By M. Lutfi
He is a writer at ALVEO
Nowadays, it seems like our every move is increasingly connected to the internet. From daily commuting to doing big, expensive purchase, you will be hard-pressed to find alternatives that don’t involve the net. The shift to online service is gradual; as more Indonesians are connected to the internet, so does the services. Boasting more than 60 million internet users, Indonesia is one of the most connected nations in the world.
One of the most important pieces of your digital life is your email. Want to sign up to websites? You need your email address. Need to log in to government services? They require an email address, too. That’s why keeping your email account secure is a big deal. Hacked email could be devastating and critical, especially if the email account is connected to various vital services throughout its life.
To secure your account, you need to know what attacks are waiting out there. A prominent cybersecurity concern currently is phishing, in which an attacker puts up a page that looks similar to certain services you use, hoping that you will enter your username and password to the page. Although phishing attack has been done for decades, you are still in a risk of getting attacked if you are not careful. The attack always evolves, after all.
Fortunately, fending off phishing attack is easy if you know the steps and be prudent in your online life. Do you want to know how to avoid phishing? Read on.
- Do not click suspicious links
There’s no such thing as free lunch, and it also applies in the cyber world. Malicious people are hungry for your data, and one of the ways they do to collect it is by spamming malicious links such as “free gift if you enter your personal data” or “click here to install antivirus”. Such links will eventually lead to phishing attack.
- Remember that companies usually don’t ask your personal details via email
A legitimate service already has your data stored securely, so they don’t need to ask you again in an email. If you received an email stating that you need to verify your identity, the link on that email might lead to phishing. It is best to type the website address manually and log in from there.
- Read the address bar
Secure websites are equipped with SSL for secure communication. SSL support is indicated by the green padlock in the left of your web browser. If you click a link requesting your data and don’t find the green padlock, leave immediately.
- Use different passwords for different services
It is recommended that you use a different password for different sites and services you use to minimize the risk of a phishing attack successfully accessing all your personal details. If you find it hard to remember passwords, you can enlist the help of password manager apps such as LastPass.
- Enable two-factor authentication for services that support it
Currently, most major online services have a two-factor authentication feature available. If you use this feature, you will need to authenticate your login attempt via token or OTP that will be sent to you by SMS or WhatsApp. Two-factor authentication will secure your account even if someone knows your password.