Cybercrime prevention: don’t get caught in the trap
All economic and social crises have historically been accompanied by increases in crime rates. This is due to multiple factors relating to human, social and collective behaviour in response to adverse situations.
Cybercrime and electronic fraud are among the areas of criminal activity that are that are experiencing significant growth during times of crisis, especially in societies where electronic processes and digital media are an important part of people’s daily activities.
Most of the cyber crimes that occur on a daily bases are characterized by a lack of complexity and are both random and massive in nature. These cyber attacks take advantage of the general population’s poor digital literacy (inability to detect possible cases of fraud or a lack of technical knowledge).
A significant number of cybercrime victims are businesses and companies that are increasingly dependent on electronic processes for the development of their economic activity. In many cases, cybersecurity breaches can result in significant loss of capital and sensitive information, which can even lead to bankruptcy.
Here are some simple tips and actions you can take to avoid becoming a victim of digital criminals and prevent cybercrime—the first, and perhaps most important is to take these tips into account in your daily life, not just during times of crisis:
• Use secure passwords for any online account. Strong passwords are normally longer than 10 characters and include a combination of uppercase, lowercase, numbers and even symbols.
Never use words or data that are related to you personally (e. g. date of birth, your child’s name or the name of your business). It is also important that you not use whole words that are easily found in the dictionary (e. g. “house”). The reason for this being that one of the first steps taken by any cybercriminal is to automatically test millions of word combinations from the dictionary.
Additionally, it is recommended that you use a different password for each account so that if any of your accounts are compromised by a cyberattack, the rest of your accounts can be kept safe from cross-site attacks.
• Never store your passwords in text files or documents stored on your computer, mobile devices, or in files stored in the cloud. You are better off using the password managers included in antivirus applications.
• Enable access via password on your computer and mobile devices. Remember, 12345 or jose1970 are insecure passwords.
• Enable the two-factor authentication method if it is available. Today many services on the Internet allow you to activate this access system, which consists of authentication by the traditional method of username and password, plus a different method of verification such as a code sent by SMS or email.
• Learn how to detect fraudulent emails (such as “phishing”). One of the first steps in detecting whether an email is a possible fraud is to check the email address of the sender, which in most cases does not match the actual sender and is characterized by long and meaningless email addresses. However, it is important to note that more elaborate attacks can mimic the sender’s address and in some cases completely supplant the sender’s identity.
Always be suspicious of any email asking you to send login credentials, requesting that you urgently access one of your accounts using a link or button provided in the email, those emails that ask you to communicate using some method of contact provided in the email message itself or that want you to download a “very important” file attached to the email.
If you have doubts regarding the authenticity of the sender, it is best to contact the authentic sender through the official and publicly known communication channels—never through a direct response to the suspicious mail / sender or the communication channels proposed in the email received.
• Host your website with certified hosting providers. Before buying any hosting service, check their website and review ratings on social networks. Know the security measures they implement on their servers and confirm that the service complies with European data protection regulations.
• Always keep your website up-to-date. You should pay special attention to those updates related to the content management system (e. g. WordPress) and to any templates, modules or plug-ins you have installed in your website.
• Do not install any plug-ins or third-party components on your website whose author is not verified or certified.
• If you do not have programming experience, avoid installing code on your website that you’ve copied from forums or other sites. Without the ability to correctly read and interpret the code you are copying, there is always a risk that you could end up installing malicious code on your website.
• Install antivirus software on your computer and mobile devices. This is a primary tool in cybercrime prevention.
• Do not access links provided via SMS text messages. Exercise the same vigilance you would with a suspicious e-mail.
• Avoid connecting to the Internet on public Wi-Fi networks. If you must do so, purchase a VPN (Virtual Private Network) service beforehand and always connect through it.
We hope these tips on how to prevent cybercrime can become a part of your online daily routine. Cybercrimes are ever-present in our modern world and tend to propagate in times of crisis, but you can be avoid being seduced by some of the most common online traps, protecting the safety of your business.