April 26, 2017

Don’t be Phishing Bait! Understanding Cyber Security and Payment Fraud

Typically, purchasing insurance coverage focuses on protecting personal material possessions like your vehicle and home. But now that we take steps forward in digitizing our lives like buying that thermostat that connects to your phone and doing Christmas shopping online, a new set of invisible vulnerabilities has taken form. Data security is becoming a top issue as hackers have carved out their place among the digital revolution. They gain access to sensitive, confidential information and release it in to an untrusted environment. Now, in a world of fake news and alternative facts, any information stored on a digital network is vulnerable to a breach.

The biggest known data breach in history and the most widely publicized incident so far has been the theft of more than one billion Yahoo email accounts in 2013, and then again in 2014 with the theft of 500 million. The data include names, email addresses, telephone numbers, dates of birth and password hashes. On top of hacking email accounts, phishing emails have gained in popularity over the past year as another way to fool internet users in to giving away personal information. Phishing emails are designed to fool you in to thinking they are coming from a legitimate source, like your bank or the government. But the real intent is to gather your personal information or get you to download malicious software.

Many don’t realize the impact of a personal data breach, or that their personal, confidential information has even been breached since they are one-step removed, in that they simply plug sensitive information in to an online portal or app and leave thinking the information somehow disappears… But, unless you take measures to secure your data, you can be left vulnerable. Just as you take measures to protect your physical belongings and currency at home, you should take precautions to do the same in the digital world.

In order to keep you safe, simple practices can be adopted:

1. Watch what personal information you share.

Make sure any personal or financial information you share is only with secure sites. What is a secure site? When you look at the URL of the site you’re on, make sure it begins with https:// instead of http:// , where https:// is a secured encrypted connection. In https:// ‘s’ stands for secured using SSH. Always check for a secured lock symbol in front of https:// which means it’s a secured connection. For example check out https://www.paypal.com.

  • Beware of requests for credit card information. Never give card information unless you can validate that the request is legitimate.
  • Don’t give out your personal identity credentials or any financial information such as account information, usernames, passwords, PINs, security token and token password.
  • Do create a password with a combination of capitals, numbers and special characters like $*!

2. In the last year, phishing attacks have grown from 19.9 million to 37.3 million, and increase of 87%

  • Regularly update your anti-virus and anti-malware software.
  • Don’t click on links or download information from emails or the internet unless you know the source to be legitimate.

3. When making transactions online,

  • Know your sellers. Make sure the company or person you’re buying from has a good reputation.
  • Pay by credit card – surprise surprise, the safest way to complete a transaction is by credit card.
  • Keep track of your transactions.
  • Don’t opt to save your credit card information between purchases.