Even though the media regularly carries stories about data leaks and devastating corporate cyberattacks, many of us continue to log in to online-banking sites, social media platforms and other sites with little concern for the privacy and safety of our personal information.

In a world of social distancing and lockdowns, we’ve started to do more and more online. And as our lives moved into cyberspace, so did the criminals: 2020 saw more cyberattacks worldwide than any year before it, at a cost of $1 trillion. Only two years before, in 2019, Microsoft put the global cost of cybercrime at half that amount.

So, what can you do to protect yourself and not become another cybercrime statistic?

Step 1: Inform yourself

Once you’ve begun to delve into the complex world of data privacy, you will soon realise that you are up against some pretty powerful (and dark) forces. That said, the more you know, the better equipped you will be.

The very first step, even before signing up to any platform, is understanding the terms and conditions that you will be agreeing to. Even so, Colin Thornton, MD of IT consultancy Dial a Nerd, says our options ‘are severely limited’ when it comes to keeping our data private.

He uses the example of the 2018 Cambridge Analytica scandal where the personal data of at least 87 million Facebook users was collected over three years without their knowledge and allegedly used in political campaigns.

‘As Facebook very eloquently explained after the scandal, they had informed users of Facebook’s right to use and share their data in exchange for using the platform,’ Thornton points out. ‘Every time you use a service, especially a free one, you are accepting terms and conditions which may mean that someone is sharing your information or monitoring your behaviour.’

In other words, even if you share the absolute minimum of personal information, companies like Facebook and Google can still track which articles you prefer reading and sharing, who you associate with and what you are interested in buying.

‘This data is valuable to marketers, or in the case of Cambridge Analytica, to politicians,’ says Thornton. ‘There are plans to implement identity and data-sharing apps like Identity.io that would hypothetically allow you to switch off access to your information, but they are not yet widely used, and I expect many app owners would push back.’

Step 2: Exercise good password hygiene

Most of us are very lazy when it comes to online passwords and while there are no concrete statistics, analysts suspect that most people use the same password for all platforms. Although it would be ideal to have different passwords for different platforms, this isn’t really practical.

‘I usually recommend having one password for social media or public platforms, one password for day-to-day platforms and another for finance and banking,’ Thornton suggests. ‘Three passwords aren’t that difficult to remember, especially if you use a sentence structure. People tend to think the only secure password is one that looks like this: fcGH@#19* while a password that reads like a sentence and which contains a few numbers is almost as secure and much easier to remember.’

Step 3: Secure the offline part of your online life

While being vigilant online is crucial, we make cybercriminals’ lives easier by being careless offline. Indeed, we need to look at every aspect of our technological lives to better protect ourselves.

To begin with, make sure that you always turn on encryption tools that require a private key to access a computer or phone. They are often provided free of charge with operating systems, for example, Windows 10’s BitLocker. If it’s on and your laptop or phone is stolen, someone else won’t be able to access it without that key.

Also, enabling two-factor authentication (2FA) for all accounts can prevent unauthorised access. Examples of this are websites or apps that require a password to log in followed by a one-time code sent to your phone via SMS or a separate code-producing app.

Last but not least, it goes without saying that you should never write down your passwords or save them in a list in an unencrypted document on your desktop.

Social media online safety

In the age of social hacking and social engineering, where cybercriminals obtain private information online to conduct targeted attacks, it is critical to be aware of how you use social media.

Thornton recommends taking the following precautions to improve your digital security:

• Log off from social-media accounts and platforms when you’re done. Leaving them open in the background makes them even more susceptible to being hacked.

• Determine which apps are connected to your social-media accounts. Do you use Facebook or Google to sign in to other applications? Decide whether this is necessary, as it may put you at greater risk.

• Create a separate email address specifically for social media. If your accounts should be compromised, hackers won’t be able to use it to gain access to more valuable information on other platforms

This article originally appeared in Today issue 1 2019 magazine.