Staying safe online
At the Co-op we know how important it is for you to protect yourself and your loved ones online.
Using a strong password is a good way to protect your online accounts and keep the data in them secure.
Follow these steps for creating a good password:
- Make it 12 or more characters in length.
- Do not use it for any other account.
- Do not use something easy to guess like a pet's name.
Use a passphrase
A passphrase is a string of words that is longer and harder to guess than a standard password.
For example: Listen-To-My-Singing
These can help to create long passwords that are still memorable.
Use a password manager
Password managers save all your passwords in a secure account. This means you do not have to remember lots of passwords.
Use 2 factor authentication
2 factor authentication is available for many online accounts. It can add an extra layer of protection.
When you turn on 2 factor authentication, rather than just being asked for a password when you login, you also need to verify yourself another way. Therefore if someone finds out your password they will still not be able to access your information.
For example you could use your phone to add 2 factor authentication to a social media account. Then each time you logged in from a new device the system would send a code to your phone. Logging in from a new device would need both the password and the code sent to your phone.
Check if your password has ever been stolen
Have I Been Pwned? keeps a list of stolen passwords.
Scam emails and text messages
Sometimes attackers will send scam emails or text messages pretending to be someone you trust. This is called phishing.
Phishing messages usually try to get you to:
- click on a link that takes you to a malicious website
- click on a link or attachment that installs viruses or malware on your device
- share personal information such as login details
One of the most common phishing attacks is when the attacker includes a link to a fake website. These often look exactly like the real version.
The goal is to get you to type in your login details or other personal information on their copy of the website. Then they can take it and use it as if they are you.
Some signs that may help recognise phishing messages are:
- urgency or pushiness
- bad spelling and grammar
- not using your name when other messages from the sender usually do
- incorrect web addresses, often these will have a single letter changed
Using unsecure wifi can make it easier for attackers to get your files and personal information. It also means that anyone within range could use your home internet connection.
Use a strong password for your wifi router and make sure to set up encryption. This will make it harder for anyone to see information passed over the network.
Take care using public wifi networks when out and about. Attackers sometimes create fake networks that look like authentic free wifi. This allows them to see information passed over the network.
Even on legitimate public networks, never type in personal information such as bank details. Someone else on these networks might be able to see that information too.
Secure online shopping
When buying something online, always buy from a trusted website. Be careful when buying on social media. Check the payment page is secure by looking for ‘https’ at the start of the web address.
If you can, use a credit card when making big purchases online. When made with a credit card, the law protects purchases between £100 and £30,000.