Phishing scams, fraud, viruses… it seems like hackers are coming up with more and more ways to invade our computers in the hopes of making a quick buck out of us, and they change tactics so fast you can feel like you spend all your time chasing your tail trying to protect yourself. It’s not impossible to stay ahead, though. Following these “best practice” cyber security tips could help to protect you against anyone trying to do you, or your wallet, harm:
Think before you click
Phishing scams are one of the most common ways fraudsters milk their unwitting victims for cash. Scams range from fake emails or text messages from businesses you work with, to dodgy websites or pop ups claiming you’ve won a grand prize, and we’ve probably all had an email to let us know we’ve won an obscure foreign lottery at one time or another!
Scam emails and websites are getting increasingly sophisticated and it’s more and more difficult to spot the difference between fakes and the real thing. So what should you look out for?
Offers that seem too good to be true
It’s great to be optimistic, but believing you’ve actually won a brand new iPhone or another enticing valuable because you’re the “millionth visitor” to a questionable looking website that pops up as you’re trying to do something else is quite unlikely. Offers like this are designed to get you to hand over personal information and details, which can be used against you later.
Our top tip: Be cynical. If there’s any part of you that sees an offer and thinks it’s too good to be true, then it probably is. Trust your inner alarm bells!
Messages asking you to provide security or personal information
Even though a message you receive from a company may look genuine, it’s important to remember that the vast majority of businesses, especially financial institutions, will never ask you to confirm any information like account passwords by email or SMS, so any messages you get from companies asking for this type of information are likely to be scams.
Our top tip: If you think a message like this may be genuine, contact the sender to check. However, don’t use any contact details given in the message or reply to the address it came from – look up the company with a search engine and use the official contact details provided on their website to make sure you’re speaking to genuine representatives of the business.
Messages from companies you don’t remember ever doing business with
Messages like this are almost laughable – you get an email from a bank or another company to let you know there’s been a problem with your account, and the only problem you can think of is that you don’t have an account with them. Like enticing offers, emails like this are usually designed to persuade you to hand over your personal details, so that they can be used against you later.
Our top tip: Of course, while the majority of the time messages like this will be fakes that you can delete, there’s always a possibility that somebody else genuinely does have an account with that company, and just made a mistake when entering or updating their email address. If you’re in any doubt about whether an email is genuine or not, contact the sender using the official contact details from their website. Look these up separately to the message – don’t click through from any links or call any details given in the message.
When everything else seems to check out, having a strong eye for detail can be the difference between falling victim to a scam and saving yourself unnecessary grief. Common giveaway mistakes to look out for include phone numbers that have are one digit away from the genuine number, website URLs with different endings to the one you’re used to (.org vs .com, for example), and sender email addresses that contain typos or are slightly different to the genuine addresses.
Our top tip: As always, if in any doubt about whether a message you’ve received is genuine, look up the official contact details of the company and get in touch with them to check, and don’t take action on a message until you’re sure it is the real deal. After all, if a company really do want to get hold of you for some reason, they will try more ways of getting in touch than a poorly written email!
As well as having to be vigilant against scammers proactively contacting you, it’s also possible for your details to be stolen from genuine websites. There are security measures in place across the web to minimise the chances of this happening, and knowing what to look out for to make sure you’re browsing securely will help:
The “s” stands for secure, and indicates that your connection to that website is private. Most browsers will make it even clearer than having to scrutinise URLs, though, and will show a padlock and/or the word “secure” if a website has been verified as trustworthy by them.
Secured vs unsecured Wi-Fi connections
Wi-Fi connections have various security and encryption features in place to help protect your personal information from other people connected to the same network as you. This is especially important if you use public Wi-Fi hotspots a lot. If a network is unsecured, then you should get a warning message of some sort as you log in. It’s perfectly safe to browse the web on an unsecured network, but you may want to save any online shopping until you’re on a secure network to make sure all your details are kept safe.
Rethink your passwords and secret answers
It’s hard to believe, but there are people out there who dedicate their time to cracking other people’s online account passwords. If you’re among the many of us who use the same password across all the different websites we have accounts for, then there’s a good chance you’re making a hacker’s job easier, as once they’ve cracked your password for one site, they’ve cracked it everywhere. Many websites now encourage you to create stronger passwords by putting rules in place on the minimum number and types of characters you should include, but a good rule of thumb is to go for longer passwords – 16 characters minimum, using a mixture of upper and lower case letters, numbers, and special characters, staying away from names of family and friends.
Secret answers you provide to companies as an additional identity check should you ever forget your password are another thing you should be careful of. Common options such as your mother’s maiden name and your city of birth are not as “secret” as you might think – much information like this is available through the public records like the electoral register. We suggest using secret answers that aren’t officially documented information, like the name of your first pet, your favourite teacher from your school days, or the make and model of your first car.
Install a firewall
Most computer systems these days come with firewalls built in to protect you from cyber-attacks and ensure you surf the web safely. However, it’s always better to be safe than sorry, and bolstering the standard defences your computer comes with is often a wise idea.
Boosting your computer’s security systems isn’t necessarily an expensive exercise, either. There are plenty of firewall and anti-virus packages available for free. A popular supplier is ZoneAlarm Free Firewall which offers real-time, as you surf protection, and special features for wireless connections.
Think before you post
It’s common sense, really, but if employers can take a peek at your activity on social media to make sure you’re not doing anything that could damage the company’s reputation, then it’s highly likely other people are taking a look at your posts, too. Be careful what information you share online on social networks that somebody could use to steal your identity. We don’t just mean “catfishing” you (using your pictures to create a made-up online persona), we’re talking about any details somebody could use against you. This could be personal information that reveals a password, details of when you’re going to be away on holiday that leave you vulnerable to burglaries, or details that give a fraudster enough information about you to create an account or apply for credit in your name. A good rule of thumb is not to share anything
Information about scams and preventing fraud is updated all the time. Make sure you regularly check Action Fraudto keep yourself in the loop on the latest developments and how to stay safe online.