Story by Alistair Gray
I don't know about you, but hardly a day goes by when I don’t receive an email or text message which is a scam or potential fraud. Recently I received a text allegedly from my daughter saying she had dropped her phone in the toilet and asking for money. For the unsuspecting this message might seem very plausible. I immediately blocked the number and deleted the message.
With major information hacks on the likes of Optus and Medicare you are probably wondering how you can protect yourself and your private information from an online scam.
From my own experience and research I have put together a few tips. I don’t profess to being some internet security guru. You need to be responsible for your own situation and proactive in reviewing your online security. Don’t assume everything is OK. Scammers and identity thieves can create absolute havoc by pretending to be you, accessing your bank accounts and details, stealing your money and ordering products using your private information.
Hopefully some of the following ideas may help and even surprise you.
Create completely different passwords for every login that is required
A unique password for each login is critical as part of your essential security. For example don’t use a password like Bribie1973 and another Bribie1974. Most sites have a username - usually your email address. Hackers have systems that scan Facebook and alike, collating information about you to then determine your password. They only have to get it right once to control your whole system.
Use a ‘Password Manager’ to store and create unique passwords
Nowadays you can have hundreds of different passwords so using a password manager like LastPass is essential. This service not only stores your passwords, it also generates unique passwords and long passwords made up of symbols, numbers and letters that would be almost impossible to break. Access to the password manager is via a master password and once you get used to the system it is relatively easy to use and very secure.
Never, ever share your passwords
If you do for some reason share a password immediately change it after use.
Always use multi-factor authentication when available
As frustrating as multi-factor authentication is it will significantly enhance your information security by using two different forms of authentication, either via an authentication app, text message, email, fingerprint or even facial recognition, then entering a code or tapping the authentication button.
Use your smartphone to make payments
Contrary to what many may think making payments by swiping the traditional plastic credit card or even using tap-and-go is significantly less secure than making a payment directly from your phone using an app like Apple Pay or the Android equivalent. The reason is that the app uses a one-time authorisation code making another payment impossible. As a result plastic cards could be open to skimming.
Install and use Antivirus and internet security software
Ensure you are using all the tools that come with your antivirus and security software which warn you of bad links and doubtful websites, significantly minimising malware risks and providing vital virus protection. You can usually extend protection to your phone and other devices.
Don't connect to unsecured public wi-fi networks
Scammers and cybercriminals can access your data at free hot spots and wi-fi networks at airports, clubs, cafes, motels and libraries. Avoid them unless they are a trusted connection like your home or work networks, particularly if you are conducting sensitive transactions like banking. I seldom use public networks preferring to use my phone data directly for such transactions. Another way you can secure yourself is to use a VPN (Virtual Private Network) which encrypts all your internet data.
Clear your cache
Your internet history including saved searches and cookies, is held in your computer's cache. Clearing this can enhance your security. Research this before clearing so you have an understanding of the implications around losing some of your cookies.
Turn off the ‘Save Password’ feature in your browser
Password managers when set up, offer to import your saved password data from your browser. As a result a cybercriminal could do the same thing. Therefore it is suggested you protect yourself by not keeping your passwords in your browser.
Update and back up your devices
The world of cybercrime is changing very fast. So it is wise to keep your devices updated with the latest software and backed up.
Be ultra-careful of links to websites where they want your personal information
See comments in 12 below.
Phishing scams with bogus look-alike websites
Cybercriminals will send you an email or text message encouraging you to visit a bogus look-alike website to get you to sign in, thus giving them your personal information and password. Once they have this they immediately take control of your account. They can access further information, potentially taking over your identity and stealing from you. An example is a recent email I received from Telstra that looked very real except for the fact that I don't have a Telstra account. I have also received a series of emails from Netflix saying my account is about to close and I need to update my details. You should always carefully examine emails to ensure their authenticity by carefully examining the website name which is often a giveaway. For example, a web address like www.telstra.idiotcustomer.com is clearly not an actual website. Look at the landing page they are sending you too. Often the colours, the logo and the quality of the website tell you something is wrong. DO NOT FILL IN YOUR DETAILS. If in doubt, pick up the phone and talk in person to whoever sent you the email to confirm it is valid. It is better to be over-cautious than have your bank accounts emptied. Want to find out more-
An excellent place to start is the eSafety Commissioners website www.esafety.gov.au.
Or talk to your local computer specialist.
Comments