Merry and byte: The 12 tips of Christmas security
Don’t get your tinsel in a tangle with our 12 days of Christmas Safety advice for the holiday season.
On the first day of Christmas nbn said to me… “Be safe as houses.”
Leaving on a jet plane for the holidays? It’s tech to the rescue if you’d like to look like there is still activity inside your house to keep the crims at bay.
Sure, you might not need to go all ‘Kevin Mccallister’ with a bunch of life-size cardboard cut-outs, but home automation might be the next best thing. A timer for your lights and radio is a cheap investment with no set up savvy required.
Better yet, an app like the Belkin Home automation’s “away” option can schedule smart lights to go on and off at random times, further confusing potential robbers.
Feeling craftier? Consider auditory deception by “watching” the nightly TV news broadcast, all controlled via YouTube TV, allowing you to link your phone to your TV to play videos at home (all cleverly controlled from your deckchair on the beach).
On the second day of Christmas nbn said to me… “No padlock, no purchase.”
Avoiding the crowds and shopping from the couch? Before handing over your credit card details, check for the padlock symbol in your browser.
You’ll notice the “http://” changes to “https://” when a site is secure; legitimate sites will encrypt (or scramble) the information you send, to protect your information in transit.
Of course, even the bad guys can buy https:// certificates, so be sure to only buy online from retailers that you know and trust.
On the third day of Christmas nbn said to me… Keep presents under wraps
Planning a surprise? Your browser will busily track you around the internet, sharing your activity with retailers and marketers via a trail of browsing breadcrumbs (or “cookies”) stored on your computer or device.
These cookies mean your online purchases aren’t exactly discreet; thanks to the targeted ads that pop up on your computer or Facebook page for products that you’ve searched for (and even those that you’ve already purchased!).
If Santa has been on your laptop researching bikes, you can almost guarantee that little eyes will see pop up ads for bikes during their homework browsing.
To avoid being the Grinch who stole Christmas, you’ll need to cover your tracks. Remember to clear your cache, search history, and cookies after browsing.
Better still, go incognito. Each browser has its own secret mode that won’t save cookies or search history, leaving no trace on your end that you’ve visited a particular website.
On the fourth day of Christmas nbn said to me… “Avoid public wi-fi.”
Shopping on the run? Many public wireless hot spots are not secure, making it possible for others to snoop on your activity and track what you’re doing.
Avoid hotspots that are run by people or organisations you don’t know and if you’re prompted to select a network type, always select ‘public’ for added peace of mind.
If you’re overseas and have to use wi-fi, team it with a VPN that will encrypt your traffic, keeping it safe from prying eyes.
Alternatively, get your hands on a local sim.
Traffic destined for 3G and 4G cell towers is encrypted, making your transactions a lot more secure than using public wi-fi alternatives.
On the fifth day of Christmas nbn said to me… “Waaaatch what you tweeeet!”
Checking in from the Qantas Club? Stop and think before you post. If you’re at the airport, you’re obviously not at home.
There are a myriad of ways someone who follows you on social media might go about finding your address by teaming with Google Street Search. It’s potentially not that difficult to pinpoint your address and hit the empty house jackpot.
Aside from your whereabouts, that picture of your airline ticket contains a whole pile of other useful data. Your full name and frequent flyer number could potentially be used to contact your airline and mess with your flight.
The Passenger Name Record (or PNR) can be pulled from your barcode to reveal information like your DOB and passport number, as well as who you’re travelling with.
All well and good unless you’re somewhere you’re not supposed to be!
If you simply must brag, make sure your Facebook is set to ‘friends’ only, you’ve switched off location services in your post, covered up any barcodes, and checked your account isn’t unintentionally linked to another platform (such as Twitter) that may have public settings.
Or simply hold off your post until after the event and brag retrospectively.
On the sixth day of Christmas nbn said to me… “Forget your troubles, come on get ‘appy."
Is that the app for that?
Fake retail apps have been known to pop up in Apple’s App Store just in time to deceive holiday shoppers.
