Despite our best efforts, cyber criminals are getting more sophisticated each and every day. But with a bit of training and knowhow, we can get better at protecting ourselves online.
From strengthening our passwords and using anti-virus and anti-malware software, to using in-built computer or smartphone security, every little bit helps when protecting your data from hackers.
One of Australia’s largest online financial brokers, Savvy, has provided Glam Adelaide with ten ways to mitigate cybercrime risk by increasing your own personal cybersecurity.
1. Leave nothing unlocked
Though it may be a pain, if your device or application uses passwords to authenticate usage, you need to set them up immediately. It only takes seconds for a hacker or nefarious actor to access your phone or PC without looking if you don’t have a password or other authentication method installed.
2. Use a password manager
Every single application, website, and device you use should have its own password that changes regularly (every three months or so). These should be strong (combinations of letters, numbers, symbols, and other characters) so they are not easily cracked by hackers using sophisticated cracking rigs.
A password manager such as LastPass, DashLane, or KeePass can help you keep track of passwords across your devices, remind you to update passwords, and keep your master list of passwords encrypted so there’s an added layer of protection if your files fall into the wrong hands.
3. Use two-factor authentication
Two factor authentication (2FA) this is another layer of protection to prevent “man in the middle” attacks – you not only need a password to get into a site or application, but you’ll also need a special One-Time Password (OTP) generated by an Authenticator app (Google Authenticator or Microsoft Authenticator) or sent to you via SMS or email. These 2FA OTPs (yes, lots of acronyms in cybersecurity!) are time limited – and most good sites or apps will alert you to breach attempts by sending you an OTP when you haven’t requested one.
4. Automatically update your software
Out of date anti-virus software is about as useful as a screen door on a submarine. You need to keep all your software up to date – not because you’re missing out on new functionality, but because developers patch up exploits and vulnerabilities – or update definitions of malware and viruses so they can catch new variants that may be circulating in the “wild.” Set your software to automatically update so you aren’t caught out. Don’t have AV software installed on your devices already? Buy some.
Also check with your smartphone manufacturer if they are still supporting your handset with regular security patches. If not, it may be time to upgrade.
5. Monitor your accounts
Having alerts for transactions or unusual activity can help you see if criminal third parties have access to your accounts – real-time transaction alerts on your phone can show you if people are using your credit cards, online payment systems, or bank account or not, and give you extra piece of mind when you’re out shopping so you know where your money is going. You should also request paper copies of bills and transaction reports from time to time to ensure you aren’t caught out.
6. Know how scams work
There are many resources out there alerting you and others to the latest scams – scam operations are not some random dodgy guys trying their luck – they are sophisticated organised criminal businesses using cutting-edge technology. Payment redirection scams cost Australian business $227 million in the last year alone – a 77% increase over 2020. Subscribing to ScamWatch or other fraud protection sites that track these scams means you’ll be wise to new scams as they arise.
7. Hone your BS detector
If you think it’s a scam, it probably is. Some scams are so authentic looking it can even confuse industry veterans. “Spear phishing” which uses social engineering using public (or stolen) information to glean more information from you can look very convincing. If you’re unsure, ask a trusted friend or colleague or report the email or SMS (or communication) to ScamWatch. YouTube videos produced by dedicated “scambaiters” are also a fun and informative way to keep on top of how scams work (Kitboga and Jim Browning are highly recommended).
8. Sign up to identity protection or breach lists
Identity protection services can help monitor if your personal information has been breached or stolen. The “Have I Been Pwned” service is free and alerts you to mentions of your email address in lists of compromised passwords or other breached personal information. Credit reporting bureaux such as Equifax or Experian also offer paid services that alert you if your credit score or history has changed so you can nip any potential identity theft in the bud before it gets too far. Remember: you can access your credit history for free every three months.
9. Watch for warning signs
If you are receiving unauthorised 2FA attempts or emails asking, “is this you trying to login?” – update your passwords immediately. Do not click links in out-of-the-blue “change your password” emails, even if they look legitimate. Sudden loss of cellular network service in a usually high-service area is also a warning sign your identity is being stolen. Always check with your provider if you suspect something isn’t right – it’s better to be safe than sorry.
10. Freeze your credit report
Did you know you can request a ban on others accessing your credit report for at least 21 days? This stops criminals from applying for or checking your credit while the freeze is active. Lenders or banks will also need your express written permission to access your report – otherwise they cannot approve the application. This may be essential if you have strong suspicion your identity has been stolen – or you have evidence your identity has been used in criminal activities already.
Remember: Help your not-so-tech-savvy loved ones
Savvy CEO Bill Tsouvalas says the community can help protect against Australian cybercrime, especially assisting vulnerable people such as seniors and new migrants who may struggle with English.
“Some people who get legitimate-looking texts or emails from their bank saying their account is under threat will click without a second thought, especially if they’re not computer literate or have trouble with English,” says Bill.
“It’s up to those of us with IT skills to bring culturally and linguistically diverse communities together to inform one another of new scams, even if they seem obvious to you and others such as myself who interact with financial technology every day. Greater awareness of scams and cyber fraud is as effective as anti-malware and strong passwords. It all begins with us.”