Even before the coronavirus, the daily workings of our lives, both professional and social, have been centred around online activities.
Covid-19 has meant many more of us are now working from home and so many of our “chats” or “meetings” with friends and family have also become virtual events.
However, many people are afraid of cybercrime and online identity theft – and rightly so. South Africa has the third most cybercrime victims in the world, losing R2.2 billion a year.
This means we need to do better in order to keep our digital lives safe. And that means getting the basics right, says head of information security at Vox, Niel van Rooyen.
Even the best security installed on our devices will be useless if we make simple mistakes that cybercriminals can spot a mile away.
Ahead of Black Friday online deals, he offers the following tips to help us protect ourselves.
Read more | Staying safe on Black Friday
“Firstly, you must use a different password for every online account you have,” Niel says.
“These passwords must be hard-to-guess and never be written down. This is easier said than done given how extensive our digital footprint is.
“From the laptop or smartphone passcode through to email, social networks, online shopping, online banking, messenger apps, and other passwords, it is not difficult to imagine that each of us can easily require 10 or more unique passwords,” he says.
To be strong, many passwords are often required to be more than eight characters and use a combination of upper- and lower-case letters, numbers and special symbols. This makes it even harder to remember. But there are certain tricks you can use.
For example, create a basic core and change the rest of it to form unique passwords according to what they are for. So if your core is #ubuntU1, for example, your password for your Drum subscription could add the letters DM somewhere to make DM#ubuntU5. For Facebook, it might be FB#ubuntU5.
If this is all too much, there is an easier way – password manager where you need to remember just one login or master password to access all the others. There are various password manager tools, so make sure you pick one from a reputable site.
Some of these offer two-factor authentications, which makes it even safer, Niel says.
“This means you rely on more than just a username and password to log into an account. In most instances, this could take the form of an SMS to your phone providing a one-time password (OTP) to confirm it is, in fact, you that is trying to login.”
So, even if a hacker guesses (or steals) your password, they still need physical access to your phone (or another device) to gain access.”
Despite the high number of scams out there, many people still click on links they get or download and open attachments they receive via email. This includes opening malicious videos on instant messenger apps like WhatsApp or Facebook Messenger.
“It’s therefore critical that you never click on any link that can’t be verified,” Niel says.
“You can simply contact your friend to confirm the message or delete it. You must avoid emails from unfamiliar senders.
“Looking for grammatical errors and spelling mistakes on messages claiming to be from the bank or insurer are easy ways to spot a fraudster.
“Another giveaway is links that do not work or that redirect to sites you do not recognise. But don’t click – just hover over a suspicious link with your mouse to see where it is going and avoid if it seems like a strange site.”
“Social media has become the preferred way for many people to keep in touch with friends, family, and loved ones, but we must be vigilant in the personal information we post on a social network,” Niel says.
“Check your privacy settings to ensure only friends can see your posts. This keeps the information limited to a smaller circle of people.
“Unfortunately, many people (including children and teenagers) share everything about their lives. Not only is this potentially dangerous from a real-world perspective (think kidnapping, human trafficking, and home break-ins), but it can also result in online identity theft,” he adds.