Keep ID Info Safe | Personal Data Security

Stop sending your identity via email or WhatsApp

Online scams and cybercrimes carried out using email, WhatsApp and other digital apps continue to affect smartphone users across the world.

Despite multiple warnings in the media, including this article on WhatsApp scams published on our blog recently, the number of these incidents continues to rise.

As a responsible provider of encrypted cloud backup and data security we are mindful of just how easy it is to be lulled into a false sense of digital security. As such, we feel it’s only right that we follow up on our guide to the best email security practices with a word of caution for WhatsApp and regular email users who may be requested to send copies of their ID document or passport electronically using the app or by email.

We take a closer look at the risks involved in sending personal information in the form of photos and screenshots via messaging apps and why you should avoid doing this at all costs.

could you WhatsApp me a copy of your ID?

the answer is NO

Whether it’s a travel agent, the doctor’s office, your insurance company, or even a relative, anyone who asks you to send them a photo or screenshot of your passport or ID document may be setting you up to become a victim of cybercrime, whether they know it or not.

  • Many people believe that the encryption technology used to send WhatsApp messages offers full protection from data theft. However, encryption only works in the split-second it takes to transfer information between two devices.
  • Once a copy of your ID or passport is on someone else’s phone, it can easily fall into the wrong hands.

Next time someone asks you to send them a scan or photo of your ID document, you’ll be doing a great deal for your own data security by saying NO.

There are other methods of sharing your ID number, including doing so over the phone on a voice call, once you have verified that the caller is genuine of course!

There may also be certain situations when you’re requested to provide a copy of your ID even though it’s not legally necessary. You can always check with the person requesting this document whether there’s another way to verify your identity that doesn’t put your personal information at risk.

keep copies of your ID safe in the cloud

Keeping electronic copies of your personal ID documents on a hard drive or flash disk is risky. If you want to keep this kind of information on hand, it’s always best to store it in the cloud using fully encrypted storage.

It’s time to ask questions about your online security and acknowledge that sending your personal data out via email or messaging apps puts you at risk. It’s your data and you can ensure it’s protected with our range of secure cloud storage packages that will help keep all your sensitive information safe. Contact us today to learn more.

Email threat training | Email Cybercrime

Email threat training reduces common threat markets

We all receive dozens of emails a day, but could these essential communications be exposing your business to online threats? According to 80% of businesses surveyed by Microsoft earlier this year, the answer is yes.

Malicious emails are becoming one of the biggest cybersecurity threats facing businesses around the world. While firewalls and antivirus software offer a degree of protection, the last line of defence against email-based digital threats is user training.

Let’s take a look at the email-driven data security threat landscape and how you can train your staff to detect and deal with suspicious communications.

think before you click: why you shouldn’t just open that email

According to recent research, an astounding 80% of organisations report having experienced an email security breach over the past year.

When you consider that most companies have at least entry-level antivirus and email security software in place, it’s clear that these messages aren’t enough to keep malicious emails at bay.

Fortunately, there’s a low-tech solution to this high-tech problem: training your staff to detect, delete and report malicious emails when they arrive.

Here are some pointers to share with your team.

  • If it looks weird, be suspicious. Emails with subject lines full of grammatical mistakes are a definite red flag, especially if they come from someone who usually doesn’t make language errors. The best strategy is to flag them as suspicious, report them, and delete them.
  • Open attachments you’re expecting and no others. If you receive an unusual email from someone you know with a request to open a strange looking file or click a link, proceed with caution.
  • Double check before you send. Best Email security practice isn’t just about the emails you open but also the ones you send. Employees should ensure that they send sensitive information only to the recipient it’s intended for and correct any sending mistakes immediately.
  • Check the email address. Phishing emails have become increasingly more sophisticated and often appear to be from a reputable company or financial services company, perhaps even one you bank with. Always check the senders address and domain name (the name after the @symbol) as no reputable company will use @gmail which is a big giveaway.

increase your company’s data security with secure cloud storage

Every data security strategy needs a reliable provider of secure encrypted storage that makes data safe and available in the cloud. Our range of packages for businesses and individuals are designed to keep your information safe while staying within budget.

