22 June 2020

How to Avoid Mistakes We Make Online - By a A Financial Hacker

With more of us having to do our banking and other financial transactions online during the coronavirus crisis we need to make sure we're doing all we can to prevent our personal information from being stolen.

A professional "ethical" hacker, whose job entails hacking into clients’ websites, networks, and phone applications to see where the weak points lie and recommending the best course of action to fix the holes recently gave his top tips to make sure you don't fall victim to theft. Click or scroll through to find out the mistakes you might be making and how to best protect yourself and your personal information.

Top tips to avoid common online pitfalls

1). Do not use the same password time after time
The most important advice is to never, ever use the same password twice. If one account is compromised, then all your accounts are compromised.

2). Do not allow your emotions get you into trouble
Most modern-day breaches contain an element of what’s known as social engineering. An attacker plays on human emotions to perform an act. For example, clicking on a malicious email because it sounds like someone is in need, or a colleague who asks for urgent help. It's the online equivalent to opening the door to a secure building for a pregnant lady. See What is a vishing scam?.

3). Some of us will believe any link in an email is genuine
Do not click on any links you cannot vouch for in any emails, and always visit a website by typing into the address bar yourself direct.

4). Being too truthful
“Where were you born?” or “what’s your mother’s maiden name?” are two of the most common questions on websites to ensure your account will be safe from intruders in the future. But sadly these answers aren’t going to be the walls that will keep out any online attackers. Why? Well, if you’ve already divulged this information online, anyone could do some digging and find the answers they need. Don't be afraid to make up some of your information if you can.

5). Sharing unnecessarily...
Don’t share personal information with any network or site unless they need to know for a very important reason. For example, if you’re signing up to a public Wi-Fi hotspot it will ask for your name, date of birth and address. There’s no legal requirement to be honest, so make it up – keep your real details safe.

6). ...especially on social media
The more personal information you share online the more your details are accessible to someone wanting to get their hands on it. Next time you’re on your social media account, make sure the information you share is minimal. Your family and friends will already know your phone number, birth date and email address, so there is no need to divulge this information. If your privacy is important to you, don’t give out your information freely. And most importantly, don't tell people when you go away as this could put your home at risk.

7). Our social media profiles are often open
On your Facebook account, head to the menu in the top right corner of the screen, click on Settings and on this new screen click on Privacy in the menu to the left. Here you will be able to manage your Facebook profile and select 'Friends' for the different questions such as 'Who can see your profile info?' and 'Who can see your future posts?'. This way only your Facebook friends should have access to the content you post. Similarly, with Twitter, go to the settings cog, then Settings. In this window, you’re able to change all kinds of privacy settings, including making tweets private so only people you allow to view your tweets can see them.

8). Giving away too much in exchange for ‘free’ apps
It can be possible for hackers to download spyware onto your device through apps. Before installing make sure to check the permissions on the apps to ensure they won’t store any unnecessary personal information. For example, an app for a game doesn’t need access to your network info or contacts list. It’s better to be safe than sorry, and regularly update apps because they will check for security problems.

9). We don't clear our browser history
This is quite an important tip to use if you’re going to be using the same device as someone else, for example your home computer or a friend’s iPad. Browsers such as Chrome and Firefox keep a record of what you’ve searched for online, and the sites you may have visited. This information could be kept for weeks, and so if you don't clear your browsing history it’s easier for anyone in contact with the device to steal your online activity record. Be safe, and clear it!

10). What you need to have installed
The most important anti-hacker products to use are anti-virus software, which scans regularly, and an ad blocker, as this stops unnecessary items making their way onto your desktop. Some of the best anti-virus software applications include Norton Security, McAfee Total Protection, Kaspersky Total Secure. It's worth having a shop around to see which software program will best suit your desktop.

11). Use a password manager...
By using a password manager, all you need to do is remember one password (alongside a personal hint) which will allow you to keep lots of more complex passwords in a safe environment. An expert in the field says it can take a hacker up to two years to crack a complex eight-character password that a password manager has created.

12). ...even for your fake information
Worried you can’t remember your fake answers? Don't worry. You can create ‘accounts’ in your password manager apps just for this.

13). Set up an extra layer of security #1
It’s wise to set up two factor authentication (or 2FA) on all your important accounts. This is an extra layer of security that requires not only a password and username, but something else – something that you, and only you, have. For example your phone is owned by you alone. An example of 2FA is a security code sent to your smart phone for you to use, in addition to your password and username, to log into your account.

14). Set up an extra layer of security #2
This second layer could be either a further piece of information only you know, a key chain or card reader, or biometrics security such as your fingerprint, voice or the iris of your eye. Using a username and password along with a piece of information only you know will make it harder for hackers to get access into your personal information and steal it. Your bank may provide this for your online account, through hardware tokens alongside your card and PIN.

15). Keep your security up to date
To ensure you keep your devices safe, it’s best to install an anti-virus software, but if you don't update the software when new updates come through your security will be compromised. Make sure you use the latest version of your web browser and install security patches and software updates as soon as they’re available to you. Technology moves forward quickly, so the more recent an update the better online protection you'll have.

16). Beware of using public Wi-Fi
You may have heard that you shouldn't do online banking or other sensitive activities on a public Wi-Fi network. But why? Well, there are a few issues that could surround a public Wi-Fi network. The openness of the network can allow intruders to get in, the network may have already been hit and be full of compromised machines, or the hotspot itself could be malicious.

17). Be sure to check your finances often
Take a look at your bank and credit card accounts frequently – daily is best – as this will ensure you keep on top of any unexpected transactions. You can sign up to alerts to be sent to your email or mobile phone for any unusual transactions.

18). See what your bank is doing to protect you
Make sure you familiarize yourself with your banks’ guarantee for fraud protection. Some large providers offer zero liability for credit and debit cards, while others offer free protection for online banking transactions. By checking with your bank before you use online banking, or before you even sign up with a bank, you’ll be covering all of your bases.

No comments:

Post a Comment