1. Strengthen your passwords
Passwords should be at least eight characters long. Using techniques such as amalgamating three random words, with a special character and/or number, will make your password harder for criminals to guess. Don’t use family names, pet names, your place of birth, sports teams or combinations that are commonly used, such as Pa55word or 1234.
2. Don’t share passwords
Make sure you don’t share passwords by email, and don’t save them in an unsecured document or use the same password across different websites. Criminals can use automated software to guess commonly used passwords, make use of data stolen from previous data breaches, or intercept passwords sent via email. Password managers and single sign-on software can take the pain out of memorising multiple passwords.
3. Use secure networks
Do not view or send sensitive information when using public WiFi networks and make sure your home internet connection requires a password to join. A virtual private network (VPN) is easily installed and will provide an extra layer of security by making your online actions virtually untraceable. And make sure you lock your device if you step away from the screen.
4. Stay up to date
Always install the latest updates as soon as they’re available – enabling the auto-update function on your device will ensure you don’t have to remember. Yes we know it can be annoying to restart your computer when you’re in the middle of something, but why not use it as a good excuse to make a cup of tea?
5. Be careful what you click on
Always browse safely, avoid dubious sites and don’t click on suspicious content, particularly if it comes from an unknown sender. You should only interact with secure sites – these are indicated by a padlock icon in the address bar, or a URL that starts with https. Set spam filters to high and always double think before you download something.
6. Make sure you know who you’re talking to
Verify the identity of callers or senders of emails who ask you to do something, particularly if it involves sensitive information. Ask yourself whether the sender looks genuine, whether they’re using their usual email address, and whether there’s bad spelling or punctuation in the email. These are all signs an email is a scam. If you have genuine emails from a particular organisation, you can compare the two styles and formatting to see if there’s a difference. Criminals may use a tactic known as pre-texting, such as pretending to be from IT, HR or finance and ask for your password or personal information to update records or remotely fix an issue.
7. Take your time
Do you feel rushed, worried or threatened? These are all signs you’re dealing with a criminal. Think twice before automatically doing what an email tells you to do and be suspicious if someone says you’re at risk unless you do something. If an offer of free music, software or other gift sounds too good to be true, it probably is. Reject proposals that come out of the blue.
8. Be careful what you share
Stay vigilant at all times. Keep all personal and business information separate and limit the amount of personal information that you reveal. Be wary of sharing highly sensitive information publicly such as your place of birth, mother’s maiden name, date of birth or address. These can all be used to build a profile that can then be used to steal your identity or target you with a future scam.
9. Always report
If you think you have been the target of a scam (whether successful or not), always report suspicious people, emails, messages and telephone calls to the appropriate person in your organisation. You should feel comfortable reporting anything that compromises the privacy or security of customers, clients or other employees, without fearing personal repercussions.
10.Be vigilant in real life too
We’ve focused on digital scams for this article but of course, scammers can turn up offline too. Tailgating – when a person follows you into the office without a pass for example – is a known tactic that can lead to criminals gaining access to a private space where there may be sensitive information lying around. If and when we all get back to the office, it’s a good idea to clear your desk every evening and always make sure you use a shredder to dispose of sensitive documents.
The Privacy Compliance Hub
At the Privacy Compliance Hub, we make compliance easy for everyone to understand, care about and commit to. We call it a culture of continuous privacy compliance. Our platform, created by two ex-Google lawyers, provides a structured programme to follow, with a suite of engaging, relatable training videos and powerful reporting tools, giving you the confidence you’re keeping your customers, investors and the regulators happy. We tell you what to do. We give you all you need to do it. And we enable you to demonstrate that you’ve done it.