The alarming thing is that despite all these high-profile cases, Scottish businesses are still not taking this issue as seriously as they should. Research carried out by PwC earlier this year showed that almost three-quarters of small businesses and 90 per cent of large companies reported falling victim to a cyber attack in the past year, yet many are not even carrying out simple security measures such as setting strong passwords.
We can’t afford to ignore cyber crime – and everyone can play their part in reducing it by being careful with important information. Don’t be put off by thinking that stopping cyber criminals is too technical, too time consuming, or even futile – the risk is real but by taking the right steps, it can be prevented.
Here are ten simple tips everyone can use, especially with the Christmas online shopping season getting under way:
1. Make passwords difficult
This sounds so obvious, but hands up who still fails to do this? And too many of us use the same password for everything – don’t do it! Long and complicated passwords might be harder to remember, but you can always get a reminder sent to your inbox. It’s worth the hassle. In this age of social media, most people can easily find out things like your mother’s maiden name or the name of your kids from a quick look at your Facebook page.
2. Change your password
If you’re about to go on an online shopping binge, it’s wise to change your password first – and if you can use your work-based computer to do it, all the better. It’s likely to be far more secure than a home or public computer. Although it’s probably best to do it in your lunch break unless you want to annoy your boss!
3. Have more than one email account
Use a minimum of two email accounts – one for social and one for business. This means you can keep transactions such as banking and online payments separate from your Facebook, Twitter and social accounts. Some common email services such as Gmail support two-step authentication, so if someone tries to log into your email account from an unfamiliar device, a passcode will be sent to you by text message. As the hacker doesn’t have your phone, he won’t be able to gain access to your email. If your email provider offers this, it’s a good idea to use it.
4. Protect your machine – and keep it up to date
Having the latest operating system, software, web browsers, anti-virus protection and apps are the best defence against viruses, malware and other online threats.
5. Keep personal information personal
This sounds like another glaringly obvious one, but don’t reveal personal or financial information in an email and don’t respond to email requests for personal information – this includes clicking on links sent in the email. If you’re unsure if a request is legitimate, verify it by contacting the company directly.
6. Look out for fake websites
Fake websites can con you into paying for goods that will never arrive, while harvesting your credit card and bank details. They can be hard to spot, but the easiest way to tell is by looking at the web address, or URL, which will use a variation in spelling or a different domain name. Make sure your browser shows the padlock symbol next to the address bar and that the address starts with “https”. Any reputable online retailer will have these security measures – if the site doesn’t, be wary.
7. If it looks suspicious, it probably is
Links in emails, tweets, posts, and online advertising are often the way cyber-criminals compromise you. If it looks suspicious, even if you know the source, just delete it.
8. Pay by credit card
Only purchase online via stores that accept credit cards, and also ensure that the shop has a physical address. If you pay by credit card and for some reason your goods are faulty or don’t arrive – for example, if you’ve fallen victim to an aforementioned fake website – your card provider will reimburse you if your purchase cost more than £100.
9. Be wary of public networks
Data sent by public WiFi in internet cafes or on public transport can be easily intercepted by hackers. When using public networks, avoid using any sites that can capture your identity, passwords or personal information – such as social networking, online banking or any websites that store your credit card information.
10. Don’t let your guard down on social media
Set up your security settings correctly, and then make sure you don’t give away confidential information through posts and messages. And while it’s nice when your friends wish you happy birthday, having your date of birth on social media is a security risk. If you at least drop the year you were born, there’s the added bonus of not giving your age away.
Martin Brown is Scottish country manager at IT group EMC