When making an online purchase, or creating an account online, it is tempting to save banking details and passwords for the sake of convenience. But a data leak from even one of these sources could cost you.
With the multitude of devices, and the rapid shift to cloud storage, all our data is interconnected. Our accounts are synced, and financial data and password information is saved online knowingly and unknowingly.
Data breaches are common and increasing, even on seemingly secure platforms.
Which is why it is your responsibility to protect your data.
Follow these tips to help safeguard your data and devices.
Securing Your Wi-Fi Network
Securing your Wi-Fi network and Wi-Fi access points/routers is crucial to keep your data secure. If your network is not secure, it is easy for people to access it and steal data from your devices. It is equally as easy for bad actors to hijack your connection to conduct crime.
To ensure preliminary security, change the default password (it might be publicly known) for the administrator account that allows access to device configuration, to a strong password that follows security protocols. Similarly, change the default password and username for Wi-Fi network. Remember that your Wi-Fi username is often publicly visible, so avoid using personal details.
Disable Bluetooth and Wi-Fi in Public
Bluetooth and Wi-Fi settings can be exploited if not disabled when not in use. Even with access restrictions and password protection in place, cybercriminals can hack into your device via Bluetooth to gain access to data such as emails, text messages, pictures, and videos. Do not perform online shopping, banking, or other tasks that involve sensitive data when on public Wi-Fi or in a public place.
Configure Privacy Settings
Often, default device privacy and browser settings are not configured to the user’s advantage. To make devices more secure, customize advanced device privacy and browser settings. Block auto cookie and location tracking. Disable auto-download and auto-run of Flash.
Use Random Passphrases
According to the FBI, ‘Instead of using a short, complex password that is hard to remember, consider using a longer passphrase’. A random set of letters, numbers and characters can be daunting to remember, and lead to users storing their passwords unencrypted or even writing them down. Instead, use random words and phrases in combination with standard password protocols. Words are easily remembered by the human brain, as opposed to a meaningless string of letters. Eg: tH3sky1sc!e@rT0day (the sky is clear today). It is important that the words/phrases are random, at least 15 characters long, and not related to your personal information in any way. Use unique passphrases for every account and device.
Despite this trick, remembering multiple passphrases can be difficult. So safely store them in a password manager.
Keep Social Media Private
One place that we often flaunt our information is on social media. We share our birth dates, photos, interests, and hobbies, and even holiday locations. Social engineers may carry out targeted attacks by extracting such information about an individual from their digital footprint.
Identifying spam profiles is relatively easy due to their questionable usernames but keep a check on every profile you add as a connection on social media platforms. Cybercriminals may impersonate the profile of someone you know, to gain direct access to your information. Ensure that your online interactions do not reveal sensitive information about you. In addition to following standard password protocols for all your online accounts, enable two-factor authentication for added security. And regularly check if unknown devices are logged into your accounts.
Protect Your Personal Identifiable Information (PII)
Personally Identifiable Information (PII) such as phone number, birth date, and bank account details can be used to identify, locate, or contact an individual. Refrain from posting such information on publicly visible platforms, storing it unencrypted, or physically noting it down. Although unadvisable, at times we store PII such as passport details on our devices. Password-protect your devices and lock them when not in use. Be cautious of emails or phone calls that ask for sensitive information, even if they appear from a legitimate source.
Don’t Save Information
Websites and browsers allow you to save sensitive data such as passwords and credit card information for future use, but do not save it. Store your passwords in a password manager, and sensitive information in encrypted files. For additional security of your finances, closely monitor your financial transactions to flag payments that have not been made by you and to react quickly.
Avoid Unknown Sites
According to Forbes, ‘Google has registered 2,145,013 phishing sites as of Jan 17, 2021.’ Cyber criminals create thousands of fake sites, often spoofs of a legitimate site, to spread malware, carry out spam campaigns and phishing attacks. Check security protocols, certifications, and a secure payment gateway on websites.
Unknown websites might be a gateway to drive-by download attacks that aim to install malicious code on a victim’s computer, via unintentional or auto-downloads. While configuring privacy settings, disable the auto-download function to avoid such attacks. Even while downloading trusted files or software, look out for unwanted add-ons or extensions being installed in the background.
Verify Before you Click
Links, pop-ups, and downloads can contain viruses and malware. Phishing emails are known to use fear-inducing or enticing tactics to manipulate the victim into submitting sensitive information. Make sure to verify the source before clicking on any links.
Carefully Back-up Data
Having a data back-up is advisable in case your files are damaged or inaccessible due to a cyber-attack. However, make sure you control where your data is uploaded and stored, and who has access to it. Devices such as smartphones might back-up your data on remote servers by default. To avoid sensitive data such as photos being accessible to people with the wrong intent, disable auto back-ups.
Report any Suspicious Activity
If you notice anything suspicious, report to your cyber security teaminstantly, so that immediate action can be taken to mitigate the cyber threat. Reach out to our forensics team for 24/7 support.
About SecurityHQ
SecurityHQ prides itself on its global reputation as an advanced Managed Security Service Provider, delivering superior engineering-led solutions to clients around the world. By combining dedicated security experts, cutting-edge technology and processes, clients receive an enterprise grade experience that ensures that all IT virtual assets, cloud, and traditional infrastructures, are protected.
Authors: Vanashree Chowdhury, Marketing & Communications Designer, SecurityHQ and Eleanor Barlow, Content Manager, SecurityHQ
Facebook: https://www.facebook.com/Sechq
Twitter: https://twitter.com/security_hq
LinkedIn: https://www.linkedin.com/company/securityhq/
For media enquiries please contact Eleanor Barlow, +44-(0)20-332-706-99, pr@securityhq.com