Protecting yourself from online risks

14 September 2022

Our lives are increasingly connected – we’re here to help protect what’s important to you, whether it’s on or offline.

Cyber safety

Our world, our lives and our homes are increasingly connected. This connectivity has opened the door for previously unimagined opportunity, but with this opportunity comes previously unimagined security risks that affect each and every one of us. 

Cyber safety has become one of the fastest growing security issues we face in the modern world. Where we were once ‘simply’ concerned with physical threats (burglary, flooding, storm damage etc.) now we have to consider how the technology we use every day can be used against us.

A few common cyber security issues

Cyber safety is far from just the concern of big business; we are all targets. With that in mind, there are things we can all do to keep ourselves a lot safer online – ensuring the convenience of having connected devices isn’t overshadowed by cyber threats. 

This guide is created with security experts at Blackstone Consultancy and designed to highlight just a few common cyber-security issues and solutions to help you manage your online safety with the same scrutiny you’d manage your personal safety. 

Phishing emails

Phishing is the practice of sending a high number of emails, disguised as though they are from reputable companies. The idea is to trick individuals into revealing personal information, such as passwords and credit card numbers.

More than 3 billion phishing emails are sent every day. Sending millions of emails in a single campaign costs very little money. Even if one recipient out of 10,000 makes one purchase, the spammer can turn a profit.

How to manage the risk

  • Don’t store passwords where they can be easily seen.
  • Be suspicious of email discounts or offers.
  • Never respond to a message from an unknown source. 
  • If you detect a phishing email, mark the message as spam and delete it.
  • Phishing emails will probably contain odd ‘spe11ings’ or ‘cApitALs in the sender’s email address.
  • Phishing hackers are unlikely to know your real name, so the email may address you in vague terms, e.g. ‘Dear Valued Customer’.

Learn how phishing emails are used to trick individuals into sharing information and how you can protect yourself.

Spearphishing

Spearphishing is the practice of sending emails which are allegedly from a known or trusted sender. The aim is to encourage targeted individuals to reveal confidential information.

The email address will be ‘spoofed’ to look like a legitimate address from a known sender. Knowing what to look out for in a spoof email can help you identify them and respond appropriately.

How to manage the risk

  • The email address that appears in the ‘from’ field of an email is not a guarantee that the email came from the person or organisation it says it did... check.
  • Call any known sources by phone, to check they are bona fide, if they are asking for money to be transferred.

Learn how spearphishing attacks can be used to target you and your family and how you can avoid them.

Online data sharing

You might be sensible with what you share online, but do you know what your family and friends are sharing? Even regular sharing of daily activity, holiday pictures and hobbies can give too much information to the wrong people.

Over-sharing online, through media and even government data sources like Company’s House, can mean you are giving away personal information to hackers. By gathering this information and building a profile on you and your family, hackers can make you a target.

Younger generations can be a big risk to families if they overshare on social media. Avoiding the sharing of documents, letters, licences and other sensitive information might seem obvious but even sharing daily activities, holiday pictures and hobbies can give too much information to the wrong people.

How to manage the risk

  • Younger generations can be the biggest risk to a family’s online security, they often overshare information on social media.
  • Ensure that you and your family have the appropriate privacy settings enabled on your social media accounts.
  • Think twice about posts and photos you’re sharing. 
  • When you enter your details to a website or app, always check the terms and conditions.
  • Consider the amount of information you give Companies House, don’t use your personal address.
  • Turn off location services.

Home network attacks

All connected devices in the home access the internet through a common point, the router. There is an assumption that they are always secure, but in reality this is not always the case.

Many of the popular routers have vulnerabilities. For example, if a hacker can log onto your Wi-Fi network, they can access all Wi-Fi run devices in the home, including smart devices, fire and security systems and monitor your web traffic. And they can do this anytime, 24/7.

You can protect yourself and your family by taking simple steps like changing the default passwords on your smart home devices.

How to manage the risk

  • Check with your broadband provider that the core software or firmware on the router is the latest version.
  • Ask how to disable WPS (Wi-Fi Protected Setup).
  • If you use Wi-Fi signal boosters, check how they connect to your network.
  • Change any factory passwords on your smart home devices.
  • Remove password from back of router.
  • Keep your broadband router out of sight so the password or device is not visible.

Learn how a typical home network attack can happen and the ways to avoid it.

Dissatisfied staff

When allowing people into your home, you’re giving them access to much more of your life than you may realise. It’s important to make sure they don’t take advantage of that access.

We usually know and trust the people that come into our homes but in some instances, people may have sinister motives.

Keep an eye on domestic staff, construction workers and other people that visit your home who you may not know well enough to trust fully. If you find them to be disinterested in their work, there could be more to the situation.

How to manage the risk

  • Watch out for domestic staff that keep strange hours or if they appear disinterested in their work.
  • If you are recruiting outside of an agency, always obtain references for new staff, but also call their previous employer.
  • Consider online searches to see if the prospective staff member shows up in any online stories or news articles.

Man-in-the-middle attacks

Who doesn’t like FREE public Wi-Fi? The risk is that not every Wi-Fi network you access is ‘genuine’ and once you’re on their network, they can see absolutely everything you do… including your passwords and account details.

A man-in-the-middle attack is when a data shared from a computer to a server is intercepted.

Shared Wi-Fi networks are handy but not always completely secure. Not every Wi-Fi network you access is ‘genuine’, hackers sometimes create fake Wi-Fi networks. Once you are logged on, they can watch your every move.

How to manage the risk

  • Use your mobile device’s data instead of public Wi-Fi.
  • If you need to log onto public Wi-Fi, then consider purchasing a VPN.

Top 5 VPNs (according to techradar.com)

  • ExpressVPN
  • NordVPN
  • IPVanish
  • Hotspot Shield
  • Surfshark.

Learn how hackers can intercept connections and how to avoid this.

If you do experience a cyber-attack, your Ecclesiastical Art & Private Client insurance policy includes home systems damage, cyber-crime and cyber online liability as standard. 
 
For more information about the latest threats, listen to our ‘Covered in 15’ podcast with Tom Tahany from Blackstone Consultancy.
In collaboration with Blackstone Consultancy

About Blackstone Consultancy

BSC is a security and investigative advice consultancy and is one of our preferred suppliers. Find out more.

Cyber selfie Send icon