How to avoid a cyber hack

    1 January 2021

    While most of us can’t wait to see the back of 2020, it’s been a good year for some. Food delivery companies, streaming services and PPE suppliers are all doing a roaring trade. It’s also been a fruitful year for cyber criminals with reports of online fraud up some 30 per cent according to Action Fraud.

    With COVID-19 increasing our reliance on digital services, including consumers with previously limited online experience, staying safe online has never been more important. Here are six simple things you can do to protect yourself and stop your money ending up in a criminal’s wallet.

    Use complex and unique passwords

    When it comes to cyber security getting the basics right matters, and this starts with creating strong passwords for each online account you have. While most online accounts enforce an eight-character minimum password this may not be sufficient. Jason Johnson, cyber security expert at Predatech cautions that, “many passwords can be cracked in just seconds. My top tip is to create a passphrase with multiple unrelated but memorable words that also includes upper case, numeric and special characters.’s Password Strength Tool can also be used to better understand how strong a password really is by estimating how long it would take to be cracked.”

    You should also enable two-factor authentication (2FA) wherever there is an option to do so. This typically involves sending a text to your phone when you attempt to login and therefore makes it a lot harder for criminals to access your account.

    Use a free password manager

    It can be tempting to reuse passwords across multiple accounts, or even to write them down, particularly if they’re complex — but this should be avoided. My own email and password were leaked in 2016 when a website I used to buy gym passes while travelling for work suffered a data breach. This breached data remains accessible to cyber criminals to this very day. Had I used the same password for other accounts, I’d have made it easy for cyber criminials to gain access to them.

    An in-built password manager like Keychain (Apple devices) or Credential Manager (Microsoft devices) will help you to manage your complex and unique passwords as it will remember them for you.

    Stay alert when clicking links

    Earlier this year the National Cyber Security Centre (NCSC) launched its Suspicious Email Reporting Service, and within two months, it had received one million reports. And while many phishing attempts are basic in nature, increasingly sophisticated and well researched ‘spear phishing’ attacks are growing in popularity.

    Spear phishing is a targeted attack that’s often tricky to detect. Imagine receiving a well-designed email purporting to be from your favourite fashion store with a link to a discount code – why wouldn’t you click on it? But doing so may infect your computer with malware or ransomware. It’s also best to be cautious when downloading anything from the internet. If you don’t trust the source, don’t click on the link.

    Don’t share too much online

    Think carefully about how much information you share online. If you’ve used your Twitter account to tweet your bank or even to share a picture of yourself trying on an outfit at your favourite fashion store, you’ve shared the kind of information that could prove valuable for a spear phishing campaign. It’s also a good idea to shred sensitive documents before putting them into the rubbish and close any unused online accounts.

    Update software and operating systems

    You should regularly check your applications and operating system for updates, both on your phone and computer. This will help to ensure that you’re not running old software with known vulnerabilities. Make sure you’ve also installed antivirus software. The free version offered by FTSE 100 company Avast is a good option.

    Use a VPN

    A virtual private network (VPN) sounds complex but it’s really quite simple to install. Doing so will help protect your privacy when surfing online. VPNs are especially useful if you use public Wi-Fi as this can often be easily intercepted.

    We all expect the businesses we deal with to have adequate security measures in place to protect our data, but we also have to play our part. The above steps may appear basic, but following them will make you a less attractive target.

    Michael Fotis is an entrepreneur and financial commentator