Every month, there is a new hack that affects millions of people. The most recently documented hack was Google, where hackers were using a devilishly clever fake email attachment scam to break into people’s Gmail accounts, thus stealing valuable information to the user.
But hacking is a growing problem in the Caribbean too. Malicious software, eavesdroppers and small time scammers are targeting financial services and legal firms on a daily basis through phones, Wi-Fi, USB sticks and any other form of IoT devices.
Staying secure online can feel like crossing a minefield but it needn’t be. By mastering some simple steps, you can drastically improve your organisation’s security.
Never use the same password more than once
Many of us are guilty of having had the same password for every account for years and, even worse than that, the most common 25 passwords include “123456”, “password”, and “abc123”. The best way to keep your online accounts – from your internet banking to social media – secure is to never use the same password more than once.
Use the above tips to pick a strong password that people won’t be able to guess and run it through a password tester.
Create a different password for each online account that you have and store them in a password manager, such as DashLane, 1Password or LastPass. These services store passwords securely, save time from endlessly typing them out when you log in, and can randomly generate keys for you.
Once you’ve set up a secure set of account logins make sure you don’t share your passwords with anyone.
Check if you’ve been hacked
If you’re worried that you might have been hacked or had any of your personal details compromised, it would be wise to change your usernames and passwords immediately. Before coming up with a string of new keys, though, you can use a service such as ‘have i been pwned‘ to find out if you have an account that has been compromised in a data breach.
Enter an email address or username into the search bar and it will tell you if you’ve been a victim.
Stay up to date
Downloading software updates as and when they’re available is a good way to protect yourself. Software updates for computers, phones, tablets, and other devices generally include improved security settings and patches that fix vulnerabilities. This is also true of updates to any apps or programs that you have installed on those devices.
To make sure you receive the updates as soon as they’re available you can enable automatic updates on your devices, often by looking in Settings.
Check before you download
Before downloading apps onto your phone or software on your computer do some research – check what it’s asking for access to (look for apps permissions in Settings), check an apps’ rating in the iOS or Google Play story, read reviews online, and make sure you’re downloading the official version.
If you use a Windows computer you should protect it using anti-virus software, such as AVG or Sophos. Make sure you regularly install the updates and scan for malware. Use Mimecast Offshore for email security, continuity, and e-discovery compliance.
Keep it private. Check the privacy settings on all of your social media accounts so that only the people you want to share your information with can see it. You can restrict what others see about you in the Setting sections of your account.
For example, you can make your posts private on Facebook, and restrict what Google can know about you. Use a site like Ghostery to find out what websites are tracking you and easily block them.
Look for the padlock
When using secure online services, such as email, online shopping or banking, and social media, always check there is a padlock symbol in front of the URL, and that the web address begins “https://” before you log in or register. Websites must pass certain security tests to be accredited with the padlock, and the ‘s’ stands for ‘secure’.
Watch what Wi-Fi you connect to
Make sure your home WiFi is protected with a strong password that only you and your family know. When out and about never use a hotspot that may be unsecured, especially when what you’re doing is personal or private. What IS a Pineapple and how do they hack you? Technology behind fake WIFI “Pineapples”
Beware of public mobile charging points
It’s possible to hack into a smartphone that is charging via USB in a public place, such as an airport, cafe or on public transport. To avoid being a victim, only plug your phone into trusted computers when using a USB cable.
Use encrypted messaging apps
End-to-end encrypted messaging apps such as WhatsApp, iMessage and Telegram protect your privacy by masking the contents of your messages from would-be eavesdroppers.
Be suspicious of your messages
Never open or forward a suspicious looking email, or respond to a social media message from someone you don’t know. Watch out for phishing emails and text messages that ask you to log in or provide bank details.
Companies, such as Apple and WhatsApp, and government services will never email or text you to ask you to log into your account, provide bank details or download a program.
Type out web addresses
It’s good practice to be suspicious of hyperlinks (particularly shortened links) that come from outside sources, such as unknown senders in an email. If you’re asked to log into an account or provide payment details, type out the URL yourself and go directly to the legitimate site to make sure that you’re not on a fake site that’s designed to look like the official one.
Post in haste, repent at leisure
What goes online stays online so never say anything that could hurt, anger or endanger yourself or someone else.
Log off, log out
Always make sure you log out of your accounts when you’ve finished with them and log off a computer when you’ve finished using it.
Be a clever dater
With hundreds of thousands of us turning to dating apps every day in the quest to meet potential partners, there are a few ways to make sure you don’t put yourself in a compromised position.
Try to avoid disclosing private information when using online dating sites, and take every precaution that profiles you are looking at are genuine. Never be tempted to send or transfer money to people you meet online, however unfortunate their story.
Use your common sense
If an email offer looks too good to be true, the prices on a website are abnormally low or you receive an unsolicited telephone call offering computer support, it’s probably a scam.