What is cyber hygiene?
They’re the things you can do to improve your safety online and protect yourself from fraud. Every year, the number of cases of online fraud goes up. “And they’ve spiked in 2020 with the pandemic,” states Tony Fachaux, cybersecurity awareness expert at National Bank. “Fraudsters always use the same methods. By practicing good cyber hygiene and increasing your vigilance, which tends to slip when you’re online all the time, you can easily avoid fraud.”
A cyberattack can lead to identity theft, data theft, or financial theft, which can tarnish your credit report and even land you in court. Practicing good cyber hygiene is the best way to stop cybercriminals. “The fact that there are cyberattacks means that people and companies don’t have a grasp on basic safety practices,” the expert insists.
Best practices for better cyber hygiene
1. Protect your devices
Get an antivirus that scans websites, downloads, attachments and external hard drives. “Antivirus software has evolved; it doesn’t just scan for viruses anymore,” Tony Fachaux explains. “It includes other safeguards, like behavioural analysis that detects suspicious activity on a device.”
A good protection tool also offers firewalls, among other things, which analyze the computer network’s incoming and outgoing connections to block fraudulent activity. “A virus that gets installed steals information and will try to communicate with the hacker to send it to them,” he continues. “A firewall could block this kind of flow of information.” Also, check regularly to make sure these protection measures are enabled.
2. Choose a secure Wi-Fi network
Avoid connecting your devices (phone, tablet, computer) to unknown or unsecure Wi-Fi networks. If you’re connected to a public Wi-Fi network, a fraudster could get their hands on your personal information. “High-end hotels are a favourite for fraudsters, for example,” Tony Fachaux points out. “They know that clients could possess important company information. We recommend avoiding any sort of confidential activity on a public network, like logging into your bank account or using your email.” To secure your Wi-Fi at home, change the default passwords for your network and your router.
3. Use strong passwords
A strong password allows you to protect the accounts on your personal and professional devices. It should be as long as possible, only make sense to you, and be unique. Never write down or share your passwords. You can also enable two-factor authentication, which is a two-step identity verification process, to reduce your risk of fraud considerably.
4. Update your software regularly
Download the most recent versions of security software, operating systems, web browsers and third-party apps. These updates correct new known security vulnerabilities. You can actually enable automatic updates on your devices.
5. Make sure you have backups
Always make sure you have a safe copy of your documents. On top of ensuring you can find them in case you lose your devices or they get stolen, this could help you retrieve your information if you’re a victim of phishing. Make sure you have an offline backup, like on a cloud app, for example. If your updates are made to an external hard drive that’s connected to an infected device, the data could be compromised.
6. Look before you click
Be vigilant at all times when it comes to unsolicited communication, whether via email, social media chats, or even text message. Never click on a link or attachment unless you’re sure it’s safe.
7. Avoid sharing personal information on social media
Some of the information that you post online could allow a fraudster to hack into your accounts or create a convincing enough fake account for phishing purposes. Don’t reveal too much about your work life, either. A user who indicates on their profile that they’re a financial systems administrator could be targeted by a fraudster who’s interested in their employer.
Do you work from home?
Your employer’s best practices for Internet security should be followed even when you’re working from home. Here are other cybersecurity measures specific to remote work:
- Use a virtual private network (VPN), which allows a secure, direct
link between remote devices. “Like a tunnel, it connects you to the
company’s network,” the expert explains. “That way, even if you’re
connected through an unsecured Wi-Fi network, you’ll be protected
because the connection generated within the network is
- Don’t share any work-related information using your personal
devices. A work computer is often equipped with proven tools that
provide better security than personal devices.
- Use the devices provided by your employer for work purposes only.
Personal activity increases the risk of fraud online and could
expose confidential information contained on your work device.
- Don’t share your work tools with family members or friends. Make
sure they don’t have access to them, especially if you have special
permissions for work platforms or apps.
- Disable the voice assistants on your devices. “When you speak to an enabled voice assistant, it answers. That means it’s always listening,” Tony Fachaux says. “While there’s no proof that this can cause security breaches, better safe than sorry, especially when you’re having confidential conversations.”
When you understand them, the rules for better cyber hygiene are simple. Once they’re part of your behaviour, they will help protect you from common fraud schemes.
For more advice, read our ABCs of security.