10 Best Practices for Online Safety

I recently attended a meeting at MCCI (Merchant Chamber of Commerce and Industries) where experts like Bharat Sarawgi, Supratim Chakravorty and Sayak Das made excellent presentations on the topic of Online Safety, Cyber Security and CyberCrime.

Vice chairman of the IT committee, Sanjib Sanghi kindly allowed me to share some quick tips on cyber security and online safety of the members. I am sharing these tips here for the MCCI members and you as well.

1. Anti-virus on your phone

eset mobile security

Most of us use smartphones and have 1 or more banking apps on these phones. If our phone ever gets compromised by malware, we stand to lose all our money in the bank. I highly recommend that we use some anti-virus and anti-malware software on our phones to massively reduce the probability of such a compromise.

I use ESET Mobile Security on my phone (under Rs 200 per year on Amazon) to protect myself from such malware attacks.

2. Formatting the hard disk when selling or disposing these off

We generally format our hard disks or factory reset our mobile phones before selling or disposing them off. However, be warned that it is possible to recover the data from a formatted hard disk.

If you want to sell your hard disk or phone, please format it, fill up the device with a large amount of data (say a big PDF file downloaded from the Internet) and then delete this file. If someone does recover the data from the hard disk or the phone, all the person will get is this junk file.

3. Off-site backup

Do not just take a backup on another computer in your office and relax. God forbid, if any mishap like a fire happens, then both the original and the backup data will be destroyed together. Or say you get a ransomware attack. Your prime data as well as the backup will get encrypted and you will lose everything.

You should take the backup on an external hard disk (like a USB drive) and bring this to an offsite location, say your home. This will give you much better protection.

4. Ransomware attacks

online security ransomware 1

While on the topic of ransomware attacks, where a hacker encrypts all your files and asks for some payment in Bitcoins to decrypt these, do not pay the person anything. Not only you will be encouraging a criminal, but there is also a big chance that the person will ask for more money finding you a gullible person.

Just format all your devices, restore a backup (I know you would have lost some recent data) and move on.

5. Voice cloning

Many of us get frequent spam calls for loans, credit cards and the like. While many just say no and disconnect, some adventurous souls keep talking to them, show fake interest and try to fool these callers.

I suggest that you do not do this. Just disconnect the call and block the caller. The caller may try to record your voice and use voice cloning software to try and extort money from your family members sending them a distress message from a so-called you and asking for some money to be paid urgently.

Remember that s/he has your phone number and your name too. Your family members or friends may end up paying these fraudsters in their attempt to help you come out of the situation.

6. Set credit card limits in your bank app

credit card limit 1

Some of us have got very high credit limits on our cards due to our excellent credit scores like CIBIL score. However, we should not keep these limits open all the time. I use the app of the credit card issuing bank to lower the available limit per transaction to a very low figure. This is useful in the case of an unfortunate hack.

When I need to make a big payment, I increase the transaction limit, complete the payment and lower the limit again. You can also turn off other features like ATM cash withdrawal, international transactions etc if you do not need these. It is very easy to re-enable these if you ever require them.

7. Turn off the Aadhaar biometric verification

I have recently heard about a few cases where the thumb impressions of some people were copied from the land records or flat registration records. These were then used to withdraw money from their bank accounts by using the Aadhaar Enabled Payment System (AEPS).

You can install the mAadhaar app and turn off the biometric validation through this app. It is easy to re-enable this if you ever need to verify your biometrics for an authentic purpose.

8. Turn on Two-Factor Authentication (2FA) where possible

gmail 2 step verification

Almost all services like Gmail, Facebook, etc allow you to turn on 2FA for logging in to your account. After entering your password, you need to enter a second code (this could be an OTP or a code from an app like Google Authenticator) to complete the login. This comes in very handy when your password gets compromised.

Entering a 2nd code might sound like harassment but you will be very happy when you are saved from a malicious takeover of your account and leak of your valuable data and emails. Gmail also has a feature whereby you can confirm from your phone when you log in to your account from a new device.

9. Use a strong password for online safety

So many people use passwords like 12345, xyz123, abcde, etc. These are extremely easy to guess for hacking your account. You should always use longer passwords with alphabets, digits, and special characters. Some people recommend using at least 12-character-long passwords.

I tend to use Indian language passwords at many places as people trying to guess your password will generally try English words. Meri1Chaabi2#$, KiHobeJene1-2katha, etc are pretty strong. Of course, do not use these as it is. These are just for inspiration.

10. Do not download remote control software like AnyDesk

These software are used to take over the control of your computer or phone and execute any command from these devices. If you need to use this software for giving or getting remote support, make sure that these are turned off immediately after use and you must monitor all activity while these are in operation.

I have shared some of the best practices for keeping yourself safe in these times of always-online lives. Overall, staying alert and assuming that you can be hacked at any time and being on guard will keep you much safer.

If you liked these tips, please share these with your friends and relatives. Thanks for reading!