Are you a peace-keeper? Do you find yourself agreeing to things even when you know they're not the right decisions? Then you need to hear about artificial vs genuine team harmony...
Why should you care about cyber threats? Well, think about our current situation for a second. In the midst of the pandemic, for one day the world stopped completely. People everywhere rebooted their phones, restarted their wifi and checked their data. And conspiracy theorists flooded the internet with their insights, obvs! So, while Mark Zuckerberg and his team try to regain our trust, we have a few tips to navigate the cyber space.
Don’t be fooled: cybercriminals pose very real threats. But there are daily security habits you can practise to safeguard yourself in the digital space.
1/ Trust, but validate
“Cybercriminals often focus on inconvenience and convenience,” says Elad Sherf, Global Head of Cyber Defence at cybersecurity company, Performanta. “They will pose a very inconvenient problem, maybe that your bank details have expired, then they will offer a very convenient solution: click on this link to sort it out. But that link is actually going to steal those details…
“Criminals try to keep us on autopilot with narratives that blend with our day-to-day lives; that may appear urgent and trigger our fight-or-flight impulses. They put a lot of effort into making something feel legitimate and irresistible [to the point that it] requires devoted attention. The top thing we don’t do for security is practice vigilance. We should be more suspicious during our daily online habits.”
Cybercriminals go to great lengths to fool their targets, even phoning people to make things seem official (a tactic called social engineering). To counteract these, Sherf has the following tips:
- Be suspicious. If something is unexpected, urgent or requires payment, give it a much closer look and question its authenticity.
- Responsible companies, especially banks, will never ask you to transfer funds to a different account or for your log-in details, including full passwords, card pins and security tokens via email, over the phone or in a text message.
- If you aren’t sure about a message or a call, search for the company in question’s official phone number and call them directly.
- Remember that if you hang up the phone to wait at least 20 seconds until the line is fully disconnected.
- Don’t click on links or attachments on unsolicited emails. If it seems important, go to the official app or website independently.
- If you’re still in doubt, check with family or friends before taking any action.
2/ Go easy on the apps
Phone apps are not as safe as they might appear. Even on official app stores, criminals sneak in dangerous or hijacked apps. Unfortunately, this is not easy to police, and requires extra vigilance from the people who actually download the apps.
“The important thing is to keep your app ecosystem hygienic,” says Sherf. “Download what you need, but uninstall what you don’t use and check the app’s reputation on the app store to see if there are problems with it.”
Tips for better app security:
- Only download apps from official app stores. Avoid downloading and installing ‘rogue’ apps from third-party sites.
- Check the reputation of the app and its creator.
- Remember that a single password isn’t enough to protect a personal app account – use multi-factor authentication (MFA), like a one-time pin, especially with valuable accounts.
- Beware of apps that offer something for free, such as easy access to content or easy wins.
- Watch out for apps and app messages that claim you have security problems. Those are often attacks disguised to help you.
- Check and review your app’s permission. If it asks for permissions you don’t feel it needs (such as access to your contacts), change the permission or rather don’t install it.
- Remember to use unique passwords for apps, and uninstall and disconnect apps you don’t recognise or no longer use.
3/ Public wifi and VPNs
Public wifi hotspots are very convenient, but can also be dangerous. Criminals can hack the wifi router or create a fake wifi hotspot that looks like the real one, hoping you connect to their hotspot instead.
Staying safe from cyber threats on public wifi depends on what you’re doing, says Sherf: “Are you playing a game? Most criminals don’t care about information like that. However, if you’re logging onto your bank account or email account, they’ll be able to see sensitive details that they might use to gain access to your account. If you have to do something sensitive, preferably avoid public wifi and use something like mobile internet. Mobile internet, like LTE, can be hacked, but it’s much less likely. Alternatively, use a VPN to encrypt your traffic.”
Tips for using wifi securely:
- Assume that someone is watching, so don’t do anything you would be concerned about others seeing.
- If you have to do something sensitive (such as internet banking) on public wifi, use a VPN to mask your traffic.
- Avoid wifi hotspots that don’t require passwords – they’re easier for criminals to hijack.
4/ Know your risk
Fighting today’s cybercrime requires a higher level of personal diligence. Cybercriminals are constantly finding new ways to frighten and fool people. Even traditional snail mail can be part of an attack. Criminals can even steal your letters to get your personal details and impersonate you. (Whoa.)
But how much diligence is enough?
It depends on your risk: “Some people are higher-value targets. If you are wealthier or not savvy, if you have access to sensitive information, or something to that effect, you are at higher risk. But many attacks are opportunistic and not specifically designed to target you. This is evident in an email or text message that you can blatantly see is fake because it doesn’t quite add up. What the criminals hope is that you are too panicked or distracted to really pay attention. Anyone can be a target if caught off-guard so don’t become complacent. Pay attention to your security habits daily,” says Sherf.