THE BLOG

They're After You: Five Tips for Dodging Cyber Criminals

03/07/2013 12:47 BST | Updated 01/09/2013 10:12 BST

In a world where we often spend more time online than we do in the 'real world' we will all make IT security mishaps at some point. Statistics from Experian Hitwise revealed that the UK spent 37 billion hours online last year. 1 The question is, how many of these hours were spent securely?

Common IT security mistakes include weak passwords, downloading risky apps, poor personal cyber security behaviour and, of course, losing your mobile or tablet. With almost half of all Britons set to use their own phones, tablets and laptops at work by 20202, it is becoming increasingly important for everyone to know how to avoid these pitfalls before it affects them at home and work.

There are simple tips on how to stay safe online, for example, ensuring you have a bulletproof password (no easy-to-remember 'PASSWORD1'). But what else can we do to protect ourselves out there on the net? We always look before we cross the road, wear a seat-belt in our cars and we should take similar precautions when surfing the net.

Here are some tips to make sure you are always looking twice when crossing the cyber security road:

Think like a bad guy

Spam is much more sophisticated today than it was 20 years ago. No more of this 'click here for this fantastic one time offer', hackers have become much more inventive in their attacks.

Just remember, if something looks too good to be true, it probably is - and the criminals will try anything to entice or trick internet users. On Twitter, they'll direct message you with a link to something awful someone has said about you. Via email, they'll claim they have a photo from your school days. On Facebook, they'll say that there is an app which can show who has looked at your profile.

Don't fall for it.

Their goal is to get you to click the link or download an app which will open you and your device (whether PC, Mac, tablet or smartphone) to exploitation. And yes, Macs get viruses too. Many times, you won't even know that you have been had. The malware will just work quietly in the background, stealing your data and registering every key you press. When you type in a website address, then your account name and password, they will see that and they will use it.

Just think of how many online shopping accounts you have that are already linked up to your PayPal account or contain your credit card details for quicker purchasing. A cyber criminal may choose to take all of your funds in one fell swoop or maybe just a pound a month. Would you notice a pound going missing? Probably not. And the thousands of other people who have been hacked probably wouldn't notice either. When they take small amounts, it takes longer for victims to notice and the money just rolls in.

Don't press snooze

Many of us have the bad habit of pressing the snooze button on system and software updates. Try not to think of them as an annoyance, but as an essential piece of counter-criminal kit. Cyber criminals will target old software where vulnerabilities have been uncovered to access your computer. Updates are your best way of counteracting new threats against older software.

Don't thoughtlessly give permission

Likewise, Android smartphone users shouldn't blindly accept every permission that new apps are requesting. Does a gaming app really need access to your location? Is it essential for a music app to gain access to your contacts? No, so don't give it to them. The app writers do this so that they don't need to ask your permission again if they update the app features in the future. You can see how they are trying to save you time to enjoy their app.

The problem is that Android users are now so used to accepting all permissions asked of them, that they are likely to let a malicious one through the net. And, bearing in mind that 92 per cent of malware found on smartphones is purely for Android devices, it is prudent to be vigilant.

Google yourself

For many of us, the first thing we do every morning is look at our social media profiles, but how secure is your profile? Think about what this information is worth. When you phone your bank they typically ask three or four security questions such as address, date of birth, place of birth and mother's maiden name. This is information that can (for the more social sharer) be easily obtainable just from a Facebook profile and a cursory glance around friends and family profiles.

To make sure your privacy settings really are private, Google yourself. If information you would rather keep private shows up, use an online pseudonym. Create an alter-ego with a different name, date of birth and email address. You can also use http://www.facebook.com/FSecureSafeProfile to check how much of your Facebook profile is visible to the public.

Be realistic about your security software

Security software today goes way beyond the anti-virus of old. It can protect you when online banking, lock and wipe your devices if they are irretrievably lost, it can even block websites deemed to have no educational merit during set homework hours for your children.

Just as the cyber criminals keep developing their attack methods, software developers work just as hard to keep ahead of them. An unprotected laptop or PC that is connected to the internet is likely to be infected within eight seconds. That's how prevalent malware is.

As with most things in life, you get what you pay for. Many free security software packages simply can't keep pace with the new threats being distributed by hackers and cyber criminals every day.

Our generation is the first to experience paying for assets that are not physical - apps, software, music, cloud services - and many people are still not comfortable with this. However, it's a lot more disconcerting knowing that a stranger has access to your photos, contacts, documents, banking details and the like. Your choice.

To find out more about protecting yourself online, and to learn about the latest cyber threats check out F-Secure's blog at http://safeandsavvy.f-secure.com/

1. Statistics taken from ISP Review http://www.ispreview.co.uk/index.php/2013/04/people-in-the-united-kingdom-spent-37-billion-hours-online-in-2012.html

2. Statistics taken from The Telegraph

http://www.telegraph.co.uk/technology/mobile-phones/10029908/Half-of-all-Britons-to-provide-their-own-smartphones-and-tablets-at-work.html