Governments, businesses of all sizes as well as individuals are facing increasingly common threats online which can cause damage or loss to data, IP, money, and ultimately brand and reputation.
While larger organisations generally take more precautions against this type of activity, individuals can be left more at risk than they realise. Some straightforward steps, taken regularly, can act to dramatically enhance the safety of your online activities.
Fraudulent (or phishing) emails have tricked many people into disclosing details or downloading attachments that harm their personal computer, the files within it, or capture information such as online banking log-in details. A recent scam that presented as the ATO offering a refund asked for banking details to be entered into a pop up window. Other scams operate by having the target click on a link or download a file.
You should never, ever download an attachment or click on a link that you’re not sure of.
When fraudulent emails include an attachment, it’s often an executable file (ending in .exe). Also look out for anything ending in msi, .bat, .com, .cmd or .hta - any of which can write code and infect your computer. Even common files such as .doc can write code if they also end in a .m. To check the type of file that’s attached, hover your cursor above it. Just don’t click.
Are you someone whose online passwords resemble ‘abc123’ or ‘password1234’? If so, you can definitely lift your game in this area without too much hassle. Think about using a free password manager that will generate secure passwords and keep them safe - also eliminating the need to try and remember them. You’ll never need to click on the ‘Forgot your password?’ link again! More information on free password managers can be found here.
Stop pressing ‘Remind me later’ on all those pop-ups for software updates. This is one way the recent WannaCry malware infected so many computers, ultimately impacting essential services such as ambulances and hospitals in the UK. Microsoft, for example, are always releasing new updates that have ‘patches’ to fix any weaknesses that may be exploited by hackers or malware.
Avoid free Wi-Fi hotspots unless you are sure of the provider. Wi-Fi networks that require you to log-in can be used as a tool used by hackers to capture information - such as online banking details. Whatever action you take on a mobile device while using a Wi-Fi network provided for malicious intent can be captured.
ACS’s product partner CGU is now offering insurance to cover businesses in the event of a cyber attack. If this could be helpful to you, please visit: https://www.cgu.com.au/insurance/business/cyber-insurance