Category Archives: Cyber Security

Advice for online safety settings and security

Identity Theft And Your Personal Information

Identity Theft And Your Personal Information

Identity theft is when a thief uses your personal details to assume your identity to steal from you or use your identity for other reasons. It can be a very difficult thing to recover from. In some cases all a thief needs is your name, phone number, birthdate and home address to start hacking into your online accounts. Think about it, if those key pieces of personal information are stolen from you, and perhaps then shared onto other criminals, your identity can be stolen over and over again. One client I was working with had her identity stolen and accounts hacked into 3 times in 6 months. Why did it happen 3 times? Because her telephone company only used her phone number, home address and birthdate as an identifier, her phone number was taken over by a thief, and they used that to break into her accounts that required Two Factor Authentication. The verification codes were then sent directly to the thief. This theft is commonly known as a Phone Porting Scam, I’ve written about this crime previously here. It wasn’t until the client was given an extra codeword password by her provider that her phone account was secured, and therefor her other accounts. Her name, and birthdate, and other personal details were unfortunately found easily online via social media and a blog post she had forgotten about. The distress of having to try and get her accounts back, her stolen money returned was extraordinarily difficult. She can do nothing about the lost data it is now floating around the internet. The only thing she can do, is set up extra security on every account she has, and opt out of any platforms that do not give the option to set extra security. 

You Might Need A New Identity…

To try to secure your identity again by changing those key identifiers is really impossible.. your name, where you live, your phone number….and your birthdate? Institutions that require only those for identification are operating under a very old fashioned, and now clearly insecure system. That type of security may have been fine 10 years ago, but with so many data breeches and hacking occurring currently, using your name, birthdate or address to identify you is no longer secure, if a scammer or hacker knows those details about you, they can pretend to be you.   
 

Platforms Who Don’t Look After Their Customers Personal Details Need To Change!

I’m always going to be on the side of the customer. If the platform or website you use doesn’t employ encrypted personal details, privacy and security as a default, your personal identifiers not be secure. Insisting on personal identifiers to sign up or into an account and then leaving them public or unencrypted is not protecting your client base. It is also not enough just to hide your personal details from public view via privacy settings, if someone hacks your online account, unless these are hidden even from you when you log in, a hacker may see enough of your personal identifiers to steal from you.   

How Much Hacking Is Going On?

Every talk I give to students and adults I find people who have had or know someone who has had their identity stolen or their social media platform hacked, it can be Instagram, Uber, Musical.ly Facebook or Twitter.  If the website or platform you sign up for doesn’t have privacy set as a default, i.e hiding your contacts, your birthdate, your email address and other privacy they are not taking care of the security for their customers. Not everyone has good tech skills, and finding the settings to secure these things can be incredibly difficult for some people, particularly those over 60 years of age who are by far the largest demographic of those that have been a victim of an online fraud or scam.
Hacking often happens by falling victim to a scam, particularly a Phishing scam where you may be asked to “Click this link and verify your account” or asked on social media “Have you seen this video of you?” click this link and sign in via your account. It also maybe that the platform you have signed up for has a data breech and your data is leaked online. There are many ways your accounts on social media can be hacked
2017 Scamwatch statistics Australia

What Should I Do?

To make your online accounts more secure:
  • Find out what security the platform uses to keep your data safe.
  • Are privacy settings set to public by default, be sure to select the most private option.
  • Set all your privacy on all platforms especially social media platforms to the most secure settings and delete any personal identifiers where ever you can, i.e email addresses, phone numbers, birthdates, home address or local suburb.
  • Do not sync your address book with any online platform or social media.
  • Avoid giving out your birthdate, street address, phone number, credit card number, if it is not encrypted and hidden within your account.
  • Don’t share your birth year on any social media, and keep your accounts private. “Happy 50th!!” posted publicly gives it away!
  • Don’t use real answers to security questions like “What is your mothers maiden name” Keep a copy of your “fake” answers offline
  • Hide as much about your personal preferences, family, pets, where you went to school as you can.
  • Make sure you have Two Factor Authentication set up with an authenticator App like “Sophos Authenticator” do NOT use your phone number for Two Factor if you can avoid it.
  • Delete any 3rd party apps that are connected with accounts.
  • Shut down any accounts or platforms you don’t use.
  • Use Long Complex Random Passprases for your password, and NEVER use the same one on any other account.
  • Search for your name, personal phone number and home address online, remove from any websites or platforms where they are visible.
  • Secure your letter box, don’t throw away paper bills without shredding them
If you or someone you know has been hacked or has fallen victim to an identity theft scam, contact your local police, www.acorn.gov.au and  Contact IDCare.org to help you get your identity back.
Lastly if you feel an online website or platform is NOT keeping your data secure, contact customer service and complain. Or take your business or social life elsewhere.
How many of you have had or know someone who has an online social media account hacked?

Leonie Presents Cyber Safety Talks for schools, business, and community groups.

Smart Devices And Gaming Consoles What Parents Need To Know

Smart Devices And Gaming Consoles What Parents Need To Know

  Smart TV’s, Fridges, Children’s Toys, Doorbells, Baby Monitors, gaming consoles and of course the usual computers and phones. So many devices in our homes can now be connected to the internet, but how safe are they, and what do you need to do to secure them? Smart Speakers 2017 was the year of the… Continue Reading

Baby Monitors Spying On Your Child

Baby Monitors Spying On Your Child

Baby monitors that come with an app for your phone have been getting hacked for years. Default passwords and unsecured Wi Fi can result in your web connected baby monitor being hacked resulting in a live video of your child sleeping being streamed out to the internet on a strange websites where hackers get their… Continue Reading

Are Your Instagram Photos Giving Away Your Home Location?

Are Your Instagram Photos Giving Away Your Home Location?

Many Instagram users are inadvertently giving away private locations through their Instagram photos to followers. How? You may have never noticed that there is a photo map in Instagram that shows where all, or some of your photos were taken. If you have always had location services disabled for your Instagram account you may not see any photos… Continue Reading

How To Hide Your Facebook Friends List From Scammers

How To Hide Your Facebook Friends List From Scammers

My No1 tip for safety on Facebook from scammers or not so nice “Friends” is to hide your Facebook Friend List.   Why Hide Your Friends List? If your Facebook friends list is public you will be more of a target for scammers, and so will your friends. The most common scam, that has been… Continue Reading

Ashely Madison Hack, Schadenfreude or Sympathy?

Ashely Madison Hack, Schadenfreude or Sympathy?

There are more qualified security experts than I who can tell you the “How, Why and the What To Do” in regards to the Ashley Madison website hack. But, as I’m constantly banging on about privacy and online safety I can’t ignore this train wreck of an online crime, which is what it is. It is… Continue Reading