8 Ways to stay ahead of cybercrime
Updated: Dec 21, 2018
Over the past month alone, several thousand Australians were scammed out of more than $800,000 via an ATO tax hoax that contacted its victims by phone and demanded that they immediately pay an outstanding tax debt or face Federal Police action.
Cybercrime can affect anyone at any time. Online scams, phishing attacks (where criminals masquerade as a trusted entity to steal user data), fake phone calls, texts or instant messages and other forms of tech-crime are on the rise and we need to better understand the new cyber-threat landscape.
Rather than getting fearful or paranoid, it‘s important to learn how to read the warning signals to improve your understanding of cybercrime so that you can mitigate potential risks and know how to deal with a cyberattack should it happen to you.
8 Ways to stay ahead of cybercrime
1. When someone contacts you unexpectedly. When someone you don't know contacts you out of the blue via text, email or on social media always approach it a healthy sense of caution. Consider the context of the message and if it feels a little weird or out of character, then chances are it's not real.
2. Deciding whether or not it's actually a scam.
If you do get a call or text that sounds like it might be legitimate, an outstanding bill for example, always give yourself some extra time to investigate... so hang up the phone and do some research before making any payment. We recently received an electricity bill asking for a large than usual amount and earlier in the billing cycle than usual, so we logged onto our online account and found we had already paid our bill - this was a hoax.
3. Scammer tactics. Scammers will often try to convince you that the situation needs resolving right now. They do this so that you feel pressured to act and so you don't have the space to look into the matter and review at your own pace. Fear and bullying are common tactics to get you to act faster but also be aware of the patient scammer who is happy to engage you via a polite email with a lengthy story about a charity cause needing your money.
4. Spotting a fake. You can spot a fake email by looking out for some noticeable giveaways like a generic name ('Dear Madam' or 'Dear Client' for example) rather than a personal greeting, poor quality presentation (like grainy images or unprofessional looking text), an unofficial email address or bad spelling or grammar.
5. Requests to disclose passwords or banking details.
Legitimate companies will never ask for your password or request money via unconventional methods like clicking a link and asking you to enter your bank details.
6. Keeping data securely backed up.
Keep multiple backups of your data – preferably at least one in a physically different location to your computer and another encrypted in the cloud. Backup does not mean putting important information like priceless family photos onto a single hard drive and storing that in the cupboard or safe. If that’s the only copy of your photos and your hard drive happens to fail or disappear, your photos are gone.
7. Keeping software up to date.
Ensure that your software is kept up to date. Leaving software ‘unpatched’ greatly increases its vulnerability to being hacked, particularly with operating systems like Windows and MacOS and also any smart phone and tablet.
8. What to do if you have been scammed. If you are unsure something is a scam:
avoid clicking on links or opening attachments;
if you think you have been scammed, change your email and banking passwords immediately then notify your bank to investigate whether any unauthorised transactions have been made;
if you’re sure that it is a scam shut down your computer immediately and avoid any further risks;
do a computer scan / review to make sure you are secure and haven’t been hacked;
you can securely report instances of cybercrime to the Australian Cybercrime Online Reporting Network (ACORN), a national policing initiative of the Commonwealth, state and territory governments, as well as follow the Australian Tax Office's guide to verifying and reporting a scam;
and finally, if you have been asked to pay a ransom, talk with an IT professional first and weigh up your options sensibly though in general, if you are prepared enough, you may not have to pay anything.
If the tech side of things gets all too daunting (understandable in such a complex space) you can always ask for help or hire an IT specialist.
Whatever you do though, it's important to develop an awareness and understanding of cybercrime. Online fraud attempts are ever increasing and anyone can be a potential target, so get yourself educated and prepared for what could happen so that you can work confidently working online and navigate the digital world with greater ease.