Cyber Security – How Not To Be An April Fool

Do you know how valuable you are?  Identity thieves do!

Every year thousands of Australians have their identities stolen.  Criminals use stolen personal information to commit identity crimes.  This can leave their victims with a bad credit rating and impact their ability to gain finance, run a business, or access government services.

Once your identity is stolen it can take a long time to recover.  The same goes for your business, staff and client information and ensuring that this is also secure.  If your data is lost or compromised, it can be extremely difficult as well as very costly to recover.

The Australian Taxation Office (ATO) along with the leading industry bodies, consultation with the Cyber Security Working Group (CSWG), a group of tax practitioner industry groups and other partners, such as software developer associations have created a list of top identity security tips to help keep you, your information and your business safe.

Some tips and tricks for Individuals to consider:

TREAT YOUR PERSONAL INFORMATION LIKE CASH

Do not leave your personal information lying around. If your personal information is stole, it is very difficult to get back.  Keep your personal information private.  Only share it when you are required to, and only share it through authorised processes and to authorised people.

Some tips and tricks for Businesses to consider:

REMOVE SYSTEM ACCESS FROM PEOPLE WHO NO LONGER NEED IT

Immediately remove access for people who; no longer work for your business or have changed positions and no longer require access.  Unauthorised access to systems by past employees is a common cause of identity security or fraud issues for businesses.

DO NOT USE USBS OR EXTERNAL HARD DRIVES FROM AN UNFAMILIAR SOURCE

USBs and external hard drives may contain malware, which can infect your business computers without you noticing.  It can cost your business a lot of money to repair the damage.  Stolen information could be used to commit crimes, often in your business’s name.

Some tips and tricks for both individuals and businesses to consider:

ENSURE YOUR PASSWORDS ARE STRONG AND SECURE

Use multi-factor authentication where possible.  Regularly change passwords, and do not share them.  Multi-factor authentication required used to provide multiple pieces of information to authenticate themselves – for example, a text message sent to your phone when logging in to a website.  An additional layer of security on your accounts can make it harder for others to access your accounts.  Strong passwords with a mix of upper and lower case letters, numbers, and symbols also make your accounts harder to hack.

ENSURE ALL DEVICES HAVE THE LATEST AVAILABLE SECURITY UPDATES

Run weekly anti-virus and malware scans and have up-to-date security software.  Instances of malicious software (malware) are increasing.  It can be easy to accidentally click on an email or website link which can infect your computer.  In some instances, your device may be impacted by ransomware.  Ransomeware can; lock your computer until you pay a fee to criminal and/or install software which provides access to your bank accounts, allowing criminals to steal your money.

USE A SPAM FILTER ON YOUR EMAIL ACCOUNT

Always use a spam filter on your email account and do not open unsolicited messages.  Be wary of downloading attachments or opening email links you receive, even if they are from a person or a business you know.  They can infect your computer with malware and lead to your business or client information being used to commit fraud.  Spam emails can be embedded with malware and/or used to trick you into providing information, paying fraudulent invoices or buying non-legitimate goods.

SECURE YOUR WIRELESS NETWORK

Be vigilant when using public wireless networks.  Avoid making online transactions while using public or complimentary wi-fi.  Not all wi-fi access points are secure.  By making online transactions (such as online banking) on an unsecured network, you can put your information and money at risk.

BE VIGILANT ABOUT WHAT YOU SHARE ON SOCIAL MEDIA

Keep personal information private and be aware of who you are interacting with.  People are accustomed to sharing personal information on social media.  The same goes for many businesses as they also now have a social media presence.  However, before sharing ask yourself if it is information you want strangers to have access to.  It is very easy for information on social media sites to be shared outside of your network, even when your security settings are set to private.  Scammers can take information you publicly display and impersonate you or your business.  Impersonators may send emails to trick your staff into providing valuable information or releasing funds.

MONITOR YOUR ACCOUNTS FOR UNUSUAL ACTIVITY OR TRANSACTIONS

Check your accounts (including bank accounts, digital portals and social media) for transactions or interactions you did not make, or content you did not post.  If an organisation you deal with sends you an email alerting you to unexpected changes on your account, do not; click on included hyperlinks or open any attachments.  You should immediately; check your account and contact the organisation by phone.

ENSURE YOUR MAIL IS SECURE

Ensure your mail is secure and consider using a secure PO Box.  Mail theft is a leading cause of personal information security breaches.

DO NOT DOWNLOAD PROGRAMS OR OPEN ATTACHMENTS

Some programs contain malware that can infect your computer, or be used to harvest your personal and business information.  Be sure you are downloading authorised and legitimate programs.  Unless you know the program is legitimate, do not open attachments or download it.

DO NOT LEAVE YOUR INFORMATION UNATTENDED

Secure your electronic devices wherever you are.  Your personal information can be taken in an instant.  In some situations, you won’t even know it was stolen.  Make sure you; do not leave electronic devices unattended, secure your electronic devices with passcodes and securely store portable storage devices (such as thumb and hard drives) when not in use.

 

Source: Australian Taxation Office (ATO)