Your private information is the most important thing you own. Your address, telephone number, ID, and banking details are worth more than their weight in (digital) gold.
By Brian Pinnock, cybersecurity expert at Mimecast
With the right info, cybercriminals can easily gain access to private aspects of your life and exploit that for monetary gain.
In today’s digital world, it’s essential to maintain a tight grip on your digital security.
And it’s for good reason: our latest research found that South African firms reported an 88% increase in phishing attacks: criminals are trying to steal your information from you through some clever and not-so-clever tactics. Where an email-borne attack was successful, nearly one in three suffered a direct financial loss, 28% lost customers and, for 27% of organisations, some employees lost their jobs as a result of the security breach.
Spring has sprung, and it’s a good time to do a quick spring clean of your personal online security.
Here are nine easy ways to protect your information:
* Protect and change your passwords – Remembering a long and complicated password can be a chore, but it’s an important part of digital security. Be sure to update your passwords at regular intervals and not to share them with anyone else. The best advice is to use a password manager so that you don’t have to remember a whole list of passwords for different sites. If you don’t use a password manager which creates a random password, at least have a password that’s longer than eight characters and isn’t the word “password.” Ideally use a passphrase e.g. “thequickbrownfox” rather than a known word like “fox” (which is susceptible to a dictionary attack). Use a mix of upper- and lower-case letters, numbers and special characters. However, be aware that password hacking software is not fooled by simple tricks like “P@ssw0rd” And don’t use the same password across all your accounts – if one becomes compromised, it will put all of them at risk.
* Two-factor authentication – Most services, such as online banking, offer two-factor authentication. When accessing your information, you’ll be prompted to enter your password along with a unique code that is sent to your phone or emailed. Sure, it’s an extra step when you’re desperate to buy a new coffee machine online, but it’s a crucial one. It’s much harder for hackers to use your credit card number when there’s an extra layer of security.
* Be careful of links – Did someone email you a link to a funny video and the message looked a little strange? Did a random company say you’ve won a competition that you’ve never entered and requested that you just “click here?” Be careful, hackers could be trying to install malware on your device and gain access to it. Be wary of emails, SMSes and smartphone notifications asking you to click on links.
* Make sure your software is up to date – Phone or computer updates may seem pesky, interrupting your work or YouTube videos, but those updates are absolutely necessary. Software companies aren’t creating updates to waste your time, but to plug any security holes they may have discovered and reinforce the system. Make sure your software is set to auto download and install the updates.
* Lock-down your device – It’s not just your online passwords that need protecting; your device needs protection too. Be sure to lock your PC or phone with a password that only you’ll know, enable biometrics (such as fingerprint scanning), and don’t leave it unattended and unlocked.
* Regularly scan your device – Most operating systems, like Windows, come pre-packaged with anti-virus and security software. These pieces of software should always be up-to-date and allowed to regularly scan your device for threats. However, most standard security features are not adequate by themselves to protect you, so invest in additional layers of security by investing in specialist email and web security software.
* Don’t rely on big companies – You shouldn’t just rely on big companies to keep your information safe and secure. While corporations often have massive security departments who try to stop digital threats, they’re not invulnerable to attacks. Just look at the recent British Airways hack that exposed the personal details of half a million customers and prompted regulators to issue a R3.3-billion fine. Keep a close eye on your service providers and, if one has been hacked, quickly change your passwords.
* Have a heathy sense of distrust – It’s not uncommon to receive a phone call from someone saying they’re your internet service provider or bank, asking a range of personal questions. It’s okay to say “no” to giving out info if you feel uneasy. Most banks have strict policies over the type of information they request from customers either via phone or online. If you feel unsure or uncomfortable, end the call and dial your bank’s call centre call. You’ll easily be able to determine if the call was legitimate or not.
* Check if you have been compromised – A useful site is https://haveibeenpwned.com/. This site only needs your email address to check if you have an account that has been compromised in a data breach. They only tell you what data breaches contain your email, so users will physically need to go to those sites and change their password. Never re-use a password that was exposed in a data breach as these are re-used by hackers in credential stuffing attacks on other sites.
Put your personal security first
It is essential that you put your personal security first, as well as the security of those around you. Make sure your family, friends, and company understand cybersecurity and why all of their information needs to be protected. Chat to your colleagues at work: one malicious link or attachment shared among colleagues can easily compromise internal systems and cause devastating financial and productivity losses.
Spend some time this spring to spring clean your personal security and ensure you can use the benefits of digital technologies without putting yourself – and your colleagues, friends and family – at undue risk of cybercrime.