Between our Internet banking accounts, PayPal accounts, email accounts and social media accounts, there is a LOT of information about us online that could potentially fall into the wrong hands.
If our online accounts get broken into, we are likely to be the victim of serious cybercrime, including identity theft and financial loss. Crimes that can have ramifications that could last years.
Thousands of people suffer these crimes each and every day, and more often than not, it is because they didn’t follow simple advice about keeping their accounts safe. Follow these simple tips, and you can maximise the security of your online accounts in minutes.
Passwords – strong and unique
It goes without saying that your password should be strong and not easily guessable. Despite this advice being around since the early days of the Internet, statistics still show that terrible passwords such as password or 123456 are still among the most used passwords online. Software designed to gain unauthorised access to people’s accounts can use a list of the most popularly used passwords like the examples above, one by one until one works. Meaning if you use one, that software will take only a few seconds to break into your account.
Passwords should be a combination of numbers, letters (both uppercase and lowercase) and symbols, and not words found in the dictionary.
Passwords should also be unique – which means you shouldn’t use the same password for multiple online accounts. While that may be convenient, it’s a terrible security faux pas because if a company you have an account with gets breached (and the information leaked) then crooks will use the same password and email/username combinations on other accounts looking for people who reuse passwords!
If you have lots of passwords, you can always use a password manager!
Turn 2FA (or 2SA) ON!!
These days, passwords are not as strong as they used to be. These days, there are many different ways crooks can obtain passwords (spyware, data breaches, phishing scams, social engineering scams)
Two Factor Authentication (2FA) or Two Step Authentication (2SA) should always be turned on if it is available. Companies like PayPal, Facebook and eBay all have this feature, that means if someone attempts to login to your account from an unrecognised device, they need more than a password.
This could mean a text message from your phone, or better yet a code from a code generator app on your phone. Additionally, with sites like Facebook, you can use USB security keys that when plugged in to a device, can authorise a login attempt.
Don’t click on links from emails or messages
To keep your account security safe, it is important to understand how phishing scams work. Phishing scams are scams that attempt to lure a victim into giving up their sensitive information, especially their passwords.
Typically, this means that crooks will send links in emails or messages that lead to spoof webpages that ask you to login. When a user clicks the link and logs in, their password is stolen. Phishing scams will use a variety of techniques to trick victims into clicking a link, such as telling the victim their account may be disabled unless they click a link to verify their identity.
Keep your computer clean
Malware, especially spyware, can potentially give crooks access to your online accounts by spying on your activity. For example, keyloggers can record your password and username for any account you use to login on with an infected device, and send that information straight to a crook.
So remember to have reliable, antivirus software installed at all times and run regular scans to ensure your computer is safe. For our antivirus recommendations, click here.
Watch what you share online and who with
Even seemingly innocuous data can be accumulated by data thieves looking to impersonate you. If thieves get enough data about you, they can pretend to be you and log into your online accounts, or worse, create new ones in your name!
Of course sites like Facebook are where data thieves often turn to to find information about victims, since these are the sites we turn to share information about ourselves. Sharing can be good, but oversharing is definitely not.
Not only should you be careful what information you share, but who you share it with. Make sure your Facebook account, for example, is locked down. We have a guide on how to do that here.
Even if your account is locked down, avoid sharing personal information about yourself, such as your date of birth, address, education history and phone number. Such information can be invaluable to crooks!
Some bonus tips…
– Don’t use public Wi-Fi to login to important accounts, as crooks could be eavesdropping!
– Avoid using shared computers – you don’t know if they’re infected with malware!
– Use a password manager like LastPass if you have lots of different online accounts and passwords.