Recent auDA research shows that fewer than half of Australians feel confident using the internet due to cyber security concerns. In fact, 80 per cent of us are worried about having our personal data stolen. The good news is there are ways we can enhance our security online and still participate in digital society. Jacqueline Jayne, Security Awareness Advocate for the Asia Pacific at KnowBe4, recently joined us at an .au member webinar and shared her expertise on how cyber criminals trick their victims and ways individuals and families can stay secure.
Read our top takeaways below.
Cyber criminals are highly organised professionals
The typical image of a cyber criminal is a loner, basement-lurking, hacker. As Jacqueline explained, that is not the case. While cyber criminals can work individually, many are part of highly collaborative and organised business operations. They work across borders to access, share, buy and sell personal or commercial data.
Cyber criminals want your data
Above all else, cyber criminals work to obtain your personal data. Often a good deal of our basic personal information (i.e. full name, address, work history) is already accessible online. However, the data we should be most concerned about protecting is our Personally Identifiable Information (PII). Examples of PII include:
- Medicare, tax file, driver’s licence or passport numbers
- Numbers on the back of credit cards
Cyber criminals can sell PII or use it to fraudulently gain access systems and devices (whether they are online or offline) for data which is then sold, used to extort money or commit fraud.
Most cyber crime is caused by human error
More than 90 per cent of cyber incidents are caused by human error. Cyber criminals often exploit our fear, curiosity and/or trust to manipulate us into taking certain action. Some common tactics to be aware of include:
- Phishing – a cyber criminal sends an email or message that appears to come from a trusted source and includes a call to action such as asking the recipient to click on a link or enter login credentials. The message will often create a sense of urgency to hasten your response.
- Spearphishing – takes a more targeted approach than phishing. Cyber criminals use publicly available information about you or your organisation to tailor content specific to you. This makes the email or message received from the cyber criminal appear more legitimate, prompting you to act and not question its legitimacy.
- Pretexting – a cyber criminal poses as someone to gain your trust. An example is calling you and asking for access to your computer under the guise of providing technical assistance.
Staying secure online starts with you
While cyber security can feel overwhelming, there are some simple steps you can take to protect your personal information and that of your family, including:
1. Strong online password habits
Best practice is to create passphrases or complex passwords that are unique for each account. Update your passwords regularly and use multi-factor authentication where available. Do not share passwords or store them somewhere accessible to others. You can use a password manager to help manage your passwords securely.
2. Invest in a Virtual Private Network (VPN)
A VPN helps to secure your internet connection and protect your online privacy by encrypting your internet traffic and masking your IP address. It can prevent unauthorised access to your data and protect you from cyber threats while using public wi-fi networks.
3. Install software updates when released
Update your software as soon as you are prompted to ensure your system has the latest security patches and bug fixes. This helps prevent vulnerabilities that cybercriminals can exploit.
4. Always stop and think before you share information online
Once information is posted online, it is difficult to control who sees it and how it is used. Sharing personal information could lead to identity theft, cyber-stalking or other online threats.
5. Maintain separate work and personal email addresses
Keep your work email address for work-related use only. Mixing work and personal email addresses can lead to confusion and accidental sharing of sensitive information.
Our .au member webinars are open to .au members. If you're not yet an .au member, consider joining us today. Membership is complimentary and provides you access to a range of benefits including exclusive events, updates on digital trends and news and insights on .au.