Phishing scams, online fraud and identity theft are on the rise. How do you protect yourself online?
The internet has changed our daily lives in many positive ways, but it has also left us vulnerable to increasingly sophisticated scams. The Telephone-operated Crime Survey for England & Wales (TCSEW) showed there were 1.6 million incidents of computer misuse in the year ending March 2022 – an 89% increase compared with the Crime Survey for England & Wales (CSEW) year ending March 2020. The Office of National Statistics (ONS) reports that, in the year ending March 2022, 39% of UK businesses had identified cyber breaches or attacks in the previous twelve months.
PC Man’s top 10 online safety tips
1. Protect your network
Network security is one of the best first steps to protect yourself from viruses, malware, and other online threats. Antivirus software’s primary role is to detect and block viruses and other forms of malware on your devices. It offers spyware protection, blocking malware that ‘spies’ on your computer files, stealing confidential information such as passwords and credit card details and web protection that secures your devices against web threats, blocking untrustworthy websites. It also offers spam protection, which detects virus-infected emails and stops them from getting to your inbox.
A firewall prevents unauthorised access to a network, acting as a defensive barrier between your private internal network and the public internet. Enabling your firewall will protect against external cyber attacks, shielding your computer or network from malicious network traffic.
Keeping your device’s operating system, software and web browser up to date is also crucial. Updates include critical fixes for known security issues. Enabling automatic updates on your device means you will receive the latest fixes as they become available.
2. Always use strong passwords
Each of your accounts should have its own strong password. A strong password includes at least eight characters and comprises a mix of lowercase and uppercase letters, numbers, and special characters.
Don’t use easily guessable passwords such as ‘123456’, or your family names, or birthdays – they are just too obvious. Try a short phrase with numbers and symbols inserted, and change your passwords regularly. You want to use a password that you can remember, but that is hard for anyone else to guess or for malicious software to crack.
3. Opt in for two-factor authentication
Two-factor authentication (2FA) is essentially a way of double-checking that you are who you say you are. After you have logged in with your username and password, you will be asked to verify your identity by inputting a code sent by text to your phone or by email or correctly answering a security question. This means that even if someone has your password, they won’t be able to log in to your account without that information.
4. Think before you click!
Phishing scams use fraudulent emails, text messages, pop-ups and websites to trick users into revealing private account or login information. They are disguised to look legitimate to fool you into handing over your personal details. Never click on links or open any attachments or pop-up screens from sources you are not 100% sure of.
Your antivirus software will help to protect you, however, should a phishing email get through, you can forward it to the Suspicious Email Reporting Service (SERS): report@phishing.gov.uk. If you receive a suspicious text message, you can report it for free by forwarding it to 7726 for your provider to investigate. If you are unsure if a website is safe to visit, copy and paste the link into a link checker to be sure.
5. Social media – everything isn’t always as it seems
Social Media is great for keeping up with friends and family. However, have you configured the privacy and security settings so that your personal information is only visible to the people you want to see it? Criminals can use publicly available information to steal your identity or use it to make phishing messages more convincing, so think about what you’re posting and who has access to it. Avoid posting things like your birth date, address, mother’s maiden name etc.
Be careful when accepting friend requests. Be especially cautious of requests to connect with people you do not know. Not everyone is necessarily who they say they are! Always make sure that the friend request is genuine. If someone you know starts to post something that appears suspicious or out of character, contact them by another method (in case their account has been hacked). If it turns out that their account has been taken over, they should follow the NCSC’s guidance on recovering hacked accounts.
6. Stranger danger – keep your personal information personal
You wouldn’t share your personal information with a total stranger that you met on the street… so don’t do it online! To be safe, never share your full name, address, or any financial information. Think carefully about the usernames you create for websites – don’t include your real name or birth year. And be wary of sharing too much personal information on online surveys or forms.
Those cute online quizzes where they ask you the name of your first pet or the street you first lived on… think about why they might be asking you those questions! Cybercriminals search for clues to assist with cracking your passwords and answering your password reset security questions and for personal information to assist in stealing your identity.
7. Avoid using unsecured WiFi
Your home or office wireless network should always be protected from unauthorised users with a password. When you are out and about try to avoid accessing unsecured public WiFi on your devices. How do you know it’s unsecured? This is usually a free public WiFi network that doesn’t require a password to log in, meaning that you, or anyone else, can use it.
As your device attempts to connect to the network, you may get a notification warning that your WiFi connection is unsecured or has weak security. This means that any information transferred over this network is unencrypted. If you have to use one, be cautious about what information you send over an unsecured network – avoid logging into bank accounts or doing any online shopping that may divulge sensitive information.
8. Shop safely
When shopping online, look for the locked padlock symbol in the address bar of the browser before you make a purchase. This indicates that your connection is encrypted. No padlock, no purchase!
Also, think twice about saving your financial information on websites you buy from, even if you shop with them frequently. Storing your details on their site could put your information at risk if the company’s website or network suffers a data breach.
9. Make sure your data is backed up
Cybercriminals can compromise unprotected computers with Ransomware, a type of malware that blocks your access to the files on your device, and then demand a ransom to restore access. Making regular backups of your data not only minimises the impact of any potential security breach but also protects against data loss should you lose a device, or it dies on you, or you accidentally delete something. Win-win!
10. It’s a team effort!
You might be taking the necessary online safety precautions, but if family or colleagues using your network aren’t doing the same, they could be a chink in the armour. To keep everybody safer online, share this post with them and ensure everyone is up to speed.
If you would like help with protecting your network or have suffered a cyber security incident and need support please do get in touch.
Photo by Towfiqu barbhuiya on Unsplash
