James Lyne, Global Head of Security Research, Sophos, shares a Black Friday security checklist of top 10 consumer traits that leave them vulnerable to cybercriminals.
What not to do this Black Friday – how many of the things on our ‘not to do’ checklist do you do?
- Use a password that’s easy to remember, like ‘Password’ or ‘123456’
Though they are easy to remember, for a cyber-criminal this is like giving candy to a baby. A password like this can be cracked in less than a second.
- Have the same password for everything so it’s easy to remember
It’s a lot of hassle having to have a separate password for our online banking, online shopping and email accounts. However, remember if a cybercriminal has access to one password they have access to all your accounts and the plethora of data they contain.
Create a ‘log-in and password’ folder on your phone or in your email
So you have different passwords and usernames – that’s great. But keeping a folder with all of the information in is a hacker’s dream and one that is easier to access than you might think. You’re better off using a password manager that you know is secure.
- Ignore notifications to update your phone or your laptop
We all get frustrated by notifications asking us to update the software on our laptops or iPhones, and it’s so easy to ignore or click remind me later. But some updates will have important security patches that really need to be carried out.
- Open links or attachments in an email from an unknown sender
Has curiosity ever got the better of you, and you’ve been desperate to know what’s in the attachment or tempted to click a malicious looking link? Phishing emails are going from strength to strength and some are even fooling the pros, but as a rule of thumb never open it if you’re not expecting it.
- Replying to emails that notify you of unusual activity on your account
The majority of ‘fraud alert’ or ‘account compromise’ emails these days tend to be scams. Don’t reply to them or click on the links, but instead go directly to the website of the provider (or phone them) to check for issues. Clicking a link in one of these emails and ‘signing in’ is a classic way to lose your login information.
- Click ‘remember me’ when you log into sites
It’s convenient to be able to go on a site and already be logged in, but do you want to allow a cybercriminal access to your Facebook account for example? Always log out and never tick the ‘remember me’ box.
- Believe deals that are too good to be true – there’s no such thing as a free iPhone
We’re all after a good bargain this Black Friday, but this also presents cyber criminals with an opportunity to steal your information by offering you the most competitive deals. Use your initiative to know what is real and what isn’t, and if you aren’t sure, don’t take the risk.
- Connect to an unknown Wi-Fi network
It’s important to be confident that the Wi-Fi you’re connecting to is secure. Otherwise all the data on your phone from your Facebook account to your banking apps could be infiltrated by a cybercriminal. If you’re not sure it’s secure but you really need to connect, you could use VPN.
- Don’t check your transactions and miss any fraudulent activity on your cards
These days it’s much harder to check every transaction on our bank statements, however the Christmas shopping period is the most important time of year to be doing this in order to avoid falling victim to fraud. If you discover payments that you can’t identify, notify your bank immediately.