Strategies to outsmart cyber criminals

Paul Macpherson delivers some sound advice to help business owners avoid becoming victims of cybercrime.

An international study has put a figure on the cost of cybercrime and it’s enough to make your eyes water: more than $126 billion a year is lost globally and according to the Norton study it’s a growing problem.

Around 680 million people have been victims of cybercrime and we’re all at risk, but there is plenty people can do to protect themselves and their business, using some simple tips to stay secure online.

Xero is one of the country’s largest technology companies and we often see first-hand the expensive after-effects of cybercrime in New Zealand businesses.

It helps to start by understanding how vulnerable we are: hackers can crack a weak password faster than you can make a cup of tea. So, it’s essential to have a strong, long password and to choose a different one for each site you use. It means that if one password is cracked, the damage is limited to that site.

Many people use the same password because they have trouble remembering lots of different ones, but password manager software takes away that issue, helping to manage multiple logins and making it easy for you to stay safe.

When it comes to choosing a password, using personal information is a big no-no. You may be surprised at how many people use their name, pet’s name or birthday – information that hackers can easily find online, especially through social media.

A strong password includes numbers, letters and symbols and is at least ten characters long. With password manager software you can easily create strong, unique passwords and not have to remember them.

Even better is having two-step or multi-factor authentication, which is like having a second lock for your front door. It means you need to present at least two separate items to gain access. These could include a password, followed by a unique code that is generated by an app on your smart device or sent to you by text (SMS).  

The people who are after your money are constantly finding new ways to attack, so it is crucial that you keep abreast of updates. Up-to-date operating systems and apps are your first line of defence against many bugs and viruses and keeping them updated is easy. Just make sure that when an update for an app or your OS pops up on any of your devices you install it straight away. You can even set your system preferences to install them automatically so you don’t have to think about it.

In a world where people are used to sharing personal information online, via social media, it has become easier for hackers to steal your identity and get into your online accounts.

Make sure your privacy settings only allow your friends and family to see your details. And if websites ask you to set account recovery questions in case you forget your password, make sure you don’t choose an answer that can be found online, for example the school you attended.

As Head of Security for Xero I come across many different forms of online crimes. But there are some common methods used by cyber criminals to defraud their victims.

Watch out for anyone who says you’re entitled to money, like an inheritance or lottery win, but asks for a payment in advance. You’ll never see a cent; instead forward the email to [email protected] or report it to Netsafe.

If you ever receive money into your bank account from someone you’ve never met and they ask you to send it to them in another country using Western Union, Moneygram, or other money transfer service, it’s very likely you’re laundering the proceeds of a crime. Chances are the money was stolen from another person’s bank account and you’re being a “money mule” to send the money to the criminal that stole it.

Finally, beware of cold calls. Whether it’s from someone claiming to be the “Microsoft help desk” telling you about a problem with your computer or someone with an investment opportunity too good to miss. Just hang up.

For more information about protecting yourself online visit the CERT NZ site.

Paul Macpherson is Xero’s Head of Security.