Online fraud and identity theft is a growing problem. We are all at risk - but we can also all protect ourselves against the most common scams by following some simple rules.
Here are the top three ways to protect yourself online:
1. Practice good password habits
We should all know this one: Don’t use the same password on more than one site, don’t use passwords that are easy to crack -- which includes any word from a dictionary - and don’t tell your password to anyone, ever.
That means you’ll have a lot of passwords that are difficult to remember, so invest in password management software like LastPass, Password Genie, Dashlane, KeePass, Norton Identity Manager, 1Password or another well-reviewed product.
2. Understand that email is not safe
The easiest way to get your personal details is to trick you into giving them away yourself. Scammers do this by using our trust in familiar names against us.
We’ve all had the experience of getting an email that seems to be from our bank, or a friend, but turns out to be a scam. The truth is, it’s incredibly easy to copy a logo, fake an email address and pretend to be someone else.
There are two main kinds of email to suspect. The first is anything that looks like free money: SARS is giving you a tax refund, a relative you never knew about has left you an inheritance or your bank is about to refund your fees.
Unless you’re specifically expecting an email like this - for example, if the lawyer has already contacted you by phone about the inheritance - it’s almost certainly a scam. If there are spelling and grammar errors in the email, take that as extra evidence.
If you get an email like this, don’t respond. If you think there’s any chance a legitimate company is trying to get hold of you this way, rather look up their phone number on your own - don’t use whatever is in the email - and call them to check. Otherwise, just delete it and forget about it.
The second kind of suspect email is the one that plays on your fear: For example, your account has been compromised and you must update your details immediately or face dire consequences. This one is easy to spot if it’s from a bank you don’t use, but the trap is all too easy to fall into if the email looks exactly as if it comes from your bank.
The basic rule is simple: NEVER access your bank via a link, whether it’s in an email or on a web page. If you do, NEVER enter any account or password details into any web page you get taken to. If you’re genuinely worried, call the bank or provider directly; and if you want to log in to your account, type the address directly into the address bar in your browse.
Always check that you can see the “https” and lock symbol which mean that your browser is using an encrypted connection to the site you have entered. You should also be able to right click and view the security certification.
3. Don’t call me, I’ll call you
Anybody who calls you claiming to be from your bank, from Microsoft or from another big name, and who asks for personal information, should be treated with extreme suspicion.
If it’s just your bank’s fraud division calling to check that you really did mean to make that unusual purchase, they won’t ask you for any personal details other than to confirm that one specific purchase.
Never, under any circumstances, give your ID number, address or bank account details to someone who has called you. And never, ever do anything on your computer that a stranger asks you to. If you genuinely want to do business with these people, put the phone down, look their number up on your own and call back.
If you think there’s a legitimate reason for the caller to ask for your details, there is still a way to protect yourself: Ask the caller to give you the first six digits of your ID number, or your house number, and you will tell them the rest.
If they are who they say they are, they should be able to view this information. This process should be followed in all cases, even if you think the call is legitimate.
Following these three good information hygiene habits, will ensure that you won’t be an easy target. Always err on the side of caution: If it sounds too good to be true, it probably is.