Q&A: Beforepay CTO Rajini Carpenter on keeping information safe online
The contents provided on this page are for informational purposes only and do not constitute financial advice. Consider your personal circumstances and objectives before making any financial decisions.
For most of us, our daily lives revolve around using the internet and technology. In fact, you might even be trying to cut down on your screen time!
Whether you’re scrolling through social media or managing your finances, your digital presence is constant, which means a lot of your information is available online. So how can you protect your information online? And what are some tips for keeping your money safe and secure?
To help you feel confident about protecting your information and finances online, we sat down with Beforepay’s Chief Technology Officer, Rajini Carpenter, to break down what cybersecurity is and tips for keeping our information safe!
1. What is cybersecurity and why should I care about it?
After COVID-19, ransomware attacks went up by almost 500%, with the Australian Cyber Security Centre reporting 76,000 cybercrime cases in their 2021-2022 Annual Cyber Threat Report.
Rajini says we can think of cybersecurity like the defence system for our digital lives.
“In essence, the digital realm has become an extension of our personal, professional, and social spaces. Just as we lock our doors, avoid shady areas at night, or don't share personal details with strangers, similar precautions in the digital domain are necessary for our safety and well-being.”
2. How do I know if something is a scam?
A scam is a type of fraud that usually involves stealing money or personal info from people. Scammers take advantage of new technology, services and major events to create believable stories to trick you.
In 2022 Australians reported over 62,000 phishing scams!
It’s important to be able to detect scams to avoid identity theft or having your credit card run dry.
Rajini says your gut instinct should offer a good gauge for whether or not something is a scam.
“If you ever have a suspicion or feel uneasy about a situation. Don’t be pressured into making quick decisions, and always prioritise your personal and financial safety.”
Rajini adds below are some typical signs that something could be a scam:
- Too good to be true: Examples could be a prize from a lottery you’ve never entered or an unusually high return.
- Urgency and pressure: Scammers often create a sense of urgency, pushing you to make decisions quickly.
- Unsolicited Contact: Be cautious if you receive unexpected calls, emails, text or social media messages, especially if you don’t recognise the sender or number.
3. What are some common types of scams I should be aware of?
Most scams usually come as suspicious messages or emails from an unknown number.
“Cyber scams leverage technology and the internet to deceive individuals into providing sensitive data, transferring money, or installing malicious software,” says Rajini.
An example of this was when cyber criminals were posing as the Australian Post claiming that packages are being withheld until customer’s schedule a delivery time for which they must pay a small fee for.
Rajini says these are the most common types of cyber scams you can keep an eye out for:
Phishing: Emails or messages pretending to be from companies to get individuals to reveal personal information, like passwords or credit card numbers. They often contain links to fake websites that mimic real ones.
Spear Phishing: A more targeted form of phishing where the scammer has specific knowledge about the victim.
Vishing (Voice Phishing): Scammers use phone calls to trick individuals into providing personal information, often pretending to be from banks or official agencies.
SMiShing (SMS Phishing): Using text messages, scammers will ask users to click on a link or call a number to extract sensitive data.
Ransomware: Malware that locks users out of their devices or encrypts their data, demanding payment (ransom) to regain access.
Account takeover or identity theft: Using stolen credentials, cybercriminals access individuals' accounts (like email, banking, or social media) to steal funds or personal information.
4. How can I keep my information safe when I’m shopping online?
Ah, online shopping – the modern retail therapy we all adore. No more waiting in lines, just quick clicks, and your purchases arrive at your door.
But whether you're procrastinating or reinventing your style, there are things to consider before you click ‘Buy Now’ and enter your card details.
Here’s what Rajini suggests:
- There are a lot of fake links on social media. It is always advisable to stick to well-known retailers, shop from trusted websites.
- For unfamiliar retailers, research their legitimacy by checking if the business has their ABN/ACN. Make sure you check their website isn’t blacklisted by authorities.
- Always use a strong password and enable Two-Factor authentication.
“One other trick I always have under my hat is to use a virtual credit card. Always check your bank statement regularly.”
5. What are the risks of contactless payments?
Did you know that contactless card payments have become a staple for Aussies, making up 95% of in-person card transactions in 2022 (RBA 2023)?
Here are some tips from Rajini to help you stay safe with your shopping:
- Keep your cards protected.
