How to digitally secure your finances in this age of cyber attacks and scams that make you just wanna cry…
Whenever we see a safe these days, it’s easy to dismiss it as an anachronism in the digital era that we live in. Most of the threats we face these days are from an entirely different source.
Even high-profile Hollywood studios, game studios and a huge number of individual users fell prey to the ransomware and either had to pay exorbitant sums, or call it quits and look to strengthen their digital defences to prevent further tragedy.
This is unsurprising as cyber attackers are getting increasingly sophisticated and security companies are playing a constant game of catchup.
What does this mean for the average person? Put simply, digital security is not something you can ignore anymore. Anyone can be a victim. Being lax or ignorant of the types of threats and dangers makes for easy prey.
Common Types of Online Threats
Attackers utilize a variety of methods and ways to get to our sensitive information. Here’s a list of the more common types of threats that you are likely to encounter.
Malware that automatically delivers advertisement as a form of revenue generation. However, it can come bundled with spyware
Malware which collects user information without consent. Information can include keystrokes, activity monitoring and collection of personal data
3. Trojan Horse
Malicious software disguised as a legitimate program that tricks users into installing it onto their personal computers.
This locks up a user’s PC by encrypting files or locking down the system and forcing victims into paying attackers a sum of money. This effectively holds your computer as a hostage.
This is by no means an exhaustive list and I highly encourage readers to constantly update themselves on the latest threats. A recent example is the “WannaCry” ransomware attack. It was a worldwide cyber attack in May 2017 which affected computers across the world. Even computers belonging to Hollywood studios, game developers and hundreds of thousands of average users were affected.
The following list is a few basic steps you can take towards securing your digital platforms and presence.
#1 – Email
So much of our modern-day communication, like receiving bank statements, is done over email which makes email an exploitable weakness by attackers. The following steps will help ensure that your your email is secure, and protected.
- Check if your email provider has been compromised in the past. Data breaches can and has occurred in the past, so be sure to constantly change your passwords every month and, immediately after any security breaches.
- Be mindful of emails from unknown sources and unsubscribe from any suspicious or unknown platforms. These could be disguised as news subscriptions and may eventually sneak an attachment into one of their emails which you may unwittingly open.
- Don’t think email attachments from colleagues or friends are safe. This is because attackers who have seized control of an email address may send out a mass email to everyone on that contact list urging them to open an email attachment that contains malware that will compromise your email or pc’s security.
- Another favourite tactic of scammers is to send a false email from an official sounding email address such as banks, government agencies and more. Always be suspicious of any email claiming you are under investigation, have committed a crime or anything out of the ordinary. If it seems suspicious, is poorly written or raises any red flags, do not hesitate to verify if the email is legitimate. This is known as phishing, where scammers attempt to get users to voluntarily give up their account details.
- Do not use common passwords. What are “common” passwords? In 2016, various news outlets showed statistics with almost 1 in every 5 people having a password with common phrases such as “123456”, “qwerty”, “password”. Instead, try using password management softwares. There are many great ones available such as LastPass, a free Google Chrome plugin, or Dashlane 4, which will generate and update passwords for you. All you have to do is to simply memorize one password that acts as a master key to log into that software.
#2 – Banking and Investment
These are of great interest to attackers. Gaining access to a bank account is a huge score and once money has been transferred out or withdrawn, it is difficult for victims to regain their money.
We all should have an internet banking secure device, or two-factor authentication that will help secure our account, even if attackers through the use of keyloggers, spyware or phishing attempts manage to get our login information. Take the following steps to help make your online experience more secure.
- Always check if the website begins with https://. This is known as the SSL certificate and, in order to secure a certificate, the company has to be validated through a process. An organization needs to install the SSL Certificate onto its web server to initiate secure sessions with browsers. This is done to ensure that your sensitive data such as credit card details and personal information is kept encrypted and secure. Keep in mind that there are various levels of protection such as “DV”, which is merely an indication of ownership and therefore not to be trusted, to “EV”, which is the highest level of certification and security.
- Similar to emails that look “official”, entire websites can be created to mimic a government agency for the sole purpose of scamming unaware people. Avoid these websites and if directed to one, always ensure that the website is legitimate.
- Avoid keeping your passwords in writing or on a notepad on your desktop. As always, whenever possible, use 2 factor authentication to login to any website.
#3 – Your Computers and Smart Devices
This one is simple, ensure that your computer and smart devices are secured. Especially because we also use apps on our phone to access our bank accounts. What do we mean by secured? Be certain that you have good, reputable security software and regularly scan your pc for malware, keyloggers and other harmful infections.
- Ensure that your devices are updated with the latest security patches and updates. Old, outdated software often have exploits that can be taken advantage of.
- Backup your data often and use physical hard drives. Cloud storage may be wonderfully convenient but, once someone gains access to it, it’s game over.
- Install security software. Install a reputable one and scan your pc regularly. Some security software takes it a step further and whenever you perform any online transactions, the software will prompt you if you want to open up a secure browser for your transaction. I highly recommend making the investment in one such as ESET Smart Security which features banking and payment protection, a firewall, anti-virus and malware removal and Malwarebytes, a free program with a premium paid version that protects you from online threats.
- If you use a webcam or a laptop, switch it off or cover the webcam. Top security experts have stated that the webcam is a major weakness and covering/taping over the camera is something they all practice. Robert Herjavec (who’s on the TV show, Sharktank) and even Facebook’s Mark Zuckerberg covers his webcam, which should tell you something.
- Virtual Private Networks (or VPNs) are great and you should use them. The best way to think of a VPN is as a secure tunnel between your device and your internet destinations. VPNs work by connecting you to a VPN server located in another country so as far as the destination or any prying eyes are concerned, you are browsing or using from that location instead of your real one. Even notoriously unsecure public Wi-Fi can be made more secure with a VPN which brings me to the next point.
- Stay off public Wi-Fi, especially when making any transactions online. Hackers can use unsecured Wi-Fi to distribute malware and steal your information. If you do use public Wi-Fi often, it’s very important to use a VPN.
#4 – Yourself
Human error is, unfortunately, one of the easiest ways for attackers to compromise your security. Opening an unknown attachment, falling for a scam email or a fishy phone call can seem like an obvious threat. No one actually believes that they will be scammed until it has actually happened. Attackers and scammers are developing increasingly sophisticated methods and strategies and it’s important to be on our guard.
Educate yourself about the latest threats. It’s prudent to do so because if you know about the latest threats and keep your devices updated, it makes you a harder target.
- Always be suspicious of any “agency” or persons asking for sensitive data. Banks and government agencies are highly unlikely to ask you for your personal information
- We often read about people who fall for scams and scoff at their naivety, wondering how they can be so gullible and foolish. Attackers and scammers often add a layer of truth to their deceit, which is entirely designed to get you to drop your guard. Think about it, once someone tells you a verifiable fact, you are more likely to believe them.
As technology advances, attackers will likewise evolve and create increasingly sophisticated methods of attacks. It’s important to always keep yourself updated and aware. Of course, this is just a basic guide and should be good enough to get you started.