In April 2020, Google reported blocking 18 million daily malware and phishing emails related to Coronavirus1. With scams becoming more sophisticated and even harder to spot, being vigilant online has never been more important.
It’s no longer just a person sitting in a dark room trying every password they can think of until they get into your account.
Cyberattacks can be highly technical. However, some pre-emptive measures to reduce the likelihood you’ll fall victim are simple and easy to implement.
So, here are 10 tips to improve your cybersecurity.
1. Passwords
In 2020, it was reported that the most used password in the world was ‘123456’2. It’s no wonder accounts using this were the most frequently breached.
We all know passwords shouldn’t be written down, but with free, secure password-storing software, such as LastPass, you don’t have to use a weak password, just because it’s easy to remember.
Use this checklist as a guide to creating a secure password:
- Make your password 8 to 12 characters long, including uppercase and lowercase letters
- Include two or three unconnected words
- Add symbols and numbers to make it more unique
- Avoid re-using the same password for more than one site.
If you struggle to remember multiple passwords, you could use the same core password and put two letters at the beginning or end to denote the specific site.
A good example could be – LetterBrownPath@1591. Then for your Netflix account you could simply add “nf” to the beginning or end, for your Amazon account you could add “am” and so on. It’s not completely foolproof, but a step in the right direction.
For any accounts holding the most sensitive personal data, like your email or online banking, you should always use a unique password.
2. Be vigilant and stay up to date
System providers do their best to keep your systems up to date and keep you safe, but they can only do so much.
94% of malware (software designed to disrupt, damage, or gain unauthorised access to a computer system) is delivered by email3.
Before clicking links in an email, or calling an unknown number, just consider whether it could be a scam. Hesitation isn’t always a bad thing.
Before you click on links or open attachments on any email you receive unexpectedly, always hover over the sender’s email address. This will reveal the true identity of the sender. If it isn’t in keeping with the email format you would expect, delete it immediately.
If you’re still unsure if an email is genuine, call your provider directly (not using the details supplied in the email) to double check with them.
3. Use two-step/multi-factor verification
Using two-step verification adds another identification stage to a login process after entering your password.
Many handheld devices now use facial recognition, or more simple methods, such as receiving a unique code via text. Whichever method you use, adding this extra layer of security to your account can significantly improve your online safety.
Most websites now offer this option as standard but be sure to check your account settings if it isn’t obvious.
4. Lockdown your social media privacy settings
Social media firms are constantly looking to obtain personal information to help them identify content they think you’ll be interested in and offer a better customer experience. But with concerns about how well they protect personal data and speculation that some firms are selling data, they may not always have your best interests at heart.
Not setting up your account’s privacy correctly could leave you at risk of identity fraud.
We often unconsciously consolidate a lot of our personal information in one place – which is easily accessible, unless guarded properly.
Check your settings to ensure your details are only visible to people you’ve allowed.
5. Update software, browsers, and operating systems
As frustrating as regular system updates can seem, they are released for your benefit. Most updates will include fixes to keep up with the ever-evolving technical advancements – both positive and negative. It’s essential you stay on top of these if you want your data to remain protected.
Here are three simple steps to make these updates feel less bothersome:
- Turn on automatic system updates for your device
- Make sure your desktop web browser uses automatic security updates
- Keep your web browser plugins, like Flash or Java, updated.
6. Understand the level of access your apps have
Apps are now a part of our everyday life, with a typical smartphone owner using 10 apps a day and 30 apps each month4.
Apps collect your data for a lot of reasons, one of the most common is to make your user experience better.
But 52% of apps share your data with third parties5.
We’ve all experienced a situation where an ad pops up for something we’ve recently searched online or even a situation where we’ve just spoken about a product, and then there it is appearing on our Facebook feed (spooky!).
Many apps provide the option to change the settings and limit where and when they can track your activity. This can typically be accessed via the privacy settings on your device.
7. Don’t use public Wi-Fi
Using public Wi-Fi makes it relatively easy for a hacker to position themselves between you and the Wi-Fi. This means that any activity on your phone, laptop, or tablet, while on the shared Wi-Fi, could be seen by a hacker first and you would be none the wiser.
The best alternatives are to use the personal hotspot on your phone to provide a wireless connection for your other devices or a private, password protected network at home.
8. Backup your data
As well as saving you the heartache of losing photos/memories, or the inconvenience of losing important files if your laptop were stolen, backing up your data also gives you more options for recovering it in the event of a cyberattack.
Here are some options you can use to help back up your data:
- Cloud Storage
- USB Stick
- External Hard Drive
- Time Machine (for Mac users)
If you’re not using Cloud storage, once you’ve backed up, ensure you keep this device somewhere safe – preferably not in a drawer next to your main device.
If it’s a physical device, it’s a good idea to have two of them, ideally, one being in a separate geographic location.
9. Don’t ignore physical security
Many of us often overlook physical data security when considering how to protect our data.
If someone were to break into your house today, how much personal information would they be able to find in a matter of minutes?
Some physical security risks that are easy to avoid:
- Written passwords
- Sensitive documents in the open
- Easy access to bank cards.
Safes might seem like something you’d only use in a hotel, but they can have their place at home too. Or even better, try to go paperless by scanning then shredding confidential documents.
10. Don’t wait, act now
95% of cybersecurity breaches are because of human error6.
Clicking malicious links is the most common contributor and can often be attributed to a lack of awareness.
With cyberattacks on the increase, not taking action today means you’re more vulnerable than ever. Even just following the first two of our tips could make a big difference if you were subjected to a cyberattack today.
It’s easy to just assume these things will never happen to us, but cyberattacks are increasing in both number and sophistication.
Given the enormous impact they can have on us, it’s worth investing a relatively small amount of time to make some big improvements. It may well save you a lot of time, anguish, and money in the future.
1 Source: Protecting businesses against cyber threats during Covid-19 and beyond (https://cloud.google.com/blog/products/identity-security/protecting-against-cyber-threats-during-covid-19-and-beyond)
2 Source: Study: Hackers Attack Every 39 Seconds
(https://eng.umd.edu/news/story/study-hackers-attack-every39-seconds)
3 Source: Understanding the email threat landscape
(https://www.f-secure.com/gb-en/business/resources/your-complete-guide-to-email-security)
4 Source: BuildFire – Mobile App Download and Usage Statistics (2021)
5 Source: 52% of apps share your data – See the biggest offenders (https://www.komando.com/securityprivacy/apps-share-your-data/782539/)
6 Source: The Role of Human Error in Successful Cyber Security Breaches
(https://blog.usecure.io/the-role-of-human-error-in-successful-cyber-security-breaches)