The fraudsters have masqueraded as popular shopping sites, mimicking existing apps to confuse shoppers about which is the “real” app, as well as taking advantage of stores who have no official app at all.
Be on the lookout for red flags signalling the app is a phony; poor grammar and spelling mistakes are typical clues. Check the reviews in Apple's App Store or the Google Play store.
A real app will likely have thousands of reviews, while a fake might have closer to zero.
When in doubt, visit a store's website in your browser and look for a link to "Get our app." This will take you to the App Store where you can download the legitimate version.
On the seventh day of Christmas nbn said to me… “Keep your details private.”
Setting up an online account? Don’t volunteer anything more than your name, contact number, and the address for delivery.
You should not need to answer personal questions or disclose information about income or education during a purchase. If they ask, see if you can check-out as a “guest” instead.
Never provide your credit card details over email or transfer money into a bank account.
It’s almost impossible for the banks to step in and save the day (and your hip pocket) once you’ve wired money overseas, so be particularly suspicious if a company asks you to do so.
If your purchase requires a USA postal address, Australia Post now offers mail forwarding, which can be a more trustworthy alternative than some of the existing offerings.
On the eighth day of Christmas nbn said to me… “Reset your password.”
Still using ‘password123’ to access your accounts? Consider it your New Year’s resolution to update your passwords. It’s easier to achieve than the other healthy alternatives, and just as important!
The general rule for passwords is ‘longer is stronger’- it’s far more difficult for a hacker to crack a complicated password than a short one.
There are a lot of easy ways to make a safe password. Luckily, we’ve already done a post on it here!
On the ninth day of Christmas nbn said to me… “Give peace of mind.”
An antivirus subscription might not be the most romantic of gifts, but it’s certainly one of the most important.
A spare power pack will always come in handy for flat phones, and a multi country power adaptor is an essential addition to any holiday suitcase.
Kit your clan out with an encrypted hard-drive to back up family snaps, or reclaim their digital privacy with a VPN subscription.
Cheap earbud splitters, USB cords, flash drives, aux cables or screen covers make great (and oh-so-useful) stocking stuffers.
On the tenth day of Christmas nbn said to me… “Wipe before recycling.”
Getting a shiny new tech toy for Christmas? Before throwing your old gear to the kerb, make sure there’s nothing in there that shouldn’t be.
Lucky for you, the latest versions of iOS are hardware encrypted, meaning that ‘Settings > General > Reset > Erase all Content and Settings’ on your iPhone should do the trick.
Even if someone was to stealthily try and retrieve your deleted information, they’d have to unscramble any salvaged data in a fancy forensics lab.
For those on Android you’ll want to encrypt your data first (unlike an iPhone, Android content isn’t necessarily encrypted by default), before factory resetting your phone and securely wiping your information.
Finally spare some thought to your desktop and mobile software (think iTunes and Photoshop) where you’re only permitted a certain number of devices under your licence.
Make sure you’ve unlinked any devices before wiping them to save you the time (and hassle!) of doing it later.
On the eleventh day of Christmas nbn said to me… “Be aware of scams.”
Got a deal too good to be true? It quite possibly is.
The bad guys are once again sending out bogus shipping alerts masquerading as Australia Post, hoping you will click the link to retrieve your parcel, so sneaky malware can be loaded onto your computer.
Remember to only use the tracking number provided in your initial confirmation email, and always go to the official website to check on the status of your incoming presents.
For the full low down on avoiding scams, here’s one we prepared a little earlier!
On the twelfth day of Christmas nbn said to me… “You’d better not pout”
Whatever you’re celebrating a secular or religious Christmas, sharing is caring over the holiday period.
Why not help spread the online safety love to your friends and family and help them batten down their digital hatches over the festive period? Check out our other online safety blogs for a truly stress free Christmas.
Rebecca Moonen is Senior Security and Privacy Awareness Advisor at nbn. You can check out her other blogs on online safety here.