“Scammers use NFC-enabled devices to skim payments in crowded places. This technique is called skimming. Protect your cards by using a RFID wallet which can block skimming.” - Use secure payment methods on mobile.
“Always have other ways of authorising payments with biometrics. Enable FaceID, fingerprint, pin before you process your payment.” - Record keeping.
“Contactless payments don’t always provide the same level of transaction detail, always check your transaction history for unauthorised payments.”
6. How can I ensure my financial documents are stored safely and securely?
Financial documents such as utility bills have a lot of your personal details on them which you don’t want to accidentally misplace or have them end up in the wrong hands. Life can get busy and it helps you save time and avoid stress knowing exactly where your information is.
Rajini has suggested some ideas to help you get started:
- If you are storing them on cloud storage like google drive or dropbox make sure you are using strong passwords and two-factor authentication.
- Be mindful when you share documents with an accountant, lawyers, or bank.
“Always use a secure way to transfer files. If you are sending them via email, turn on confidential to flag to the recipient.” - Dispose of documents that are no longer required regularly.
7. What precautions should I consider when transferring money overseas?
When sending money overseas, a million thoughts might race through your mind - hidden fees, exchange rates, and paperwork.
To simplify and secure the process, Rajini offers these reminders when transferring money internationally:
- Always use trusted money transfer providers.
- “Measure twice and cut once” Always double check the account number, recipient names, identification methods before you process the transaction.
- Know your recipient personally as there are a lot of phishing attempts pretending to be your family member, bank or trusted person.
Want more info about sending money overseas read here.
8. Are biometrics safer than passwords?
Biometrics are different from traditional passwords as they use unique characteristics such as fingerprints or face ID to confirm someone’s identity.
While they provide greater convenience and are hard to forget Rajini says that they’re not exactly the most secure.
“Although biometrics provide greater convenience, are hard to forget, and are also difficult to share easily, they are not immune to attacks. Once your biometric data is compromised it cannot be recovered.”
Rajini also suggested considering these things the next time you think about securing your devices:
- Face ID and fingerprint may have accuracy and reliability issues, especially if someone with a similar facial structure tries to access your device.
- Passwords, when strong and used securely, are difficult to crack with brute force attacks and can be changed if compromised.
9. Why do I need different passwords for my accounts?
Passwords are one of the most common security measures for keeping our information safe. Think of your online accounts as various doors, each leading to a different part of your digital life.
Rajini emphasises that having different passwords protects you from minimising the impact of the attack.
“If one account gets hacked the others are still protected.”
This is important because it prevents hackers from accessing all your information in one swoop. In other words, once one account has been breached you can take steps to make sure your other accounts are still protected.
9. What are some tips on setting up a secure password?
Having a long password can be difficult to remember, especially when you have many of them for different accounts. But this is important to make sure your data is not easily accessible to someone else. In fact did you know that 90% of passwords can be cracked in less than six hours (entrust It).
Rajini’s tip for a strong password?
“I tend to use a long sentence with a mix of numbers and characters. The longer & complex the password, the harder it gets for brute force attacks.”
She also shared these easy tips to remember when creating your password.
- Minimum 8 characters long
- At least 1 uppercase, lowercase, number and special characters
- Does not contain the same character or numbers in a sequence
- Do not use first name, last name of family members, friends or date of birth
- You could use a password manager tool to generate a random password
As our lives become more digitally focused, protecting your online information is more important than ever! Getting into the habit of taking steps to protect your data can be challenging at first. Thanks to Rajini’s advice she has broken it down to everyday tips to keep in mind when browsing the internet.
To learn more about staying safe from scams, explore our A-Z cybersecurity terms blog.
Disclaimer: Beforepay Group Ltd ABN: 63 633 925 505 (Beforepay) allows eligible customers to access their pay and/or access their tax refund, and also provides budgeting tools. The views provided in this article include factual information and the personal opinions of relevant Beforepay staff. This article contains selected summary information only and is provided for general information purposes only. Beforepay and its related bodies corporate make no representation or warranty, express or implied, as to the accuracy, completeness, timeliness or reliability of the contents of this blog post and do not accept any liability for any loss whatsoever arising from the use of this information. Please read our Terms of Service carefully before deciding whether to use any of our services.