It’s easy to forget that cyber criminals are out there because they are faceless and almost invisible. But these days with a huge percentage of the population using the internet in almost every part of daily life including banking, we need to be even more alert to what can be happening behind the scenes.
We attended a webinar held by the Digital Eagles of Barclays about cyber crime and how to keep your data safe online.
Here are their top tips on how to stay safe online:
1. Be very careful about how much personal information you post online.
Now it sounds very obvious, but if you tag yourself in a location or complain about a company for example, you are opening yourself up to being targeted by cyber criminals. Social engineering is the term for a cyber criminal researching a potential victim to gain information to send you phishing emails. This is one of the most prolific and successful ways for cybercriminals to gain access to your details.
For example, mentioning that you are in a certain airport and that your flight is delayed may give a cyber criminal the chance to send you an email claiming to be from the airline apologising for the delay and wanting to offer you a discount, but before you must verify your details (give away your private details). Be careful when sharing information online and think how much could be used against you and to even impersonate you.
2. Look at emails very carefully before clicking any links within them.
Now we’ve all seen the emails that fill up our spam folders, and we generally don’t even bother with them. I’m also sure you’ve seen some in your inbox that look very legitimate, and the cyber criminals are making it harder and harder to actually distinguish the fake from the real.
Imagine this scenario: HMRC have emailed you, they are processing a tax refund (that you know is due) but they need to confirm some details with you. As much as we all want a big tax rebate, you can’t help but think, is this email real? Shall I click the link? And if you have clicked the link, why has it opened an email account login box?
The first thing you can do if you’re on a desktop is hover over any links in the email and look for a slim grey tab in the bottom left hand corner of your screen to see the URL that link is pointing to (displayed in the image below). If it seems like a strange URL that doesn’t look like it’s related to the message, it’s best not click it! You can learn more about understanding links here.
You could also forward the message to the actual company that the email is trying to imitate. Larger companies have whole departments for this type of fraud and cyber crimes.
3. Ask yourself this question - What is the email asking from me?
Is the email pushing you do to something quickly because it is ‘urgent’? Most companies would get in contact with you over the phone if they needed to get your attention that urgently. When people are rushed, or feel pressured they are more likely to make mistakes, and it only takes the clicking of one link to affect your computer system and the integrity of your personal details. Read the email and if anything seems suspicious call the business or the person that the email is supposed to be from and find out if they really sent the email.
4. Look carefully at emails from your contacts and question it.
‘Spear phishing’ is where cybercriminals use email addresses that look like an individual or a business that you might know to fool you into a false sense of security and then grab all the details that you give them. Look at how the email has been addressed – any generic terms like Dear friend or Dear Customer could be a warning sign.
So, if your friend or colleague is emailing you for your PayPal details because they owe you some money (but they don’t!), maybe just call them to confirm it first.
5. Watch out for the free Wi-Fi!
We all like free Wi-Fi, but are you going to do internet banking or anything involving sensitive information, like passwords on a free Wi-Fi connection? Barclays suggest you use 3G/4G for this if you can. Encryption is a hot topic because we could all benefit from having our information totally scrambled so no one can view it, but then the counter argument is that the authorities should have access to it so they can monitor criminal activity to keep us all safe.
Open Wi-Fi connections are open connections that are often unencrypted and unsecured, meaning you are left vulnerable to a ‘Man in the middle’ attack. This is where a cyber criminal can intercept the network and steal sensitive information.
If you are abroad and don’t have any data allowance, consider using a Virtual Private Network to do your usual web browsing. VPN’s can scramble some of your web activity from people trying to attack the Wi-Fi network.