The following five tips provide you with a solid foundation should your level of cyber threat increase:
Always keep software up to date and install antivirus
- The most important of all basic measures is to ensure that you update your software regularly. Most software providers, such as Microsoft and Apple, regularly release updates to improve their systems. Always install these as soon as possible, as hackers will target any known vulnerabilities.
- Installing antivirus is a good first line of defence, but ensure it is set to scan your device and update regularly.
- Many devices and online services have a range of security and privacy settings that can help protect you, however, they aren’t set by default. Be aware of your settings and activate relevant security features.
- Many computers include basic desktop firewalls as part of their operating system, when implemented and utilised correctly these control communication to and from that computer when connected to a network or the internet. They provide a line of defence against someone who might try to access your computer from outside the firewall without your permission. Therefore, do not deactivate them.
Utilise passwords and encryption
- Always utilise passwords and practice good password management.
- Ensure your user account on your desktop (for example, Windows) is password protected. If it is a shared computer, create different user accounts for different family members.
- Try to avoid using the same passwords for multiple sites and devices, particularly for banking and any other sensitive accounts.
- For sites where you conduct financial transactions, use a strong password; the more characters you use, the harder to crack it will be. A mix of at least eight characters including numbers, punctuation and both uppercase and lowercase letters will significantly reduce the likelihood of that password being guessed. Try using a series of words and memory techniques, or mnemonics, to help you remember how to decode it. For example, instead of the password reflecting you son’s birthday for example “12Dec2004”. Use “Msbi12/Dec/04”.
- Avoid storing passwords digitally or using auto-complete functions and don’t write down any password in its entirety.
- If you are storing personal or sensitive information, see if your device offers the option to encrypt files with passwords.
Be vigilant with email and internet use
- The most common way people get hacked is via email – do not open emails or attachments that are unsolicited, look suspicious or you do not know the sender.
- Disable the option to automatically download attachments available on some devices.
- Be alert to fraudsters claiming to represent trustworthy entities, also known as ‘phishing’. Before clicking on any link, verify the website address (URL). Fraudsters will often deceive users with subtle spelling mistakes or variances to direct them to harmful sites.
- For any financially related emails, always go to your normal URL or search Google for it rather than clicking on the link in the email.
- Ensure your wireless network at home has strong encryption.
- Sensitive activities, such as banking or shopping, should only be done on sites where the URL begins with “https://” on a device that belongs to you, on a network that you trust and not public Wi-Fi.
- Some mobile devices are equipped with wireless technologies, such as Bluetooth. To connect to other devices or computers, you should disable these features when they are not in use.
- When using search engines to find information online, try to avoid clicking on sponsored ads.
Be careful of what you’re sharing online
- Given the popularity of social media, hackers have access to a considerable amount of personal information posted online. Therefore, be wary of what you are sharing. Any personal details you do share may be used by hackers to impersonate you or to gain more valuable information.
- Be wary of social engineering, where someone attempts to gain information from you through manipulation. Avoid divulging sensitive information if someone requests it by emailing, messaging or calling you. You can always contact the company directly (using a different phone where possible) to verify credentials before giving out any information.
Ensure devices are physically secure and data is backed up
- The physical security of your devices is just as important as technical security. Having physical access to a device makes it easier for an attacker to extract or corrupt information. Do not leave your device unattended in public or easily accessible areas.
- A lost device, a virus or a successful hack can mean losing all of your files, photos and sensitive information. Ensure you have a regular back-up process so that all data is backed up and held remotely in a secure manner so that you can recover it without loss.
If you feel you have received any suspicious or fraudulent communications that appear as if they have come from Cazenove Capital or Schroders, please email abuse@schroders.com with complete details.