If you live and breathe the Internet every day, you need to know how to go safe online. What web threats are we up against, and what can be done about them? Here are some cybersecurity tips to keep in mind while you connect with your friends online and when you shop online.
A. When keeping in touch with friends
One of the more popular uses of the Internet is for communication. There are many websites and apps that help you keep in touch with your family and friends. The most common ones used are social networking sites, emails and instant messaging apps.
1. Social networks:
Social networking sites are the most popular platform for staying in touch with friends and family. According to a 2016 report, there were 3.9 million active social media users in Singapore. By definition, social networking sites require you to provide personal details. However, as much as these sites help you stay in touch with the people in your social circle, you should be careful about the information you divulge. The wealth of personal information you provide on a social networking site could be more than enough for a cybercriminal to steal your online identity.
Here are some tips to stay safe while using social networking sites:
- Adjust your privacy settings. Every social networking site should have preferences that you can set to determine who will be able to see the personal information that you have provided to the site. Use these preferences to limit the visibility of your personal information to only people you know and trust.
- Limit the information you provide. It is not always necessary to provide every personal detail about yourself to enjoy the full benefits of a social networking site. Therefore, do not divulge more personal information than is necessary and limit the amount of personal information that is available online.
- Think carefully before you post. Be cautious about sharing provocative photos or intimate details online, even with people you know or even in a private message. The information or conversation could be copied and made public by anyone you share it with, and it’s tough to get removed. Remember: everything posted online is there forever, even after it's been deleted. There could always be a copy somewhere you don’t know about.
- Be skeptical. Be wary of people whom you do not know asking for access to your online social circle or access to your personal information. Do not assume that the person you are communicating with is who they claim to be until you can independently confirm their real identity.
Be aware that some people act nice simply because they are trying to get something. Flattering or supportive messages may be more about manipulation than friendship or romance. According to figures from the Ministry of Home Affairs (MHA), there were 298 cases in the first half of 2016 in which victims were cheated of money while looking for love or friendship online, almost double the 150 cases in the same period in 2015. To avoid falling prey to related scams, be careful when befriending strangers online. Learn how to spot the warning signs of a fake profile, such as fake photographs sourced from the Internet.
While emails have been a great boon to helping communication across vast distances, it is also widely used by hackers and spammers as a means for cybercrime. Here are some tips to stay safe while using emails:
- Watch out for scams. If it sounds too good to be true, it probably is. From time to time, you could receive emails touting get-rich-quick schemes (one telltale sign that these are scams is the condition that you have to provide a lot of seed money before being able to receive some larger amount in return) or products that supposedly offer you amazing results.
- Use several email addresses. It’s a good idea to have more than one email address, each with a different password. That way you can use one email address for shopping online, another for communicating with your friends, one for your classmates and school matters, and so on.
By having different email addresses for different groups you interact with, it will be easier to spot suspicious emails that are sent to email accounts not created for that purpose. For example, an email from an online shop that is sent to the email address that you use for communicating with your friends could easily be spotted and dealt with accordingly.
- Use spam filters. Spam filters help filter unsolicited emails that could contain malware, promote scams or have other unwanted content. There are many spam filters available in the market and it is a good idea to use one. Even the ones that are free provide a fair level of protection.
- Be skeptical. Do not click on links or open attachments in emails without first inspecting the emails. It could lead you to a phishing website or install malware on your devices. Even if an email appears to be from someone you know, it is advisable to look through the contents of the email for signs that the email might not be genuine. Some examples of content that should raise suspicions are: non-coherent content in the email, an email sent in a language that you know the sender would be unfamiliar with, and an email threatening legal action against you for something that has no bearing on you. If you are on a desktop or laptop, you can also 'hover' your mouse cursor over the link to check where the link will actually lead you to.
3. Instant messaging
Instant messaging is a type of real-time communication done over the Internet using personal computers or other IT devices. Originally, instant messaging programs only supported text message type communication. However, it has since expanded to support other types of media such as voice and video.
Here are some tips to stay safe while using instant messaging:
- Think before you click on links and download programs (including apps). Similar to how you would handle emails, be careful about clicking on links, download or running apps that others send to you via instant messaging.
- Be mindful of unsecured communication. Do not assume that the contents (e.g. text messages, photos, videos) sent to another party via instant messaging are adequately protected from eavesdropping. Do not send anything you consider private or confidential (such as passwords) over instant messaging, without first encrypting it.
- Protect your offline privacy. There have been cases where cyber criminals have made use of instant messaging programs to spy on their victims through their own webcams. Be mindful of any devices connected to your computer or smartphone that could compromise your offline privacy and deal with them accordingly. For example, cover the lens of your webcam when you are not using it to prevent others from spying on you if they manage to activate it remotely.
B. When shopping online
The Internet provides a world of convenience by making countless goods from all over the world available to anyone with an Internet connection. From buying the latest gadgets and clothing, to ordering food delivery and making travel bookings, you can now obtain them with a simple click and have them delivered to your doorstep quickly and easily.
Shopping online however, is not without risk. According to police statistics, a total of 1,145 cases of cybercrime involving e-commerce were reported from January to June 2016. This represents an increase of 13.4% compared to the same period last year. Approximately 7 out of 10 reports were made by victims who had used online community marketplaces such as Carousell, Gumtree and Facebook for their online transactions.
Nevertheless, with a little awareness, one can enjoy all the Internet has to offer in a safe and secure manner. Here are some pointers to note when shopping or banking online:
- To protect yourself against fraud, watch out for online purchase scams. For example, be wary of deals that simply sound too good to be true (such as sites that claim that their products are 90% cheaper than those sold elsewhere, or are safe to use and guarantee immediate weight loss of 20 kilos a day). Apart from the fact that the products may not be genuine or even safe to use, there’s also the risk that the site itself may be fraudulent (possibly set up to collect financial account information from would-be buyers, or infect their computers with malware).
- When you visit an online shopping site or perform an online transaction at your bank’s website, check to make sure that the web address begins with “https” (e.g. “https://www.dbs.com.sg”). “https” means that the information that you are providing to the website is protected when it is on route from your computer to your online merchant’s or bank’s website. Another way to check that your information is protected is to look for the locked padlock icon at the top or bottom right of your web browser’s window.
- Do not click on links you receive in emails to get to your merchant’s or bank’s website. It is always best to reach their website by typing in the web address into your web browser yourself.
- Be wary if you receive emails from your online merchant or bank asking for your password or other personal and financial information. Should you have any doubts about the authenticity of the email, call your bank or online merchant to double check that the message is genuine.