Staying Safe Online

Published: Wednesday 24 May 2017

Staying Safe Online

With the increase in cyber attacks and email hacking this article about a small business owner who had her bank account and credit cards cleaned, I thought it is useful to provide some do's and don'ts to help keep you and your business safe online. This particular example of cyber fraud is certainly nothing new, but I disagree with the business owner's assumption that she was 'bugged'. I have huge sympathy for what this women has gone through, however the most likely way the customer was hacked was via email, the same way that the email hacks have been done against the Democratic party in the US elections. As soon as someone knows the password to your email account they can start pretending to be you online. 'This means they can lock you out of your email account and start to reset passwords to your online accounts. If you store copies of your passport or drivers license or your credit card in your email or send someone an email with these details you are at risk.

Never use the same password twice

Whilst most people will use the same password for every online account they create, this is extremely bad. Different websites have different security settings and if the small website you signed up with is hacked and you've used the same password as your Facebook or email then someone can guess or hack other accounts and pretend to be you.

Make your password, long, include letters, numbers and special characters

Ideally your password should use a combination of letters, numbers and special characters, and maybe even some upper case letters for good measure.

Protect your Facebook and Twitter accounts

Facebook, Twitter and many other social media accounts are used by other websites to sign in with. Even we use Facebook for both your dashboard to manage your website and for your Flower Store In a Box websites. That means if someone can access your Facebook account, they can potentially login to all number of websites.

Change your passwords every now and then

Most people will find this one tough, but every few months it's a really great idea to change your password. You don't have to do it on every account, but for your major accounts such as email, banking, iTunes, you really should remember to change the password every now and then.

Never click a link in an email to a page asking for your account details

Under no circumstance should you EVER click a link in an email that asks you to reset or enter your username or password for an account. Emails and website login pages are easy to fake and can look virtually the same as the real thing. If in doubt go to a web browser and type the full address of the website and check your account. This was the way that the email accounts for the Democratic Party Officials in the USA were hacked. It's not a particularly sophisticated hacking method but it's highly effective. In the case of the small business owner it's most likely that this was the method of hacking used.

Be careful when using free WIFI

Be careful when using 'free' WIFI at places that you do not know, this is probably more for people on holidays or at large public events. As soon as you connect to free Wi-Fi anything you do on your phone such as browse websites or check email can be potentially hacked. There are also some reports of free WIFI redirecting user's to 'spoofed' websites for Gmail or banks and stealing username and passwords in that way. It's a far more sophisticated hacking attempt and then best way to protect yourself if you do use free WIFI is to limit your online use whilst online and only use full secure https websites.

Make sure your account locks itself after 3 failed password attempts

Do you know what happens if you make three or more failed attempts at your email account? It should lock you out, either for a short amount of time for an hour or more.  Email accounts hosted with Flower Store In a Box will lock the account of more than three unsuccessful attempts are made on your email account

Never share your email password

It sounds silly, but please don't share your username and login with other people to your email account, it's just asking for trouble.

If your email stops working get it checked

If your email suddenly stops working you should do something to check out what the issue is, whether a setting has changed or someone has maliciously hacked into your email account. The sooner you do something about it the more likely you are to solve the problem!

Do not ignore suspicious activity on your email

If you do start to get suspicious emails saying your account has been reset, do NOT click on the email instead go to the website and verify your account settings are all still ok.

Never send someone a copy via email of your credit card or personal documents such as passport

Email is inherently insecure and can be intercepted, hacked or forwarded on. You should NEVER send your copies of your credit card, passport or other details. And if someone does they should immediately deleted from both the device AND the server.

Make sure your computer / iphone / ipad etc software is up to date and always lock it

With the number of holes found in software these days it's always advisable to update your device and computers software whenever a new update is released. When they say they have found a new security vulnerability and are patching it, that means just that! Oh and always have a lock and password on your phone and computer, these days your smart phone gives more access than ever before.

Don't enter your credit card on website unless it's secure and think about using PayPal for sites you don't know

This is a funny one coming from a company that sells ecommerce solutions, but always be suspicious of websites you do not know. Over the years as we have sold hundreds of new ecommerce websites to customers and migrated then from their old sites I have been horrified at some of the practices. Many websites would email the credit card number to the store where they would manually enter the number. I heard of a major e-tailer in Australia that used to store, in plain text the customer's credit card details. This was only found when they were hacked and lost 5000 card numbers. I have a personal strategy I always use, if I know the business and I can see an icon for a reputable credit card merchant I will use my credit card and their site (assuming their website has a security certificate). If they don't have one of the above I will use PayPal, if they don't have PayPal and I am not confident in their security I will not order from them, simple as that.

What to do if you have been hacked or think you may have been hacked

First of all it depends on whether you think your account details have been compromised or your computer. If it's your computer, unplug it from the Internet and seek professional advice. If it's your email or other accounts, start by contacting the email provider (if it's us call us on 1300 730 560) and we can verify your identity and then reset your password. If we think your computer has been hacked we will reset the password but decline a new one until are certain the issue has been resolved. You should then contact your bank if you use online banking, your mobile phone provider and your social media accounts and reset and change your passwords. You should then check bank account for unknown or suspicious activity and contact your bank immediately.

Don't forget to secure your mobile phone number

One big thing that most people forget is to make sure that no one has hijacked their mobile phone number by pretending to be them to their service provider. These days mobile text messages are a common way for banks and other organizations to confirm payments and transfers.

Conclusion

Whilst there is no 100% guarantee that you will be safe online, if you follow the majority of these dos and don't online you will decrease your chances of having an issue!

Related Articles in Business

Email Deliverability - Ensuring Your Emails Get Through

Email Deliverability - Ensuring Your Emails Get Through

There are a few reasons for this, but don't worry, we have some solutions to help improve the situation and improve the email deliverability

Read more
Getting Started with Account Customers and Invoicing in Flower Store In a Box

Getting Started with Account Customers and Invoicing in Flower Store In a Box

With Flower Store In a Box, you have the ability to create invoices for your customers and efficiently manage them.

Read more
Flower Store In A Box ™ - Copyright © 2024. All Rights Reserved