(Philipp Theis/EyeEm/Getty Images)Posted on February 15, 2023, 10:51 am.Nobody would want to fall for scams, of course.But at least among Brazilians, not many actually take practical steps to avoid an unpleasant surprise.According to the cybersecurity company Kaspersky, 40% of Brazilians manage all their online accounts using up to three passwords, and more than half (58%) do not change them often.The consequences of this disregard for digital security can hurt your pocket: a mapping carried out by OLX in partnership with the protection tool AllowMe estimates that, in 2022 alone, the damage caused by scams applied over the internet will reach BRL 551 million.In order not to be part of that account in 2023, you need to dedicate a little time and attention to your passwords.The work is simple and certainly worth it, as explained by Adriana Saluceste, specialist in Information Security and member of the IAPP (International Association of Privacy Professionals).“Like technology, over time hackers have also evolved their methods.Therefore, the more layers of protection, the better”, says Saluceste.“Nowadays, very simple passwords can be discovered in a matter of minutes, and some 'facilities' of the digital world end up also facilitating the action of malicious people.”Contrary to what many people think, you don't have to do “something wrong” to become a victim of an internet scam.Often, scams and tricks are so sophisticated that even experts in the field need to be extra careful to be able to identify them.Therefore, if you never paid much attention to this subject, we have listed eight urgent actions for you to end today much more protected and secure than you started:Knowing if your current passwords - which are probably not that strong - have already been leaked out there is a good start, and can give you that little push to finally dedicate yourself to your digital security.On sites like Firefox Monitor (free, developed by Mozilla) and Serasa Premium (which costs R$169/year, developed by Serasa), it is possible to type the email you normally use to log in and find out if it has already appeared in any data leakage - and then change them as soon as possible.If you have a Google account, you can also count on the Google Passwords password checkup, which also shows which passwords are compromised and which, even if not yet compromised, you reuse on different sites.But if you have a lot of passwords saved in your Google account and you use Google Chrome as your browser, pay close attention to the next step.“If you have your cell phone or computer stolen, or if you catch a virus without realizing it, the first thing fraudsters check is your browser”, says Saluceste.“In other words: you only need to break one password (the one to access the device) to have access to a backup of all your passwords.As practical as it is, saving this information in the browser leaves you super exposed.”“This is another practicality that is very difficult to resist: going through a lengthy registration and login process, or solving everything with just two clicks?”, asks the specialist.“Even if it takes a little more work, always choose the first option.For the same simple reason as the previous item: if your social networks are compromised - which is very easy to happen -, everything else will also be compromised.It's the worst case scenario.”When creating passwords, forget commemorative dates, names and other personal information or that can be easily discovered.Keep in mind that you need to come up with a combination that is complicated for the outside world, but that makes sense to you.Think, for example, of a song you like, such as "I just know that I love you so much."Then, merge the initials of the words with numbers and special characters, and merge uppercase and lowercase, arriving at a password like this, for example: S0*s3i#qT4D+.Did you find it too complicated?If so, Adriana Saluceste points out that there are more technological, automated and reliable options for creating strong passwords, such as password managers.1Password , LastPass and Kaspersky Password Manager are the best known, and they all offer paid and free versions.“Services like these create strong random passwords and store them in an encrypted digital “vault” that only you have access to with a master password.This one, you will need to remember.But at least it will be just her”, explains the expert.“These apps integrate well with the devices and browsers we already use, and the free versions cater well for mainstream users.”If you've stopped using social networks to log in, changed your passwords to stronger combinations and stored them in an encrypted password manager, congratulations, you're already well protected!But an extra layer of security is never too much: whenever available, use two-factor authentication, which is that option of always receiving a single-use code on your cell phone to complete the login processes.Thus, even if your passwords are compromised, fraudsters will not be able to access your accounts.In case you have your cell phone stolen, two-factor authentication can be a problem, after all, the authentication codes will be sent to the device that you no longer have.But two simple tricks can prevent you in that case too.First, configure your phone to not display notification content when the screen is locked.Thus, the fraudster will first need to break the lock on your cell phone to be able to read the authentication codes.Then set a password (also called a PIN) for the operator's SIM card.This PIN is requested whenever the phone is turned on, or whenever the SIM card is placed in a new device - and in case of three wrong attempts, the SIM card is rendered useless.With this, the fraudster will hardly be able to bypass the two-factor authentication that you configured in the previous step.Finally, don't go around creating accounts on services that are not essential in your daily life.The “fashionable” app of today will likely fall by the wayside soon, and then it could become a point of vulnerability for your data.“As simple as it may be, each new registration represents a new assignment of your data.And we almost never read the fine print of privacy policies, which often leads us to consent to the sharing of our data unintentionally”, explains Saluceste.“We always need to be mindful of who we are sharing with, and what consents we are giving in doing so.”In the most relevant events in Brazil and the worldA word from our partnersFollow the latest news and updates, here at Exame.