The Internet has changed the way we communicate, shop, work, and play, opening a world that simply didn’t exist just a few short decades ago.
However, with many of us doing everything from our shopping to our taxes online, there are also significant risks with going online for your personal identity – and your bank account.
How big a problem is it? Let’s just take romance scams – where somebody pretends to be a potential partner in order to fleece the lovelorn for money. According to Scamwatch, for just the month of December 2021, Australians lost an incredible $9,377,771 to dating and romance scams, mostly through social networking or mobile applications. That’s a lot of money for just one sector of online fraud and identity theft.
So, what can you do when you do need to go online? For many of us, it’s simply not practical to say, “never go online”. It can be possible to hit the web and stay safe, but you do need to be careful. Here’s some tips to help keep you safer online:
1. Look for “HTTPS” in URLs
This is a simple tip, but it’s also a dead giveaway for a scam site. HTTPS (HyperText Transfer Protocol Secure) sites use encryption to ensure data entered can’t as easily be intercepted by third parties. It’s also fast become the default for the web because search engines such as Google preference results from properly locked down sites.
Naturally, your bank, or the government aren’t about to start operating from an insecure site. You can pick HTTPS both from the full URL in your browser bar, but also by the presence of a padlock next to the URL.
2. Think about what you share on social media
Social media is great for sharing with friends, family, and like-minded individuals, but it’s also a trove of information that identity thieves can use to work out your private data. If you’ve not locked down access to (for example) photos on Facebook to connected users only, then anyone might be able to see that picture you snapped at your birthday party.
Outside maybe some questionable drink choices, that’s innocent enough, right? Maybe not, because that post would be dated, which means that you’ve just told the world part of your birthdate. If you mentioned which birthday, it was in a comment, then they’ve got your full date of birth right there.
Same story, by the way, for those “fun” quizzes that tell you your fantasy name or what kind of cake you would be by using the name of your first pet, or car model or whatever. Why does that matter? Because those are both super-common security questions used to lock down online accounts.
3. Use multiple identities online
No, I’m not suggesting you become a scammer yourself. Far from it. But if you only operate from the one email address, that gives the bad folks a single point of failure to attack. If they compromise your email, that can then make it much easier to access other accounts that might send confirmation codes to that email address.
As such, while it is a little more work, having multiple email addresses can save you a lot of headaches. It’s relatively easy to set up extra email accounts in this day and age, and it means you can have one for purposes like work, banking and government tasks, another for personal uses, maybe another for social – and if one falls, it limits your exposure to identity theft issues. Having that backup email can often make it considerably easier to take back control of your other email addresses if you do suffer this kind of attack.
4. Think before you click, no matter the device
The other day, I got an SMS from one of Australia’s biggest banks, telling me my account had been compromised and I would need to re-verify to avoid having my entire banking account frozen.
OH NO! PANIC!
Except, well, I didn’t, because the bank in question wasn’t one I use as my particular financial institution. I knew straight away it was a scam, so I blocked the number, deleted the SMS, and got on with my day. But I could totally see it “appearing” to be legitimate and fooling folks into trying to enter their details into a site that might look exactly like the “official” bank site.
So, what can you do? The strongest weapon you have hear sits between your ears. No, not your nose, though most of these scams really do stink. Instead, use your brain, even in stressful situations like this. Don’t click on any unsolicited or unexpected text, email, pop-up browser window or social media query with a link. There’s no harm in phoning up your bank (or other institutions) to check if there really is a problem, making sure to check the number via their actual web site, not one sent to you in an email or text. They’ll almost always tell you that there’s no problem except that it’s a scam – and you’ve just protected your identity online.
5. Use as much authentication and password protection as you can
Between banks, work, social, entertainment services, schools and more we all must remember a whole raft of passwords these days. It’s super tempting to re-use passwords, but this is exactly like using the same key for your home, car, workplace, and wallet. Lose that one key, and the bad guys have access to the lot.
The easiest way to manage all of that is with a password management application such as Dashlane, 1Password, or LastPass to name just a few. They can store any number of complex passwords – and even come up with new ones for you – in a secure vault with a single password to keep them secure. That way, you can invent just one password, use it only for that vault, and let the software do the heavy remembering while keeping each account within its own safe zone.
It’s also important to use what’s called multi-factor authentication for accounts and services where possible. Yes, it’s a bit more work to have to wait on an SMS or use an authentication app rather than getting direct access, but that secondary or tertiary authentication factor can make a huge difference if you (for example) lost your phone and didn’t want unknown types accessing those exact same accounts.
or complete our form today to set up an appointment with a computer repair technician