Now it’s personal: 7 tips to improve your personal cyber security

The contents provided on this page are for informational purposes only and do not constitute financial advice. Consider your personal circumstances and objectives before making any financial decisions.

 

Imagine. You’re living your best life. 

You’ve worked hard for years, saved diligently, and kept your head when it comes to financial decisions.

You’ve been crushing it—you’ve had a few ups and downs, of course (it can’t be smooth sailing all the time) but all-in-all, things are going quite well. 

Then one day, as you come home from a productive day, a good day, you get an email with a suspicious link. You don’t think anything of it, you’re a touch tired from a busy day, and want nothing more than to kick your feet up and relax. You open the email while thinking about the snack you’ve got waiting for you in the fridge, and click on the link before you can stop yourself. 

You can imagine what happens next. 

The above isn’t a real situation but it illustrates how one momentary lapse can change everything in a very drastic way—and it’s a reality many Australians end up facing. Cyber attacks succeed because they target what’s human about us, and we simply can’t be vigilant 24/7 365. One day, at some point, one of the countless scam messages will get past our defences. 

All you need to do is check Scamwatch to see just how much is being lost. 

So instead of thinking (even subconsciously) that it wouldn’t happen to you, let’s make it harder for scammers, as close to impossible as possible, to steal your data, your identity, your money, or your online web safety. 

1. Enable multi-factor authentication

Multi-factor authentication (MFA) is a security method that requires two or more proofs of identity before allowing a user access. Each proof, known as a factor, is a combination of something you know, have, or are. These include: 

  • Email 
  • Password
  • PIN
  • Secret Questions
  • Security Card
  • Biometrics 

Each additional factor is another layer of security that a potential cyber attacker needs to break through in order to access your details. 

In a similar vein, two-factor authentication (2FA) is a type of MFA that requires exactly two proofs of identity. For example, a username and password, along with an SMS code. You’ve most likely come across something like this already. 

What to do: Check to see if services you use often, particularly those holding sensitive information (like bank details), are using MFA. Likewise, be careful with services that don’t offer at least 2FA, as they may not be as secure as they could be.

Behind Beforepay: Did you know that we recently added MFA to all Beforepay accounts? Extra security has never looked so good. 

2. Set up biometrics

Biometrics are the use of physiological or behavioural characteristics to verify the identity of an individual. They can include everything from fingerprint and facial recognition to voice detection and signature verification. 

There’s a fair chance you’ve already encountered biometrics in your regular life, whether it’s to access your computer with a thumbprint or unlock your phone with your face. It gives early James Bond. 

What to do: Check to see if websites you use regularly, particularly ones with access to sensitive information, offer biometric authentication (it’s a pretty common MFA option). Consider setting it up as part of the login process, to provide a potent form of additional security. You’re the only one on the planet with that fingerprint, after all. 

3. Use unique passphrases

Passwords are out, passphrases are in.

Just kidding—passwords are still effective, but a passphrase can be even more secure. A passphrase is a series of words (often random nonsense) that is generally easier for a user to remember but harder for a hacker or software to break through. 

What to do: Go forth and update your passwords. If the system allows, change them to passphrases. Create a unique one for every account, each at least 14 characters long, for maximum security. This is no doubt a daunting task, so start with the accounts and services you use most frequently.

Further reading: If you would like to learn more about the differences between passwords and passphrases, Okta has you covered. 

4. Set up automatic updates 

Despite Excel seeming to run the entire world, we interact with countless different software apps every day. Each one can be an avenue to your data. As software companies develop their product, find vulnerabilities, or explore new features, updates are released that strengthen security or patch potential vulnerabilities. 

But it would be a full-time job to keep track of every software’s update schedule; better to automate it instead so you’ll get the updates you need as they’re released.

What to do: Enable automatic updates on all your devices—computers, phones, tablets, ereaders, etc—to ensure you stay secure. You can often customise it to your schedule or habits, to minimise disruption. And for the love of computer security, don’t keep delaying prompts to update—far better (and safer) to just get it out of the way. 

Further reading: Lenovo gives a great breakdown on how to harness automatic updates for best effect. 

5. Don’t use public Wi-Fi

At least not for sensitive things. 

While Wi-Fi security has undoubtedly gotten better over time, connecting to public networks still comes with risks. One of the most prominent is that many public Wi-Fi networks aren’t unencrypted, which basically means your data is easier to intercept or access by those with the right tools and know-how. This can become a problem with more important personal information, such as banking details. 

What to do: The best thing to do would be to stay off public Wi-Fi networks entirely and use your own data, but if that’s not possible make sure to:

  • Visit secure websites, denoted by ‘HTTPS’. The ‘s’ stands for ‘secure’. 
  • Don’t access sensitive data until you’re on a secure network. 
  • Disable file sharing on your devices. 
  • Forget the network once you’re finished using it to prevent your device automatically reconnecting to the network. 

Further reading: Dive into this explainer from Norton on whether public Wi-Fi is safe (spoilers: it’s not). 

6. Keep an eye out for scams

Maybe a bit of an obvious one but it bears repeating—there are more scams out there than ever, enabled further by new technologies that allow scammers to exploit people more efficiently (or should we say, e-phish-iently). 

P.S: Remember that the stereotype of a scam as ‘obvious’ or ‘low-effort’ is a myth. Scams are highly sophisticated and getting more so. 

What to do: Research the current scams that exist and the new scams that develop; knowing what to look for is the first step in identifying a scam when you see it. Scamwatch is a great resource for staying on top of your cyber safety.  

The Beforepay Beat: Wouldn’t you know it, we’ve even written a blog about 10 common scams and how to spot them. You should read it, maybe!

7. Monitor accounts for curious activity 

Whether it’s money that isn’t where it should be, strange transactions, sudden influxes of mail you didn’t sign-up for, an increase in scam/spam messages, or something else entirely, keep an eye out for anything that looks out-of-place. 

If you do spot something suspicious, take action immediately. The sooner you try and resolve it after spotting it, the better. 

What to do: Consider getting into the habit of reviewing your accounts regularly to make sure everything is as it should be. You could set this up as a weekly, fortnightly, or monthly task, where you do a once-over of your bank accounts, superannuation, investments, etc. If nothing seems off, great! But if it is, you’ve caught it before it could grow into a potentially-larger problem. 

You could also use the Have I Been Pwned website to check if your email has been compromised in a data breach. This site gives a simple, high-level overview of your online security, and is a great resource to add to your cyber defences. 

Cyber security can be a lot

Cyber security isn’t the sexiest of topics, and it’s one that’s revisited fairly often (October IS Cyber Security Awareness Month, after all). However, it’s an essential set of skills to know, in an age where vast numbers of people spend significant amounts of time online. 

It can seem overwhelming to consider, but it’s all about taking consistent, progressive action, a little bit at a time. 

But, if one article wasn’t enough for you and you’re ready to continue boosting your personal cyber security, check out this great list from Nord VPN (not sponsored). 


Disclaimer: Beforepay Group Ltd, ABN: 63 633 925 505. Beforepay allows eligible customers to access their pay and provides budgeting tools. Beforepay does not provide financial products, financial advice or credit products. The views provided in this article include factual information and the personal opinions of relevant Beforepay staff and do not constitute financial advice. Beforepay and its related bodies corporate make no representation or warranty, express or implied, as to the accuracy, completeness, timeliness or reliability of the contents of this blog post and do not accept any liability for any loss whatsoever arising from the use of this information. Please read our Terms of Service carefully before deciding whether to use any of our services.