#1 Cybersecurity Expert Reveals: 5 Ways to Protect Yourself Online (Starting Tonight)

What It Covers

Cybersecurity expert Caitlin Sarian joins Mel Robbins to explain why every person with a smartphone is a target for online scams — the third largest economy globally — and delivers five concrete steps anyone can take immediately to protect passwords, credit, personal data, and family members from increasingly sophisticated digital threats.

Key Questions Answered

• •Password Security: Hackers run algorithms generating 10,000 variations of a single base password in seconds, exploiting the common habit of using one root word with minor changes like numbers or symbols. Identify your highest-priority accounts — banking, social media, retirement — and assign each a long, unique passphrase. Use iPhone's built-in password manager, or a dedicated app like 1Password or Keeper Security, and lock any password notes with Face ID.
• •Credit Freeze: Freezing your credit at all three bureaus takes five to ten minutes per bureau and costs nothing. It prevents identity thieves from opening accounts in your name even when your Social Security number is compromised in a data breach. Unfreeze only when applying for a loan or new card, then refreeze immediately. This single step is especially critical for elderly parents and grandparents who are frequent targets of identity theft schemes.
• •Data Minimization Online: People-search sites like WhitePages, TruePeopleSearch, and PeopleFinder publish home addresses, relatives' names, and even IP addresses publicly. Each site has a buried opt-out page accessible through its privacy policy. A deletion service called Incogni automates monthly opt-out requests across hundreds of data brokers internationally, continuously scrubbing personal information that reappears after removal, reducing the raw material scammers use to impersonate or extort individuals.
• •App Permission Audit: Instagram, Facebook, and TikTok actively scan camera rolls users have granted full photo access to, generating unsolicited content suggestions from unposted images. For every app, review three settings: camera access, microphone access, and location access. Set each to "while using" or "limit access to selected photos" rather than full permission. Precise location on Instagram defaults to on at installation and should be disabled immediately in settings.
• •Venmo Scam Mechanics: Scammers send money from stolen credit cards to random Venmo accounts, then message the recipient claiming it was a mistake and requesting a refund. The victim sends real money back, but the original stolen-card transaction gets reversed by the bank, leaving the victim out of pocket. The safest defense is avoiding Venmo and Zelle for transactions with strangers and using a credit card wherever possible, since credit cards offer stronger charge-reversal protections than debit-linked payment apps.
• •Nine-Second Rule Before Clicking: Phishing emails now replicate verified sender names, reference real employees, and mirror legitimate website language precisely. Before clicking any link, pause nine seconds — enough time to check whether the sender's actual email domain matches the real organization, hover over the link to preview the destination URL, and consider calling the organization directly instead. Cybersecurity expert Sarian's personal rule is to never click links in emails at all, calling the institution directly to handle any account action.