Australians are used to preparing for and facing storms, but a storm we don’t always think to prepare for is cybercrime. Cybercrime includes tax, welfare, invoice and credit card fraud, nondelivery of purchases, exploitation of brand recognition, malicious software and scams, such as fraudulent investments and online auctions. Email is generally the primary attack channel. Nearly 50% of cyberattacks are targeting small businesses directly and the number is growing. Think it’s something that always happens to other people? Think again. Like any risk, we need to understand and manage that risk.
A well-known proverb says: “The naïve person believes every word, but the shrewd or prudent one ponders every step.” Knowing how to spot a scam or malicious email is essential and all staff in every business should receive some level of awareness training. Keep in mind that banks, big corporations and government organisations will never send you an email or text message requesting you to confirm, update or disclose confidential details via an unsecure channel such as email.
Here are 10 practical steps to make your devices more secure and keep you and your business protected from online attacks:
- Install antivirus, spyware-detection and firewall software on your computer or devices. Keep that software and your operating system updated with all security updates.
- Think before you click on links or open attachments in e-mails or instant messages – even from friends.
- Always independently verify the source of unsolicited mail, especially if it asks for personal information or passwords, before taking any action.
- Never copy or run software from unknown sources.
- Use strong unique passwords that preferably have at least twelve characters and include numbers and symbols, and change them regularly. Use different passwords for different accounts.
- Consider using additional authentication.
- Do business online only with reputable companies that use secure connections such as on secure Web pages on Web browsers that display a lock symbol and “https://” in the address bar.
- Do not give out confidential information about yourself or your accounts when using unsecured Wi-Fi connections, such as in public places.
- Switch your computer off when it is not in use.
- Regularly back up your files, and store copies securely.
Have a plan and know what to do if you do have a cyber security incident, such as who to call for assistance or to report it:
- CERT (Computer Emergency Response Team cert.gov.au) to report ransomware/malware.
- IT support to recover from malware.
- Your bank’s fraud team for payment fraud.
- Your online service provider for suspected account compromise.
Thrive Financial Services, North Lakes.