02 October 2018

6 ways to stay (cyber) safe at home

Every year, October is recognised as “National Cybersecurity Awareness Month”. It’s a time for individuals and businesses to get to grips with the importance of cybersecurity. Each week during National Cybersecurity Awareness Month has a different theme. The first week’s theme (1st – 7th October) is “Make your home a haven for online safety”. IRM have put together six of the most important tips to remember when considering cyber safety in your home.

Tip 1 – Social media cyber awareness

As an industry now worth trillions of dollars, social media is increasingly complex and difficult to navigate security-wise. After Facebook’s recent data breach, which exposed 50 million users’ accounts to hackers, its more important than ever to be cyber-aware. Whilst you may not have control over the level of security implemented by social media platforms, you can put things in place to protect yourself.

Control what you post

It’s easy to forget who can see what you’re posting. Most information you post may not seem significant at the time, but it can often be used against you. For example – posting about your holiday indicates your home may be empty and this makes it vulnerable to burglary! Similarly, posting about your personal life can provide cybercriminals with clues to hack your accounts. If you’re going to post personal information on social media, make sure your profile is private and control who can view content.

Personal or not?

Did you know that Facebook scans photos and links sent through its Facebook Messenger app? And it would actually read the text within your messages if the message had been flagged to a moderator? These are all things to keep in mind when using messaging apps when talking to friends and family.

Tip 2 – Be aware of phishing

‘Phishing’ is a type of social engineering where attackers influence users to do ‘the wrong thing’. This could include disclosing information or clicking a bad link. Phishing is usually conducted through text messages, social media, phone or emails.

The key things to look out for to avoid phishing are:

Mismatched domains – A domain basically what describes the owner of a website or email. For example, if you receive an email from your bank, make sure that the email domain is the official customer service email address. You can find out by ringing customer service directly or seeking guidance on their official website.

Poor spelling and grammar – Spelling is often another give away. Professional organisations put a lot of effort into quality and use the right language for the target audience, but still pay attention to the content detail.

Authentic visuals – Most modern websites will have their branding next to the company name on a website tab in a browser. This is called a ‘favicon’. Phishing attacks will often have poorly constructed websites or landing pages which will not have addressed this properly. For example, if you search for The Times website, you will see they have a relevant ‘favicon’ on the tab (see image below).

Secure websites –  A ‘URL’ is the web address for a page located on a computer network. In the example above, you can see that the beginning of The Times website URL begins with ‘https://’. This, along with the padlock symbol, is an indication that this is a secure and safe website. It’s worth checking this when browsing the internet. A website which does not use secure certification is not secure, and you should not enter any sensitive information.

Tip 3 – Check before you checkout

Do your research

When online shopping, do background research on websites or buyers you haven’t purchased from before. Be wary of negative reviews and use sites such as Trustpilot to get an overall picture of the company.

Be suspicious of emails

If you receive unusual or unexpected emails, remain suspicious. Usually, cybercriminals can monitor your online shopping trends to work out how best to target you. For example, if you often shop at Lidl or Aldi, cybercriminals will send phishing emails with voucher codes or offers to entice you to click on malicious hyperlinks. This can lead to your information being stolen, so be careful about the information you submit to unknown websites.

Make safe payments

If you have the option, make purchases with you credit card. This is because credit cards allow you to seek credit from the issuer if the product isn’t delivered or isn’t what was ordered. Therefore, if you buy from a dodgy supplier and don’t receive your order, you should be covered. Despite this, be wary about entering credit card details into unsecured websites (see above – Phishing – Secure websites).

With lots of our data, photos and music now being held on mobile devices, there is a considerable risk of losing this information. It could be lost through a simple computer malfunction or something more malicious such as a virus or theft. You can minimise the impact of a cyber-attack by ensuring you have this important data backed up.

Make copies of your data – You can easily make copies of your files and there are different options for Apple and Windows. The most preferred method these days is to back up your data using cloud-based storage. Some charge a monthly fee and others are free depending on the amount of storage space you require. Here’s a run down of the Top 10 cloud-storage applications from 2018.

Tip 5 – Protect yourself

These days, most home networks are made up of multiple connected devices – computers, laptops, tablets, printer, storage devices and mobile phones. These devices are likely to be linked up to your domestic router. Every router has admin account and these always come with default user names and passwords. The admin account is what allows you to configure the security settings for your wireless network. For older devices, these are well known and often posted on the internet.

If someone other than yourself or a family member has control over the admin account, this will allow them to see anything that you are doing online and potentially give them access to data stored on any of the devices connected to that network. Therefore, it’s important that you change your router network name and password to something secure and unique.

Other than ensuring your home network is secure, ensure that your devices have up-to-date antivirus software installed to protect yourself from malware.

Tip 6 – Back to basics

As simple as it sounds, ensuring you use strong, unique and regularly updated passwords is at the heart of cyber awareness. The National Cyber Security Centre identifies that the average UK citizen has 22 online passwords. It also identifies that the average number of websites we access using the same password is four. This is worrying at a time when passwords are being compromised in data breaches almost every week.

When was the last time you changed your password? Consider looking into different password managers applications. These allow you to generate long, complex hard-to-guess passwords which are stored in secure ‘vault’.

These tips should help you kick-start cyber safety in your home. For further advice and guidance on how to “make your home a haven for online safety”, visit Stay Safe Online.