Home insurance

Is your home cyber-secure?

Updated 13 August 2024

by Co-op team

Data breaches, password scams and emails from suspect sources. All of these are on the rise.

As the time we spend working from home has increased, so too has the number of cyberattacks, with scammers targeting workers using unfamiliar or unstable technology.

If you’ve ever had a call from your bank identifying unusual activity on your account, you will also be aware that our personal and financial information needs to be well protected.

Scarlet Jeffers is Vice President of Experience at Clario, a technology company specialising in personal digital security. Here she explains how train yourself to be tech-secure.

Passwords

I’m worried about my passwords all being the same. Do I need to mix them up?

To keep your personal data safe online, I would recommend using different passwords for each service and website. If you want to keep track of them, my best advice would be to use a password manager and regularly check your accounts for leaks with data breach monitoring tools. That way your passwords will be kept safe but at your fingertips if you ever need to reference them.

If a long and complicated password is suggested by a website and it’s automatically generated, how do I remember it in future?

Firstly, I would recommend you always use a password that is memorable. However, the more obscure the better. If you need to write your password down, never do it on your phone. Always write it down somewhere that would be meaningless if it fell into the wrong hands.

A good password tip is to think of something significant that has happened to you. Then create the password using letters that reference the event. An example could be ‘I graduated in Physics from The University of Aberdeen in 2011’, making IGPTUOA11 the password. This way, it only makes sense to you and should be easy to remember.

How do people hack into the things you browse and discover your password?

There are different ways hackers can discover your password, including data leaks. This occurs when your password becomes publicly available because of a slip-up in security processes or operations by a company that owns your data.

Another common way is phishing. Notably, cybersecurity experts calculated a 6,000% increase in Covid-related phishing attacks during lockdown. Phishing is when hackers attempt to trick consumers into supplying their credentials to what they believe is a genuine request from a legitimate site or company.

For example, scammers may pretend to be from your bank by adopting the exact same look and feel of the emails you usually receive. Then, after registering fake accounts, they send emails or messages, luring people into downloading malware or sharing sensitive information like passwords, logins and credit card details.

If I lose my phone or laptop (or have them stolen), what should I do to protect my personal details from being used fraudulently?

Unfortunately, if your device is stolen, your data will be at risk. However, there are steps you can take to reduce this risk and protect your digital identity:

use a strong password for your device or, even better, a fingerprint or facial recognition ID
set up additional authorisation for your folders or store your documents on secured cloud drives
ensure your lost device tracker is enabled

In the event that your personal device is stolen, log out of all your important accounts (social media, email, banking etc) from another trusted device.

How to spot a fake

There has recently been a PayPal scam that affected thousands of people. How can I tell the difference between a legitimate communication and a fraudulent one?

Some of my top tips include:

double-checking the email address. Often scammers use encrypted emails that look suspicious. For example, it could be made up of random letters and numbers.
compare the email or text you have been sent to previous communications from the company. Look for any abnormalities in the communication you receive. Sometimes this can be as small as the font or brand colours being different, but always pay attention to the emails or texts you receive to ensure you are clued up on what is and what isn’t legitimate.
when you are on a payment page, always look for the padlock in the web address bar as this shows it’s a secure webpage that can be trusted.
be vigilant. Check your bank account regularly, especially for small transactions, and monitor for any unusual activity.

With data losses occurring at various large companies in recent years, how sure can we be that our personal information is safe?

Many big corporations have failed to protect their customers’ data. While we cannot prevent hacks from happening, we can take steps to protect our data. I would suggest regularly changing your password and ensuring your passport and bank details are not stored on your profile. This way, if companies are hacked, as little of your data is available as possible.

I have elderly parents and they struggle with computers. What are the minimum protections they can put in place to secure themselves?

Cybersecurity can be extremely confusing, even for those that consider themselves tech-savvy. At the most basic level, a password manager can store their passwords in a safe, centralised place. A VPN (which stands for Virtual Private Network) will also help protect them when they are browsing online.

Protect your banking

How do fraudsters access our bank accounts and what are banks doing to intercept these attempts?

Over the years, banks have become wiser to financial scams, so they monitor abnormal or suspicious behaviour. Sadly however, not every scammer is caught.

There are some common financial scams to watch out for. For example, hackers can create fake banking websites that ask for two digits from your pin. The site will then say the two digits are incorrect and ask for the other two, resulting in the scammer having your entire pin and access to your account.

Scammers are also known to ring customers, pretending to be from their bank and asking for personal details. Unfortunately, these calls are often so believable that people fall for them and hand over their information.

Hackers can sometimes plant sophisticated card skimmers, which can steal your financial data, into the card payment section of websites. It is the retailer’s responsibility to monitor for suspicious activity on their sites, but do your research and check the reputation of the website.

To avoid these common traps, I would suggest removing your card details on retailers’ websites, only using reputable websites and double-checking that all communications from your bank are legitimate.

We also see that hackers engineer their scams to fit what is happening in the world. For example, recently we have seen a rise in HMRC tax rebate scams, so it is always wise to bear this in mind. If something sounds too good to be true, it often is.

Suspicious emails

I have received an email from someone saying that they know my bank details. They are trying to persuade me to pay them money with a threat to expose something private. What should I do?

This is an example of a ransomware attack, when hackers ask for money otherwise they will leak information. This can be scary and the hackers know this, but it’s always important to try not to panic. The most important thing to do is to inform the police, who will be able to help you regain control over the situation.

The best way to tell if an email is suspicious is to check if the email is encrypted and if it is made up of a random selection of numbers and letters.

If my Facebook, Instagram or X accounts are hacked, what can I do?

The most important thing to do is change your password as quickly as possible. This will stop the hackers being able to access your account again. I would also inform the customer service team that your account has been hacked so they are aware of the incident.

There are companies (including the one I work for, Clario) that can use a scanner to check if you have any breaches on your emails or passwords. If our system shows you have had a data breach, you will need to manually change your password. Our scanner allows you to see exactly where the breaches are, giving you greater control over your digital identity.