Cybersecurity
Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyberthreats. The practice is used by individuals and companies to protect against unauthorized access to data centres and other computerised systems.
October is cybersecurity awareness month and with this in mind along with the increased use of technology we thought it would be useful to inform you of some precautions that you should all take.
Choose secure passwords/passphrases
A secure password helps keep you safe online. The key to your password being secure is its strength and memorability. If you are concerned about the security for any of your online accounts, please update your passwords immediately.
- Never use your PIN, name in any form (first, middle, last, maiden or nickname) and / or date of birth as your password.
- Putting together a few words or phrases makes a longer password that can be easier to remember.
- Use a combination of letters, numbers and special characters (at least 10 in total). Using less common special characters will help strengthen your password.
- Change your password regularly. There’s no set rule on this, but the more frequent the better.
- Always use different passwords on key accounts that hold financial or personal information. This way, even if one password is compromised, your other accounts will remain protected.
- Set up multi-factor authentication for your email accounts / WhatsApp.
- Never access your password information if you are using an unsecured, public WI-FI connection.
Protect your computer
Many of us see these vital tasks as being a bit of a pain but they’re essential to keeping us safe online. Here’s how:
- Keep your devices updated with the latest security patches and system software to guard against evolving threats. You can find out more from Microsoft† and Apple†.
- Keep your antivirus software updated to reduce the risk of malicious software and viruses being installed on your computer.
- Your home router is your online front door allowing your devices to connect to the internet, so it’s really important that you ensure it remains secure. One of the keyways to protect your router is to always change the default admin password as the one set by the manufacturer can easily be discovered by attackers.
- Never leave your device unattended and logged-in.
These are some basic essentials to ensure you remain safe however, there are various other steps you should keep in mind:
1) Be on the lookout for suspicious emails
When you are in a rush this potentially increases your vulnerability due to the fact that normal precautions may not be taken. Criminals are aware of this and they craft attacks designed to take advantage of this. This can often appear as an email where the criminal try to obtain personal information or compromise the technology; this is known as a phishing. There are six potential ways to help spots this:
- The message has a suspicious or mismatched URL or a strange email address
- The message has poor spelling or grammar
- The message asks for personal information
- You’re not expecting anything from the sender
- The message states you must act now
- Something seems wrong
If you think you have identified one of these emails, you should bin it and delete it permanently.
2) Beware of email hacking
Unfortunately, email is a favoured channel for cybercriminals and email hacking (the taking over of someone’s account without their knowledge) is becoming much more prevalent and is now a common feature of financial fraud.
You may think you have just received an email from a trusted source but you could have received a message from a criminal who has taken control of their email account.
It is particularly important you double check with the sender before transferring any money which has been requested by email or for that matter any personal information. Don’t check by replying to the email you’ve received as you may be communicating with the fraudster; always call and speak to the individual or organisation personally to make sure the request is genuine.
3) Protect your accounts
As mentioned above it is essential to have a strong password / passphrases.
This is especially important for your email account as it contains so much personal information and can be used as the gateway to many of your other online accounts. No matter how strong your passphrase is, there is always a chance it could be hacked or stolen through no fault of your own.
Therefore, adding multi-factor authentication provides an extra layer of protection by having a site or service verify your identity using two different elements. By using something you know, like a passphrase, and something that only you have, such as a one-time code or fingerprint, you can help secure your email account and other important services.
4) Limit what you store
If your email account becomes your document store, then, if compromised, a hacker could gain access to all of the information you are stockpiling. Every attachment you ever sent or received, every conversation, every photo, contracts, invoices, tax forms, reset passwords for every other account – sometimes even passwords or credit card PINs!
To minimise risk, only save limited information within your email account. Save any sensitive personal information outside of the mailbox in secure document repositories.
5) Wi-fi access is not always secure
It’s easy to stay connected with public wi-fi access points everywhere; restaurants, coffee shops and shopping centres but accessibility can come with risk. Public wi-fi ‘hotspots’ are exactly that they offer no privacy or protection to your data and communications. Never use public wi-fi to access sensitive information, like your email account, or enter log-in details or credit card information while connected to it.
6) Protect your data with regular backups
Ransomware is becoming increasingly common. This malicious software (which can be downloaded by opening attachments in emails or through following instructions on a fraudulent web site) encrypts your data, preventing you from accessing it. The criminals will then make contact demanding a payment (ransom) to restore your access. Please do be aware, reports show there is no guarantee your data will actually be restored, even if you pay in full.
One of the best ways to protect yourself from ransomware is to make regular back-ups of your most important files. Many devices have ‘auto-backup’ options so make sure these are turned on. Backups can be made to a cloud backup service, a different device or to removeable media such as a USB stick (make sure you know how to restore the files from any backup should you need to do so). Ensure back up devices aren’t permanently attached to your computer or they could fall prey to ransomware attacks too.
7) Keep your guard up when you’re out and about
If you regularly take your mobile device, tablet, smart phone, or laptop with you when you go out, you need to take digital security just as seriously on the move as you do at home. As well as being easier to lose (or just leave behind), you are taking your device out of the controlled environment of your protected home and personal wi-fi into the big, bad world.
One of the simplest and most effective things you can do to protect your data is to take a minute to look through your device’s security settings. Using a screen lock, which requires a pass code to deactivate, is vital if you ever become separated from your mobile technology.
Turning Bluetooth off when you aren’t using it helps prevents hackers from stealing your data.
Android, Apple’s iOS and Windows operating systems all include remote find, lock and wipe features as standard. Make sure you enable and familiarise yourself with these features so you are ready to use them if your device goes missing.
8) Be careful how you use social media
Social media can be a hugely fun and powerful way to keep in touch with old friends (and make new ones), share interests and keep up to date with the latest trends. Unfortunately, sites like Facebook, Twitter, YouTube, Pinterest and LinkedIn are just as popular with criminals.
Be wary of putting up any information that could be used to break into your online accounts. Don’t share your home address, email address, phone number and date of birth. Also, try not to let the world know exactly where you are every minute of the day. Telling everyone when you are out and about or away on holiday will also let them know when you’re not home.
9) Knowledge is the best defence
When it comes to your online financial safely, knowledge is one of the best tools you have. Understanding the latest security advice and guidance means you can stay one step ahead of cybercriminals and will help you counter the emerging scams and threats.
For clarification of any points discussed above and any future independent advice regarding your own financial planning, please do contact us on 01626 833225 or email [email protected]
Have you visited our website recently? Click the link to see our recent changes and to subscribe to our regular updates www.loughtons.co.uk
Important Information
Information contained in this document has been obtained by Loughtons Independent Financial Advisers from public sources. Care has been taken in collecting the data of its accuracy when published, however the content of this document could become inaccurate due to factors outside our control and should, therefore, be used as a guide only.
This document is published and distributed on the basis that Loughtons Independent Financial Advisers is not responsible for the results of any actions taken on the basis of information contained in it nor for any error in or omission from it. Loughtons Independent Financial Advisers expressly disclaims all and any liability and responsibility to any person in respect of claims, losses or damage, either direct or consequential, arising out of or in relation to the use and reliance upon any information contained in this document.
Loughtons Independent Financial Advisers is a trading name of JPRS (South West) Limited. JPRS (South West) Limited is authorised and regulated by the Financial Conduct Authority.