If you’ve ever had your identity stolen online or been the victim of fraud, you know how stressful and financially destructive it can be.
But even though the consequences can be dire, both personally and financially, making sure you’re protected from online scammers is still something that’s often pushed aside to “do another day.”
Unfortunately, cyberattacks are now common, and Twitter recently warned its 330 million users to change their passwords after a bug was discovered in its IT system, which was storing passwords and usernames in plain text.
Meanwhile, headlines last month were full of potential threats from Russia’s state-sponsored hacking attacks and led to a joint warning from the UK’s National Center for Cyber Security, the FBI and the Department of Homeland Security. USA
Fortunately, large-scale cyberattacks are quite rare, but we regularly hear from people who have fallen victim to online fraud.
We asked various cyber security experts for their best tips to avoid becoming a victim and here we have put together a list of the best ones exposing the latest tricks so you can give crooks a hard time:
(1) Be careful about the information you share on social networks
Social media can be a treasure trove for scammers, especially when it comes to finding personal details and potentially scamming people out of their money.
Therefore, it is important to ensure that personal information, such as your date of birth, phone number, or address, is not shared here.
Similarly, if you leave regular updates on your social media accounts when you go on vacation, this can be a tool for criminals, alerting them when your house is empty.
Lisa Baergen, director of online technology firm NuData Security, said: “By looking at your photos or videos, hackers can figure out where you live and work.”
“They can find your spouse’s name and who you socialize with, even your pet’s name which you can use as an answer to stronger security questions, even your mother’s maiden name, a favorite data point used by creditors and financial institutions to verify your identity.’
To protect yourself on your social media feeds, check your security settings to see who can access the details you share. Make sure your security settings are set to the highest possible settings and use less obvious answers to security questions, such as your pet’s name, which can be easily obtained from your profile.
(2) A password manager will encrypt and store all your passwords
You’ve probably been told a thousand times to change your password regularly and have a different one for every account you use. However, remembering eight or nine different passwords (if not more) and changing them regularly can be a real hassle and time consuming.
Instead, a password manager can do this for you. They are free to use and generate strong passwords with a combination of letters, numbers, and special characters. These are then stored in an encrypted account and when you log into the password manager, your username and password will automatically fill in when prompted.
Adam Brown, spokesman for online technology firm Synopsys, explains: “Users have hundreds of online accounts these days and if one of them is breached, and password data is leaked along with a bindable identifier such as a username or email address, then that user’s password is often no longer confidential due to the common but bad practice of password reuse.
Anything user related should be avoided, along with dictionary words and variations. Targeted attacks use reconnaissance to gain intelligence about the victim; social media or even public records can reveal names and dates of friends and family, etc.
‘Ideally, a single string with numbers, uppercase and lowercase letters, and special characters should be used; and sentences can help increase the complexity of a password and keep it easy to remember.
‘A reputable password manager gives users the opportunity to use passwords that cannot be guessed (which also tend not to be memorable) with their online accounts. It may seem like putting all your eggs in one basket, but they have very strong security controls, and in fact, a good password manager never stores your password, just a super encrypted version of it that only you have the key for (the app password manager and password) can access.’
(3) Install updated antivirus software
When you connect your computer, mobile phone or tablet to the internet, you are potentially opening it up to catch a virus that could steal your private information.
To prevent this from happening, install an antivirus program and be sure to update it regularly. This includes running regular full virus scans and downloading updates sent by the provider.
There are a number of free antivirus programs available, such as Windows Defender (free for those with newer versions of Windows), Avast Antivirus, and Avira.
(4) Patch your operating system
‘Patching’ your operating system simply means completing regular updates to whatever system you are using.
Big companies like Apple and Microsoft send them out to make sure users of their systems can fully update their computers with the latest virus-targeting and virus-removing software.
This is especially important when it comes to cyber security, as these patches will often include details to protect your computer from recent online viruses.
(5) Use a VPN connection when searching for private information online
A free Wi-Fi network can be a boon if you’ve run out of data or just don’t want to burn through your data while using the internet.
However, it can also be used by hackers as a way to steal personal and financial information from people who use the network.
Open Wi-Fi networks are not as secure as private ones, so try to avoid using online banking or entering your payment or personal details when using one.
If so, a VPN or virtual private network connection can give you an extra layer of protection.
These allow you to remotely connect to a private network and encrypt your internet connection and any data you send, so that no one can access this, including your internet service provider or a potential hacker.
There are several VPNs available for free online and a number of apps that you can download.
(6) Check your credit score regularly for suspicious payments or applications
Often, your credit score can be the first place you find out you’ve been hacked, because any credit application will show up here. Therefore, it is important to review it regularly and contact the credit reference agency if you notice anything unusual.
James Jones, Spokesperson for Experian, comments: “If you are unfortunate enough to be targeted by a scammer, the sooner you discover it and raise the alarm, the less time and effort it will take to set the record straight.
‘The three major credit reference agencies (Experian, Callcredit and Equifax) offer free support to fraud victims to limit any distress and inconvenience, including liaising with the lenders involved on their behalf. We also offer paid web monitoring tools that can crawl the web and alert you if your personal information is found somewhere new online.
(7) Never open links from people you don’t know
If someone you don’t know contacts you, whether it’s by email, phone call, text message, through social media or even in a WhatsApp message, always check who the person or company is before contacting you. click on any link within the message or submit any of your data.
If there are links or attachments within the message, don’t open them until you’re sure the sender is genuine.
If you know the sender, double check to make sure they intended to share the link and that it’s not a virus.
Ryan Wilk, vice president of online security firm, NuData Security, says: “Most scammers will first try to contact you with an email purporting to be from your bank or financial institution, or perhaps from a trusted commercial brand. Be aware Be very careful with emails received from these sources, it is highly unlikely that any bank will contact you via email.
“Unfortunately, emails from brands are standard routine (sometimes all too often) and have become extremely realistic and sophisticated. If an unsolicited incoming email asks for your personal and/or financial information, investigate and/or pick up the phone and call the sender’s organization directly.’