HOW TO BE CYBER SAFE
IT’S ALL ABOUT AWARENESS
OCTOBER is Cyber Security Month, which seeks to create awareness of cyber security threats, promote cyber security and provide resources and information to help people and organisations protect themselves online.
Phishing emails appear to be from a recognised source and aim to trick you into giving them information like bank details or login credentials to valuable data sources. These attacks are becoming more and more sophisticated. You can stop yourself from falling victim by:
- Looking at the sender’s address – they are good at spoofing addresses so that they appear to be from a legitimate source, but the address is usually not 100% correct. For example, there is a spelling error or it comes from firstname.lastname@example.org rather than email@example.com.
- Looking for bad spelling and grammar. It’s often easy to see by the language, wording, spelling and grammar that it’s likely not from your bank.
- Hovering over links before you click on them to check if it’s a legitimate site – if it isn’t, don’t click on it to check, just delete it.
If you’re unsure whether an email asking you to confirm your credentials or verify your identity or relogin to your account is legitimate, call the sender and ask if they sent it to you. If you can’t reach them, delete it. Most banks and the like will never ask you to login from a link in an email, so that should be a warning sign.
We use cellphones every day and many don’t have a password or biometric lock. Given the amount of personal (and company) information we keep on our phones, everyone needs some security in place.
Check your apps. Many, even the legitimate ones, are full of spyware, which captures your data and shares it in the background without your knowledge. Before you download an app, look at the permissions it is requesting.
If your password is compromised on one site, like Facebook, for example, and you’ve used the same password on other sites, attackers now have access to your profiles wherever you’ve used that password. This has become such a problem that many companies are reintroducing PINs as they believe they are more secure.
If you battle to remember a long line of random numbers, or numbers and letters (and who doesn’t?), you might find a pass phrase easier. A pass phrase can be a favourite line from a movie or book. Not something obvious, but something that appealed to you and hasn’t made its way into pop culture history. Make the phrase more secure by swopping letters for numbers. For example, “Troy fell” can become Tr0y f2ll. There are millions of books and movies, so you can use a different phrase for each account you have.
PUBLIC AND PRIVATE WI-FI
If you can, rather avoid using public wi-fi. It may be convenient, but there is no way to be sure if it’s safe. On a public wi-fi network you have no idea if you’re connecting to someone else’s computer who is harvesting your information.
When it comes to your private home wi-fi, make sure you give your router a proper password. Many people take the router out the box, set it up and leave the user-name and password set to admin. Likewise, don’t call it “The Jones’ router”; everyone in your street will be able to see it, and know it’s yours.
Social engineering is on the rise. This is the art of using normal conversation to manipulate people into giving up information.
Cybercriminals use phishing emails or face-to-face or telephone conversations, pretending to be a customer or a person wanting to do business with you to extract information they can use.