10 tips to beef up your cyber security

Published by John Fitzsimons on 31 October 2017.
Last updated on 31 October 2017

10 tips to beef up your cyber security

The last couple of years have seen a number of high profile cyber security controversies, reminding all of us of the need to ensure that our computers, laptops, mobile phones, and tablets are as secure as possible.

Follow these steps and hackers will find it much harder to get their hands on your personal or financial details.

1. Install the latest software and app updates

We’ve all been there - you desperately need to do something on your computer, but you’re delayed while the machine updates some of your software. It can be very frustrating, and leads some people to switch off automatic updates.

This is a mistake though. Those updates aren’t just a chance to freshen up the aesthetics of your home screen - they often include important changes to help guard against new viruses or tricks being used by hackers. Updates will often cover a previous weakness in the software, which could have been exposed by scammers, so updating the software as soon as you have the opportunity to do so is a good way to keep your device as secure as possible. Setting your system to update automatically as soon as an update is released is definitely recommended.

With a mobile device, if the updates appear at an inconvenient time you can always set it so that the update is carried out overnight, ensuring you add to your device’s security but don’t find yourself delayed from carrying out an important task.

2. Set a strong, separate password for your email account

In many ways, your password is your first line of defence against cyber crooks.

If a hacker is able to access your email by working out your password, there is a host of personal information they may then be able to get their hands on, from your date of birth and address to your bank account or credit card details.

All of this means that it is incredibly important to set strong passwords that won’t be so simple to crack. Sadly, millions of us fail to do this. A study by American security firm Keeper Security last year suggested that as many as one in five accounts are protected by the easily guessable password of ‘123456’. Other frequently used passwords include ‘password’ itself, ‘qwerty’ and somewhat bizarrely ‘google’.

The key to setting a good password is coming up with something that you can remember, but which other people won’t be able to guess - in other words, avoid using your child’s name or your favourite football team. Experts informing Cyber Aware, the government’s cyber security campaign, suggest using three seemingly random words – but which have some of significance to you – supplemented by numbers or symbols as the best way to set a secure password.

Where possible, it’s also worthwhile going for two-factor authentication on your email account. This makes it harder to access the account on a device which hasn’t already been registered to the account, adding an extra layer of security.

Finally, as well as ensuring your email password is strong, be sure to set separate passwords for all of your different online accounts. If you use the same password for each account – particularly for the main email account you use for shopping online and tracking your finances – then a hacker only needs to get lucky once with this or another account and then you are completely at their mercy.

A couple of years ago a host of Tesco Clubcard users reported vouchers had been stolen after scammers managed to hack into customers’ accounts using what was likely to be stolen email login details. Separate passwords should at least limit the damage if the hacker manages to crack one account.

3. Secure your tablet or smartphone with a screen lock

Most up-to-date mobile devices give you the option of setting a screen lock. This means that in order to unlock the phone, and therefore use it, a user will need to enter some form of password, PIN or provide their fingerprint.

With passwords or PINs, the best practice still applies - make sure it is as random as possible, avoiding passwords, such as 1234 or your own name.

Some phones allow you to set a ‘pattern’ as the lock - essentially you need to move your finger across a nine-point grid in a specific way in order to unlock the phone. If you go for this option, again it’s important to make it difficult to guess. Simply setting an ‘L’ shape or a cross will be much easier for a thief to crack.

4. Always back-up your most important data

If something is important to you, whether it’s key documentation or valuable family photos, then keeping a back-up copy is a smart move. It’s too easy for it to become damaged or maliciously deleted in the event of a virus or used to hold you ransom if you are targeted by a hacker.

You can keep a back-up copy through an external hard drive or by using a storage system in the cloud.

If you go down the external hard drive route, bear in mind that any malware which attacks your main computer can easily infect your external hard drive too. As a result, it’s a good idea to ensure it is not permanently connected to your main device either physically or over your network connection, and is instead only connected as and when you need to use it.

