In a world that’s so predominantly digital, our safety online has become an important topic. And so it should be. We keep so much valuable private information in and on our digital devices now that cybersecurity and smart online behaviour is paramount.
In this article, we touch on two areas of cybercrime and how you can exercise better precautions with cybersecurity to stay safe in the online space. These areas are scams and using public wifi connections.
Please note that the advice provided here is general and you should seek professional legal advice if you believe you have become a victim of a scam or cybercrime.
What is Cybercrime?
Cybercrime usually means crimes directed at computers or other ICTs (information communications technologies), although other digital devices could fall in the same category. It also covers crimes where computers or ICTs are used as part of an offence, such as online fraud, cyber harassment, cyberstalking and cyberbullying.
What is Cybersafety?
Cybersafety and cybersecurity are the terms used to describe initiatives and resources to help you manage your online behaviour and information safely. Even though there a number of Commonwealth and state-level laws which attempt to penalise and discourage aggressive or attacking online behaviour, some of which even carry prison sentences, the focus of cyber safety is on an individual’s own education. A person’s capacity to monitor their online presence and online risks, including cyberbullying and image-based harm, is a large part of cybersecurity.
Cybersafety is increasingly becoming something that workplaces, organisations, groups and education providers are also considering in their day-to-day practices, as well as in their broader planning. Though the law in Australia has now taken into account many cybercrimes, these laws are mainly focussed on the safety of individual people (or selected groups of individuals, such as the elderly and children). This has led to organisations needing to think about their own protection and cybersafety by assessing their major and minor digital risks, company values, safety capacity and their everyday communications and transactions.
If this is something you haven’t already put into place, we’d highly advise your organisation consider.
Scams in 2019
As the way individuals and organisations use the online space has become more sophisticated, so too have the cybercrimes and scams that target people on these platforms.
According to ACCC, Australians were set to lose a record amount to scams in 2019, with projections from losses expected to surpass half a billion dollars for the first time.
Advice from the ACCC Deputy Chair Delia Rickard highlights just how convincing scammers are becoming and this goes far beyond just clicking on suspicious-looking emails. “Scammers are professional businesses dedicated to ripping us off. They have call centres with convincing scripts, staff training programs, and corporate performance indicators their ‘employees’ need to meet” stated Ms Rickard.
Some of the most prominent scams currently are investment scams, which unfortunately can hold some of the highest losses. A financial loss was the result of nearly half of all investment scams reported in the past year.
You’ll find these scams are quite common on social media. In this space, people place a lot of trust in what they see and somewhat carelessly either feel comfortable giving away their private information OR don’t fully understand how much information they are giving away. ‘Facebook lottery’ scams, the ‘Loom’ pyramid scheme and cryptocurrency scams are particularly prominent here. Many also use fake celebrity endorsements or fake online trading platforms that are made to look legitimate.
How to avoid being caught up in a scam
Most importantly, don’t panic and react hastily. Question what you see. Whether this is in emails, through digital adverts or on websites. Do a little further research into the company or information that is being presented to you. Any legitimate business will happily answer further questions you have, especially if your private information or online safety is deemed to be at risk.
Always check the email address you have been contacted by. For example, Paypal would not send you an email from an employee email address. On emails with links to click through to enter your private information, double-check where the link takes you. Is this the same website URL provided by the company when you search for them on Google? Many scammers will create lookalike websites, but their URL will never be the same.
Also check the spelling and grammar on emails, adverts and websites. Every legitimate business who require parts of your private information should have immaculate spelling and grammar, as this is vital for authentic businesses who are looking to build trust.
“You never know for certain who you’re dealing with or whether they’re credible,” Ms Rickard said. “If you think you’re speaking to a friend on social media, call them, or find another way to contact them before acting on any advice that might result in you giving away your personal details or money.”
It’s surprising what little information can be used to target people too. Especially in regard to security questions. Be very wary if your being asked questions that are similar to those that financial institutions use as security, such as your mother’s maiden name, first pet names and the first street you lived on. These may seem like peculiar discussions to be having, but in the moment people often see no issue with telling strangers these details.
Scamwatch also suggests that people check ASICs list of companies you should not deal with. Having said this, even if the company is not listed you should still continue researching. If the company or ad is asking for investment ensure you speak with a financial advisor prior to giving over any funds or private information.
The danger of using public wifi hotspots
It’s common to log in to public Wi-Fi spots without a second thought. They’re often free and save us using up our own valuable data. However, many people don’t realise the risks they can potentially pose to cybersafety.
A public Wi-Fi hotspot isn’t required by law to be secure from potential online threats, so it’s best to treat it as unsecured unless the operator of the hotspot states otherwise. You can usually find this information in the security clause of the ‘terms of use’ that you typically have to agree to before you can use a public Wi-Fi hotspot.
We know that terms and conditions are frequently written in a way that confuses the user and doesn’t take into full account the laypersons legal understanding. Sometimes this is on purpose, to get a user to agree to the terms without fully grasping the implications. What you are looking for when it comes to a secure connection on a public wi-fi hotspot is that it:
-is password-protected.
-uses Wi-Fi Protected Access 2 (WPA2) encryption.
- has the 802.1x Standard for authentication, which is regarded currently as industry best practice.
Even so, hacking ‘secure’ Wi-Fi hotspots is quite simple. Therefore hackers can gain access to personal data through the network and every device connected to it.
What are the potential online threats of using public Wi-Fi hotspots?
The potential threats are wide-ranging depending on the hackers’ target. However, they are usually quite malicious and are likely to be accessing your private information. Though it sounds like a cheesy movie plot, your information can be sold on the black market. Sometimes this amounts to nothing, but there is the risk of blackmail, stolen credit card details or banking details. Hackers could also simply install malware or a virus on your device, rendering it unusable.
How to protect yourself
To reduce the chance of being harmed by a potential online threat when using public Wi-Fi hotspots, protect yourself with the following tips:
1- Be aware that there is no way of guaranteeing 100% safety when using public Wi-Fi hotspots, however using hotspots that are password protected are at least safer than non-password protected ones.
2- Identify the Wi-Fi before connecting to and make sure the Wi-Fi you’re connecting to belongs to the place you are in at the time. If possible, double-check this with a staff member that this is the right network.
3- If your device has Firewall installed on it make sure it is on before you connect to the Wi-Fi. Firewalls are helpful things designed to prevent unauthorised digital remote access to your devices.
4- Check the sites you are visiting are secure too. Ensure they have HTTPS addresses, not simply HTTP. Also check the spelling of websites you access, as incorrectly spelled URLs have been known purchased by hackers with duplicate websites made.
5- Be smart about what you’re accessing. While on public Wi-Fi hotspot do not access bank accounts or credit card accounts. It’s also best to avoid in-app purchase as this can be easily hacked as well.
6- Make sure file sharing is off. This should be within your Control Panel or System Preferences.
7- Always remember to disconnect from the hotspot after you’ve finished using it.
By no means do we mean to scare you with the content of this article, but rather make users aware that there are risks involved with being in a digital space so frequently. We hope you enjoy these simple cybersecurity tips and tricks to make your online browsing a far safer experience.