Simple tips to keep safe online
Last week, it was reported that several superannuation funds, as well as other financial institutions, had been targeted by fraudsters. Off the back of this, we asked our Head of IT Security Dr Chang Liu to write some tips around how online fraud works, and some steps you can take to protect yourself.
Online frauds can be largely grouped into technical breach and social engineering.
Technical data breaches are generally caused by inadequate system design or lapses in their maintenance, allowing various exploits to be used to attack or “hack” the target. Rest assured your team at FairVine work tirelessly to ensure our systems and processes are up to the task of securing all your data and assets.
Social Engineering, however, is more prevalent than one realises and it is the tool of choice for fraudsters. It preys on our innate willingness to help and need for convenience to betray ourselves. Ever received a call purportedly from your bank asking you to verify your details before some important information? Yeah it still bugs me many institutions are still doing this…
All a fraudster needs to create a false identity is your full name, address and date of birth. Think about how many people around you who already know those details? Luckily most people aren’t crooks.
Feeling overwhelmed? Fear not! There are still a lot that you can do as an individual to safeguard your identity and assets. We have asked our Head of Security Chang Liu to share some tips:
- DO lock your physical mailbox. Your mailbox is a one-stop shop for an identity thief, don’t make it easy.
- DO get a shredder. All paperwork with identifying information should be shredded before going into the recycling bin. If you take the staples out first a lot of pet shops and animal shelters will even gladly take them off your hands.
- DO use a secure password. Add numbers and symbols to your password.
- DO change your password often. I know, it’s like being asked to eat your veggies, but it is also one of the most important thing you can do until this world is rid of the dreaded passwords.
- DO use two-factor authentication. If there is an option to use it, do it. We at FairVine will send a one-time code to your phone every time you login to ensure it is really you.
- DO lock your phone. As more and more services are linked to your smartphone, it is imperative that you keep it locked when not in use.
- DO have a plan for when you lose your phone. Most phones can be locked, backed up, wiped and tracked remotely but it needs to be set up first. Know how to use it, or know someone you trust who does know to set it up.
- DO pause and think before you answer. Does the other person need to know what they’re asking of you?
- DON’T use the same username and password across your online leisure and financial identities. Online forums are often easy targets for technical attacks, usernames and passwords are then sold on the dark net in bulk.
- DON’T use untrusted devices to access important information or services (e.g. online banking).
- DON’T open attachments you don’t expect. That “super interesting picture” and “secrets to celebrity diet” is just not worth it.
- DON’T follow links in emails to logon to websites. Take the time and go to the website directly yourself. ManyPhishing (Fishing) attackers link to legitimate looking websites with highly similar address to obtain your login details.
- DON’T volunteer identifying information. If you’re cold called. May be they should prove who they are first. For example: if it’s a bank, ask for a case ID and call them back on their listed main line, often it’s on the back of your ATM or credit card.
Of course this list is not exhaustive in this cat and mouse game. Technology is evolving and so are the fraudsters. Use your common sense and stay vigilant!
If you would like any more information or like us to expand on any topic, please feel free to reach out. We would be delighted to help you.