The pandemic and resulting lockdowns have led to a surge in online transactions globally. People are also using digital channels more and more for online banking and other financial services because they are easy, convenient and a faster method for fund transfers. But society’s growing reliance on digital services brings with it a raft of security and data privacy issues, with higher numbers of potential attack vectors opening up more backdoors to instances of identity fraud.
Stolen personal information can be used to create fake accounts or carry out illegal transactions in the name of authorised users. This misuse of digital identity can have serious consequences, especially if perpetrators are involved in money laundering or terrorist financing.
Many place their trust in traditional security methods such as passwords and knowledge-based authentication, but as fraudsters become more and more sophisticated, these methods are no longer sufficient to protect our digital identity and personal information.
It’s not all doom and gloom, though, as there are several steps you can take to protect your personal information online. Below are four top tips to protect yourself and your family, as over-65s are particularly vulnerable in this area, which recent research by the ACCC revealed. Scammers often target seniors, as they are viewed as having more accumulated wealth than younger people, and are seen as being less familiar with new technologies.
1. Use a password manager (and layer it with two-factor authentication)
Passwords are the easiest way fraudsters can access the gateway to your online identity. If your primary email becomes compromised and you use the same password in many sites, it could cause serious damage to your life and finances.
A password manager will help you create, store and manage complex and unique passwords for every new digital service you are using. Password managers also assess the strength of all your existing passwords, identify those that are especially vulnerable, and suggest alternatives.
Taking it one step further, some password managers support two-factor authentication to safeguard your access into the password manager. Two-factor authentication requires you to use two factors to authenticate yourself, preferably a combination of: something you know (a password, PIN code or passphrase); something you have (a physical token, USB key, your mobile device); or something you are (fingerprint, face recognition, hand gesture).
2. Use biometric verification wherever possible
Remote authentication tools such as face, iris (eye), voice and fingerprint detection, as well as behavioural biometric scans are becoming more and more widespread. With biometrics, you become the password. Biometric authorisation is increasingly being used for identity verification on smart devices such as laptops and smartphones. It is a more secure way to protect your identity as it involves characteristics that are unique to you, and therefore almost impossible to replicate. While it might be relatively easy for a fraudster to guess your password, it’s much harder for them to fool a system that uses your unique physical characteristics to verify your identity.
3. Watch your digital footprint
There are a large number of online portals that require or entice users to enter personal details such as lucky draws, voting sites, event participation, shopping sites, news and magazine subscriptions, enquiry submissions, dating sites, and contests. Whenever you enter your personal details on such websites, a fragment of your digital identity gets left behind, which fraudsters could then use to commit fraud attacks or identity theft. Once information is shared online, it’s almost impossible to remove completely – even if it’s later deleted or modified.
As such, be careful about the types of details you share about yourself online and be aware of unfamiliar sites asking for too many details. If you have any doubt about the legitimacy of the requesting webpage, be safe and investigate the source first.
4. Be aware of phishing emails
Phishing e-mails are fraudulent ways scammers use to trick you into giving them your personal information. The pandemic saw an upsurge in threats and online attacks, such as scammers pretending to be the government with Covid-19 update scams, ATO scams, financial fraud linked to accessing superannuation early, JobKeeper payments, and JobSeeker claims. According to Scamwatch, Australians lost more than $851 million due to phishing scams last year.
There are ways you can spot a phishing email. They have a public domain, ask for personal information, have unsolicited attachments, and are generally poorly written. They also have suspicious links, and a sense of urgency to make you panic and take action quickly.
If you have the slightest doubt that an email might be suspicious, you can verify their details by searching for the business online before responding or clicking on any links within the email, to avoid compromising your computer or accounts.
Article by Carol Chris on 23 June 2021 – startsat60.com