While the internet is a wonderful, resourceful and incredibly practical resource, it’s also an unbelievably dangerous and scary network. Hence why we have Stay Smart Online Week, the aim of which is to promote proper internet safety and to keep you up to date with the latest in cyber security protocols.

Here at EFTM we take this very seriously – so we’ve decided to lay down our top 5 tips to stay safe online.

Tip #1 – Use STRONG passwords

I know this seems like a cop-out to start with, but for the love of god please hear me out. A year ago Trevor published this piece detailing not only the 25 most common passwords but also how to create a strong one. For a quick recap;

Come up with a couple of random words, look around you now and name three items.

  • Bottle
  • Torch
  • Speaker

Now these three words are great because they are firstly not used commonly together.

Now combine them.  bottletorchspeaker.

Next capitalise some random letters.  BoTtletorChspeaKer.

Then add a charachter and numbers. BoTtletor%Chspea23Ker

That looks ridiculous.  You’ll never remember it.  Actually, that’s not true.  After just a few goes you’ll find this is relatively easy.  And because of the complexity and the length, it’s a super strong password.

Tip #2 – NEVER click a suspicious link

Something that has to be understood about cyber security and hacking is that it is nothing at all like the movies. Unlike the scenes of Hugh Jackman typing furiously on keyboards in the Swordfish film, hacking is significantly more social engineering than it is technical prowess. Social engineering is defined as “the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes“.

One of the best ways to identify a sketchy link is to check the preview – when hovering over a link, in the bottom left of your window you’ll see the address that link refers to;

Before you click a link, have a real quick look down and just make sure you’re about to be redirected to a website that you know and trust. Also along the social engineering lines, text messages such as this one are becoming increasingly common;

A text received by EFTM reader, Michael F.

That right there – that’s a scam. Your bank will NEVER text you a link for something like this.

Recent data suggest as much as 97% of all hacking is done through social engineering – which is to say, if you can effectively identify a suspicious email, website or more specifically a link, you’re only prone to the remaining 3% of technical hacks. Which leads me to my next tip…

Tip #3 – Use proactive anti-virus software

There are two ways to use anti-virus, proactively and reactively. A reactive approach to anti-virus, while cheaper, also leaves you prone to attack. It works in such a way that you periodically scan your computer for viruses, typically with free or cheap software.

An active approach requires buying anti-virus software that constantly monitors and prevents attacks on your computer. Solutions include Trend Micro, McAfee and Norton. There are many many more but those are the main three that you’ll not only hear a lot about, but will also be able to get a lot of support information on.

Tip #4 – Enable Two-Factor Authentication

For the uninitiated, two-factor authentication is a system that requires a second code or validation to confirm user login. It works very similarly to the old portable code generators used in security doors and safes. Day-to-day this means that when you login to your accounts on a new device, a code is either sent to your phone or email to verify your identity.

This method is a brilliant security measure and one that can’t be overlooked – it forces your attacked to attempt to break into multiple devices/systems/accounts which is significantly harder to do than just one.

Tip #5 – Be careful where you type your personal information

Back onto social engineering for this one – I want to introduce you to phishing. Phishing is the social engineering method that involves completely faking a website or form to make you believe it’s the original. For example, a phishing website of Facebook might look a bit like;

Credit: The Hacker News

Now as you can see, the website itself looks exactly like Facebook, but the URL isn’t even remotely close. Thankfully this type of phishing attack is being phased out but it’s still one to look out for. Before entering in any banking/email/social media logins, be sure to check the address bar to ensure you’re on the right website. You’ll also see a green padlock in the URL bar on trusted websites these days.

And that’s a wrap! In the name of Stay Smart Online Week and your own internet safety, please consider what you’re doing each and every day on the net. If you have any security related questions or just want to know if a certain email, text or website is a scam, please feel free to email me: john@eftm.com