5. Don’t use public Wi-Fi to transfer sensitive information

It can be very exciting to shop using your mobile device while you’re on the move. Just a couple of clicks and those new shoes will be on their way - much better than fighting off the queues on a Saturday.

However, it pays to be cautious when doing so, particularly if you think that you are using a public Wi-Fi connection. There have been cases where hackers have been able to jam legitimate public Wi-Fi spots, replacing them with their own public connection, with built-in programs which are able to pick out various bits of personal data you send while using that connection.

Unless you are using your own secure Wi-Fi connection at home, then avoid sending any personal information where possible.

6. Secure your own personal Wi-Fi with its own password

Speaking of your personal Wi-Fi connection, it’s vital that you take steps to make your home’s network coverage as secure as possible too.

When you first sign up with a broadband provider, you will be sent a router and your network will have a preset password. The problem is that these preset passwords are not always as strong as they should be. In fact, an investigation earlier this year by consumer group Which? revealed that over a couple of days a group of ethical hackers were able to crack their way into the Virgin Media Super Hub router, prompting the broadband provider to urge its customers to set their own individual passwords.

This isn’t an issue unique to Virgin though - no matter which provider you go with, make sure that you install your own personal, secure network password when setting up your connection. That will help

prevent people from outside your home gaining access to your Wi-Fi, and potentially the devices that access it.

7. Only shop with secure websites

Action Fraud, the national fraud and cyber crime reporting centre, revealed earlier this year that it has closed down an incredible 28,000 fake retailer websites over the last three years. As the City of London Police put it, “there’s more at stake when it’s a fake” as you are putting your financial security at risk too - many of these fake sites are set up as a way to extract all of your personal information, as well as process payments for goods that don’t actually exist.

The first step to ensuring a website is secure is to make sure that the website address is completely accurate - fraudsters are known for setting up shady websites which look very similar to the legitimate website, but with a slightly misspelled URL.

In addition, don’t be fooled into thinking that a website with a padlock image in the address bar is safe either - this simply means that the data is encrypted when it’s sent over the internet, rather than confirmation that it is a legitimate, trustworthy site.

Wherever possible, type the address of the website directly into the browser yourself or search for the website using a search engine.

8. Never click on suspicious links or attachments

One of the most common ways for scammers to get hold of your personal details is by conning victims into clicking on malicious links or downloading an attachment.

Just take a look in your email spam folder at how many shady messages you receive each day, purporting to be from a well-known retailer or financial firm. These emails will contain dodgy links, and if you click on them you may accidentally download malware or be taken to a scam website, both of which are designed to get you to reveal all sorts of personal and financial information.

Always be on your guard with emails - even if they seem to be from a company or person you trust, check with the sender separately (for example over the phone) whether the email is legitimate. If any email asks you to reveal personal or financial details, that should set off alarm bells too.

Be sure to flag any dodgy emails as spam with your email provider and then delete it. You may want to report it to crime reporting agency Action Fraud too.

9. Don’t ‘jailbreak’ or ‘root’ your smartphone

‘Jailbreaking’ or ‘rooting’ your phone is a way around the software restrictions placed on mobile devices by the manufacturers, allowing users to download apps which aren’t available through official app stores like iTunes or Google Play.

The trouble is that there may be very good reasons why those apps aren’t available through legitimate means - they could contain malicious software which ruins your phone, or deletes some of the data such as your photos.

It’s also important to remember that jailbreaking invalidates your phone’s warranty and prevents you from receiving future software updates, potentially exposing you to further threats down the line.

10. Only download apps from reputable app stores

There are stringent tests that apps have to pass in order to appear on reputable app stores, particularly related to security.

If an app is only available through less legitimate means, then chances are it is nowhere near as secure and should be avoided.

For more information and tips on how to protect yourself online, visit the Moneywise hub in partnership with Cyber Aware - Stay secure online: How to be Cyber Aware - and see Cyberaware.gov.uk.  

Leave a comment