently have, Avast is still a viable option. It also works on your mobile phones and tablets, so make sure you’re protected all the way around.

2. Use complex passwords

I actually wanted to write that in all caps. That means don’t pick your kids’ name, your pet’s name, or the name of the city where you were born. Don’t try to substitute @ for ‘a,’ or 3 for ‘e,’ because everyone knows that trick. Gone are the days of hackers trying to guess your password. They have software that can try thousands of passwords in an hour, which means your D@isy1986 password got cracked before you finished this sentence.

That doesn’t mean you need a random string of characters like you face planted on your keyboard, like xbwMmh$RX44tp4,C9Vv+. These passwords are so bad that the guy who actually invented them is now sorry for all the pain he’s caused.

Instead, passwords like statue-syllabic-biceps-north are just as effective as the completely random password, because it’s just as impossible to crack, but it’s easier to remember.

Get a password vault like 1Password (my favorite) or LastPass. Both have a password generator, both will remember your passwords so you don’t have to, and both work on all devices, including your phone, tablet, laptop, and your web browser.

3. Never, ever click on an email from your bank!

In fact, beware of all emails from people you’re not expecting. Basically, unless you’re expecting a message from someone who uses Google Drive, someone from your bank, or a friend who’s traveling overseas, never, ever click any links in any emails from anyone you don’t know. If you’re not sure, call that person and ask them if they sent you something.

There are a few things you can do to make sure your emails are safe.

1. Use Gmail or Yahoo. Their spam and phishing checkers are top-notch. The email account from your cable company might not be.
2. Mouse over any link and then look in the bottom corner of your browser (left on Chrome and Firefox; not sure about the others). You’ll see the web address of where that link actually goes. If you get an email from PNC and that link doesn’t go to PNC.com, it’s a fake.
3. Some hackers are tricky and might get PNC1.com or PNNC.com and hope you aren’t paying attention. Google and Yahoo will normally push these to the spam folder, but you need to be vigilant because one or two will slip through.

Finally, remember, your bank or credit card company won’t email you that there are problems with your account. The IRS won’t email (or call) you and say you owe a lot of back taxes. Ignore those emails completely.

4. If you manage your own WordPress blog, keep everything current

One reason for plugin updates is so developers can close up vulnerabilities that hackers might exploit. So it helps if you keep plugins, themes, and even the WordPress engine itself as current as possible. I set a reminder for myself to update all my client blogs once a week, as well as run backups to ensure everything is as secure as possible.

Also, I recommend installing a security plugin like WordFence. It helps block out attempted hackers by shutting anyone out who has too many failed login attempts. I also use Limit Login Attempts and WP-Ban on my own blog, but I’m starting to migrate clients over to WordFence.

Finally, don’t use too many plugins. The more plugins you have, the more potential vulnerabilities you have. Try to use plugins from developers who keep them up to date and are going to be around for a while. Use plugins that have been around for a while, have hundreds of ratings, and are rated 4 stars or higher.

Note: If you have a blog on WordPress.com, Blogger, or Tumblr, you don’t have to worry about any of this. But if you host your own WordPress blog on a server like GoDaddy, you do.

5. Protect your work with copyrights

We have some pretty good copyright laws in the United States. Basically, if you write or publish something, it’s automatically copyrighted (There’s more to it than that, but I have a limited amount of space here. Click that last link for more information.). You can further protect your work by registering your work at Copyright.gov for $35 – $55.

A copyright doesn’t make it easy to monitor everything though, it’s just legal protection. But you can set up monitoring services for things like your character names, your name, or even unique sentences and phrases. I once caught a guy who plagiarized one of my humor columns by Googling a unique phrase from it and finding it in a Canadian newspaper.

But you don’t have time to Google your work every day just to prevent plagiarism and copyright violations, so you have a couple of choices:

1. Set up a Google News Alert or TalkWalker.com alert for specific phrases, character names, and your names. This will tell you if someone is publishing your work on their website
2. Set up alerts on Copyscape.com for specific web pages and properties. For example, you can use the Copysentry service for $4.95 a month to monitor your blog or website to make sure your work isn’t stolen by someone else.

We don’t have to take special security precautions just because we’re writers (other than protecting our copyrighted works), but there are special precautions we have to take because everyone is susceptible and vulnerable. So do what you can do to protect your work, your money, and your identity. Be smart with your passwords, don’t trust suspicious emails, and make sure you have the latest security software on your blog and your computer.