By David Skinner
As we considered the implications of the other articles featured on Cryptocurrency, Informal Wills in the digital age and Digital Assets, we turned our minds to the current digital world we live in to provide some “Tips and Tricks” to maximise your safety online, taking into account the recent high profile Optus and Medibank cyber-attacks.
de Groots continues to take action to improve the security of its clients and staff. This includes activating multi-factor authentication, regular password changes, advanced security firewalls and physical access controls.
We understand that a secure environment is not a destination it’s a continual improvement journey and, with the consultation of our IT service provider, we continue to improve our security posture.
We understand that often the weakest link is the human element and, as such, our team undertake regular security awareness training as well as simulations to continue to build awareness.
“Tips and Tricks” to maximise your safety online
The resource www.cyber.gov.au provides excellent advice for individuals, businesses and organisations and we focus on their top tips below:
Update your devices
- Turn on automatic updates on all your devices: mobile phone, laptop, PC/desktop Step by Step guides are available below for:
Activate multi-factor authentication (MFA)
- MFA improves your security by increasing the difficulty for cybercriminals to access your files or accounts. We recommend activating MFA, starting with your most important accounts including: email accounts, online banking and accounts with stored payment details and social media
- To activate MFA on your accounts, follow the Step by Step guides available via the link above.
Backup your devices
- A backup is a digital copy of the information stored on your device, such as photos, documents, videos, and data from applications. It can be saved to an external storage device or to the cloud. Backing up means you can restore your files in case your device is ever lost, stolen, or damaged.
- Regularly backup your devices including your: mobile phone, laptop, desktop, tablet
- To set up automatic backups, follow the Step by Step guides via the link above.
Use strong passwords
Consider making your passwords a phrase that is unique to you. Typing a few words is easier and can be more secure than most traditional passwords. Never reuse passwords across multiple apps or web sites. You can also use a password manager to help which is an application designed to store, manage, and even generate long, complex and unique passwords for you
Set secure passphrases
- In cases where MFA is not available, a secure passphrase can often be the only thing protecting your information and accounts from criminals.
- A passphrase uses four or more random words as your password. Change your passwords to passphrases, making sure they are:
- Long: The longer your passphrase, the better. Make it at least 14 characters in length
- Unpredictable: Use a random mix of unrelated words
- Unique: Do not reuse passphrases on multiple accounts
Watch out for scams
Cybercriminals use email, SMS, phone calls and social media to trick you into opening an attachment, visiting a website, revealing account login details, revealing sensitive information or transferring money or gift cards. These messages are made to appear as if they were sent from individuals or organisations you think you know, or you think you should trust.
To spot scam messages, stop and think about the following:
- Authority: Is the message claiming to be from someone official?
- Urgency: Are you told you have a limited time to respond?
- Emotion: Does the message make you panic, fearful, hopeful or curious?
- Scarcity: Is the message offering something in short supply?
- Current events: Is this message related to current news stories, big events or specific times of year (like tax reporting)?
To check if a message is legitimate:
- Go back to something you can trust. Visit the official website, log in to your account, or phone their advertised phone number. Don’t use the links or contact details in the message you have been sent or given over the phone.
- Check to see if the official source has already told you what they will never ask you for particular personal details. For example, your bank may have told you that they will never ask for your password.