How to improve productivity for you and your team while working from home
February 17, 2022
Cyber Crime is big business…
May 22, 2023
With all of the cyber attacks you hear about, what should you do if you are worried your information has been compromised?
Organisations capture information on us for many reasons. To validate our identity, to contact us, to better service us, or for governance reasons. Some of this information can be valuable to criminals, as they can use it for many purposes.
What does a cyber attack, data breach or leak mean?
It can mean many different things. It can be that someone has accessed a database with your details on it, it can mean that copies have been taken, or that the back end of a website was available to a hacker and they could see all of the information stored in systems behind it.
If you have ever dealt with the organisation that has been on the news or has contacted you to let you know that there has been a breach, then you can take some of the below actions to best protect yourself.
Firstly, consider what information that business may have on you, do you have a login there? Do they have your address, phone number, email, bank account numbers, credit card number, passport or scans of your ID, medical history, previous services you’ve purchased or invoice details, or even what kind of car you drive?
Depending on what information they have, what value is this to an attacker? You don’t always have to wait to find out if you were affected, some actions you can take right away.
For example:
If you had a login, and you used that username/password elsewhere, change it there and elsewhere. Always try and have a different password for each site.
If they had your credit card details, hopefully it was encrypted, but keep an eye out for transactions on it, but you don’t need to cancel it unless the company confirms that this was definitely stolen.
If they had your passport, drivers licence, Medicare cards etc, and they confirm that these have been lost, you can get them reissued. These are important documents with ID numbers on them used to identify you with banks and many other establishments.
Now let’s say they have your personal information, like where you live, your full name, date of birth, phone number, moving house and changing your name and number is probably overkill.
If they can see previous bills, services/subscriptions etc, this can be dangerous too.
2 key things to watch out for:
- Targeted scams and spam calls to you.
- Using your identity information to pretend to be you, to access your accounts etc.
Most of this you can’t do much about, other than be aware and vigilant.
Let’s say I buy your data from the hacker, this means I can call you, suggesting I am calling from your local council, I will tell you that you have a payment due on your house that is overdue and you will get a fine. To show that I mean business, I confirm your house address and date of birth with you to show I know who you are, and I may have a bunch more information on you. I could similarly follow this up with an email with an invoice or link to pay. Easy money for me.
Another example, if I have received your billing information, I now know your name, address, email address and how much your bills usually are. I will email you a fake invoice pretending to be that service provider and get you to pay your power bill instead to my new ‘NEW BANK DETAILS’.
Perhaps the personal data I purchase from the hacker tells me where you work, your current bank details, your name, address and email address. If your employer is large enough, I could call them to verify all of your details over the phone and ask them to update your bank details to new ones for your weekly pay. It would take a little while for this to be found out in some organisations.
If I have enough information, I could use this information in some cases, to apply for a credit card, or a loan.
Unfortunately there isn’t alot you can do if this information is leaked, other than everyone being extra careful to validate people are who they say they are before doing anything that could impact someone financially.
If you yourself are a victim of this kind of attack you must tell your clients/contacts and anyone affected, so they can protect themselves.
What can you do to protect yourself?
- Never use same password in different places.
- Back up your data to a USB stick or a cloud location so if your computer is locked, you can just get it recovered and restore your data.
- Think about what you’d lose if your computer didn’t turn on tomorrow, copy that to a USB drive or cloud backup service regularly.
- Change passwords regularly.
- If you do hold personal information, or old passwords/login details and no longer need them, delete them. They may be of no value to you, but may be of value to someone else
Don’t forget this great tool for finding out if your account has been on a register of those that have been hacked/hijacked. Check your email or phone number here:
We help businesses to identify what personal information they keep, and find ways to best protect this, or remove it, so that we reduce the risks to everyone.
Share this post and follow us for more tips. If you find this handy or have any questions, post it on here so we know to write more of this kind of content.
