Cybersecurity – Ensuring Your Information is Safe Online

We spend so much of our lives online, from social media, to shopping online, to watching Netflix on a Saturday night. On average, Aussies spend upwards of two hours a day just on social media alone!

All this time on the web means some of our personal data is inevitably stored online; family photos, important documents, bank information, you name it! This is why it can be so alarming when our cybersecurity is compromised.

October is Cyber Security Awareness Month, which has ironically (and unfortunately) coincided with breaches in both Optus and Medibank’s databanks, putting Australians’ cybersecurity at risk. It’s easy to understand why people would be concerned about their safety online after such large and highly publicised hacks.

If you’re concerned about your digital information, there are simple steps you can take to increase your personal security online and protect your data.

Use multi-factor authentication

Most major online services that house your important information offer the option of multi-factor authentication (MFA). MFA requires the user to present two or more pieces of evidence before granting access to a resource. This process is a quick and secure way to prove your identity before accessing information, by using proof of something you know, something you have and something you are.

MFA can be activated on (but isn’t limited to):

• Email
• SMS
• PIN
• Authentication apps
• Physical passes or tokens
• Biometric scan (Face ID, fingerprint)

These authenticators are a highly effective way to prevent cyber attacks and make it more difficult for cybercriminals to impersonate you to access your data. According to Google, two step verification leads to a 50% decrease in accounts being compromised.

Protect your email accounts

We’re all guilty of ignoring those pesky password update reminders but changing your password regularly can be instrumental to enhancing your safety.

Gmail and Outlook both offer to save usernames and passwords to allow for easy access to any web pages you may visit frequently. While this is convenient and makes keeping track of numerous login details easy, it also means hackers can target your email login as a pathway to accessing bank login details, social media accounts and your contacts.

To ensure your email is safe it may be helpful to:

• Use a secure password manager – This can suggest and save highly secure passphrases instead of passwords. Passphrases work like passwords but are randomized to lower the risk of being guessed. A password manager also protects your passwords and phrases with military grade encryption.
• Regularly update your passphrases – especially if your email has been compromised. If your email is already compromised, you should do this immediately.
• Enter your phone number as a backup – This can provide access to your account and help you recover it if you’re ever locked out of your email, accidentally or maliciously.
• Go ‘Passwordless’ – This is a type of MFA. Instead of relying on a password, you can install authenticator apps on your phone or personal digital device that provide login access, this is a great choice for emails and most banks already insist that you use them for E-banking. .

Be Cautious of Phishing

No, not that kind of fishing! Phishing is a form of cyberattack where scammers pose as someone else, such as an organisation, service, or reputable individuals to get you to disclose personal information. This can include bank account information, card details or passwords. This can be done via email, SMS or direct social media messages. You can identify phishing scams by:

• Checking for spelling and grammar errors – Reputable organisations will usually have an editorial team to ensure their content is of a high standard. Obvious spelling errors and poor grammar can be a sign that the message isn’t genuine.
• Looking at an email domain or phone number – Phishing emails will often claim to be from a company or organisation but will feature an email domain that does not match the company. Alternatively, they may feature the correct company name, such as Amazon or Microsoft, but feature misspellings used to trick automated phishing security.
• A lack of specificity – Companies such as your bank or a subscription service will usually use your name. If a message begins with a variation of “Dear Sir or Madam” it might mean the sender doesn’t have your contact details and is phishing.
• Urgency– If the email or message is demanding immediate action with no prior warning, it could be a scam. Trustworthy organisations will usually give a reasonable amount of warning for deadlines and provide a fixed date.

It’s understandable that many people are concerned about their cybersecurity given the recent increase in cybercrime attacks. However, by taking the correct steps to keep your data safe you can significantly lower the chances of it landing in the hands of the wrong people.

• SHARE