Use a password vault

We all know that we should never re-use a password for more than one account. It is a basic rule - but the mechanics of doing so can be challenging. Password Vaults have been around for several years and essentially create highly complex passwords for all your accounts and then store them for you - meaning you only ever need to remember one ‘master password’.

Examples of Password Vaults are Dashlane, Nordpass, and Keeper.

Know if your email has been exposed

You need to know if your email address has been exposed in a data breach. Have I Been Pwned is highly rated by the BBC and Which? and is a free service that allows you to see if your email has been compromised, when, and how.

Remember it’s a jigsaw

Criminals are not looking to harvest all of your personal information and log-ins in one go. If they can obtain your email address today and your date of birth tomorrow, that works just fine for them. Every time you are compromised it completes a bit more of the overall puzzle.

And the same criminal network doesn’t need to hit you twice - they usually sell each piece of the puzzle online and buy the pieces they are missing.

Subscribe to a credit-checking service

Criminals look to obtain your credentials for financial gain and one of the first flags that something is wrong may be movement in your credit score. Services such as Experian and Credit Karma will provide immediate alerts if a credit search (soft or hard) is made in your name or if credit is taken out - they also provide monthly reports on all activity on your credit file.

Use a false date of birth or name

Some websites that you use will ask for information such as your date of birth or name, even though it is not really necessary - your bank needs to know your actual date of birth, but social media platforms, online games, food delivery services, and email providers will accept any date of birth.

So if their platform is hacked, the information harvested is incorrect.

Update software

Updates are released for various reasons, but one major one is to fix security flaws. The famed WannaCry attack simply exploited organisations that had failed to install recent updates that had been released by Microsoft - the attack happened in May exploiting a security flaw that had been fixed in the March update. 

Most devices can now be set to auto-update at a convenient time so there really is no excuse.

Don’t use USB flash drives

With cloud technology, data sticks or flash drives should be largely obsolete. They offer a great opportunity to introduce malware onto your computer and there have been instances where a flash drive is deliberately dropped in the hope that someone will pick it up and plug it in.

Avoid phishing scams

Phishing scams can be extremely sophisticated and professional. If you have any doubt about an email you have received, then hover your cursor over the sender's email address and see if it looks odd - an email from Amazon will not come from an address that looks ‘odd’, such as ‘delivery.amazon.uk@124qrdtysty.eu’.

Also, do not click ‘unsubscribe’ on any suspect emails as this lets the Phisher know that your email is live and monitored. 

Understand what you are giving away

Most of the Apps that can be downloaded for mobile devices now have to state what data they collect from you. Check that the data collected makes sense. A travel app collecting your location makes sense, but also collecting your name, email address, and User IDs doesn’t. 

Be aware of the latest scams

You don’t need to respect cybercriminals as people,  but you do need to respect their professionalism. Trusted websites such as Experian, AGE UK, and SafeWise constantly update their lists of the latest online attacks that may be coming your way. 

And remember - ATN Partnership can help with all of the above, including ensuring your business's password protocols and procedures are up to date and appropriate.