Your Guide to the Best Email Security Practices

Every time you send and receive an email, you’re taking a risk. There’s ransomware, phishing, viruses, and compliance violations to be wary of. From CEOs of big corporations to secretaries who manage client emails all day every day, everyone needs to be aware of the best email security practices to follow to ensure that your emailing behaviour doesn’t become the very thing that brings your company to its knees.

To take the guesswork out of the process of drawing up an email security strategy, we’ve included some tips and advice for the correct and most effective security practices for your business. Before we investigate these practices, let’s learn more about the risks involved in using email.

the common threats

Regardless of its size, every company must have a cybersecurity strategy in place, and email security forms part of that.

Many people believe that as they aren’t sending or receiving particularly sensitive information, it doesn’t matter whose hands their email falls into. However, this is a risky mindset as hackers aren’t only interested in your email content. They want access to an even bigger network and the front door for them is through your email.  Once a hacker has access to your emails, the online world (your online world) is their proverbial oyster.

Cyber hacks and attacks are ever-changing. Over the years, they have progressed from simple phishing links to complex social engineering tactics and email security should form a critical part of your overall cybersecurity.

what to be aware of

Knowing what to watch out for is important. Here’s what to keep an eye out for.

These are emails that request money and sensitive information from a user. Spear phishing is when ‘someone else’ impersonates ‘someone you trust’ to get information out of you. You might receive an email stating, “Your online banking profile number and pin is going to expire in three days. Click on this link to register your new profile and pin.” Everything might look legitimate, but it’s not!

  • social engineering

Ever received an email or a pop up that says, “OMG, it looks like you in the video!” – well, that’s social engineering at play. This is when cybercriminals rely on you to click on a malicious link or attachment.

  • business email compromise

This is a form of spear phishing where a cybercriminal impersonates the CEO of a company or a manager. This type of scam relies on employees sharing sensitive information, which can be used to steal business data and even money.

  • spam

You know those emails that say, “You’ve just one a R1 000 Woolworths voucher!”? Well, this is known as spam, and most often, we fob them off as an annoyance when we click on it, and it takes us seemingly nowhere. What you’re not expecting is that a bot, instructed by the cybercriminal, sends you that link and when you clicked on it, spyware, malware or even ransomware is installed on your computer.

  • malware

Malicious software, called “malware,” often presents in the form of a Trojan, ransomware or some other program that attacks your computer system. In most instances, the files on the computer are encrypted, and you are requested to pay a ransom to get the key to unlock the encrypted files. Some types of malwares can get access to your computer camera or your entire device, which means they see what you see and do! Obviously, that’s a big risk.

  • botnet and ddos

Largescale spam and phishing campaigns are often managed by botnets which are groups of devices that are under the control of a cybercriminal. Often, these devices are used to overload a system or network in hopes of making it crash. This type of attack can cause absolute mayhem.

tips to the best email security practices

Email security is all about building as many walls as possible between your data and the cybercriminal. Cyber security should be no different to virtual security with multiple barriers making entry virtually impossible.

  • Educate employees on best email security practices such as never clicking on unexpected attachments and links;
    • Put rules and guidelines in place for all work email security.
    • Make sure that your employees understand what kind of sensitive data they are likely to be handling.
  • Encrypt sensitive email attachments through a secure hosting service.
  • Activate 2 factor authentication – this will tighten up access points from end-to-end, which includes email.
  • Add legal disclaimers to your emails so recipients are aware they cannot send that email on to anyone.
  • Regularly change email passwords (and ensure they are difficult passwords)
  • Do regular encrypted data backups just in case you ever fall victim to malware
  • Update your operating system to avoid software vulnerability which is often corrected with updates.

How do you ensure that your company uses email safely? Share your tips and advice with us today!