How To: Protect Yourself Online
We’re operating in a wild west of unprecedented dangers online. Need proof? Well, it is estimated that “the global cost of cybercrime will reach USD $6-trillion annually by 2021.” As we reported earlier this week, rates of traditional crimes are plummeting while the number of criminals moving into the cyber dimension is skyrocketing.
In recognition of this - and just how easy it is to be compromised online - we’ve put together a brief list of tips and tricks, as well as an explanation of some of the more innocuous ways hackers can trick you into accessing your network and your accounts.
First up, some definitions. Malware - malicious software - is a nasty set of computer code that comes in a variety of forms: viruses, worms and trojan horses. Malware can find its way to your device through the opening of a link, even just the email that it is attached to, usually sent from a user posing as a familiar company like the tax office, postal service, telecom company or widely-known commercial names. Criminals often include an urgent subject, tricking the recipient to panic and open the contents of the email. From here, malware can find its way onto your device and begin working away on compromising your system without you even knowing.
Common tools that can be installed onto your device by cyber criminals are remote administration tools (RATs) that can access your computer’s microphone, camera and also have the ability to instal further malware. Keyloggers are often used to record all the key strokes on your keyboard, which can be used to copy your credit card details, private log in details and email addresses. Ransomware is another tool, albeit less common, which will encrypt and essentially hold hostage your data, until a ransom is paid to the criminal, usually in a crypto-currency, which is harder to track.
So, how do these things end up on your device in the first place, and what can you do to stop them?
The Australian government’s Stay Smart Online initiative lists a handful of tricks to better protect yourself online. First up, and no secret at all is to keep your anti-virus software up to date, as well as frequently backing up your files, so if they were to be compromised on one device, you’ve minimised some of the potential damage.
When it comes to browsing the net safely, you need to be diligent, here’s some things you can start doing to improve your safety online:
-Frequently update your passwords; passphrases is actually a better term, because they should be long, complicated, and include a mix of letters, numbers and symbols. Keep a log on a piece of paper hidden in your desk, or purchase a password manager for the most effective way to manage all your passwords; you’ll only need to keep track of one ‘masterphrase’, and a lot of the software out there will frequently update your passwords to keep your account protected.
If you’re an organisation that comes in contact with sensitive data of your clients, you should - in some cases, you’ll be required to - implement a information security standard like ISO 27001. Implementing this will inspire confidence from your stakeholders in your products and services, and your willingness to go above and beyond to keep their data secure.
-Only download files from trusted websites, official app stores and legitimate organisations. If a website seems illegitimate, keep your credit card in your wallet, and try to find whatever you’re interested in buying from another online shop. This is particularly true if the price attached seems too good to be true; it probably is… and a scammer will gain access to your financial details.
-Where possible, always opt for two-factor authentication on log ins. Financial institutions and government websites require ‘TFA’, with more service providers moving toward this authentication to ensure the person logging into the account is precisely who they say they are.
-Be wary of shortened URLs, often used in social media and websites masquerading as news, which could very easily fool you into installing malware onto your device.
-Limit your activity while using a public wifi signal, which are relatively easy for a sophisticated hacker to compromise. A good rule of thumb here is to avoid logging into a social media account, and certainly don’t access your bank’s website while at a cafe, airport, hotel or library.
-Seriously consider purchasing a virtual private network (VPN) for both your mobile and computer devices. VPN’s are particularly useful for public wifi signals, due to the fact it creates an encrypted tunnel, allowing data traffic to pass more securely between your device, and the network.
-Optimise the security settings on your internet router at home. Always keep the firmware updated, as security patches are often included in updates, and ensure remote management of the router is disabled. Use the strongest encryption protocol possible, and if your router is known as a ‘legacy’ model - manufacturer before the WPA2 protocol became mainstream - you should be shopping for a new router.