Protect yourself from cyber scams during COVID-19

A sad reality is that there are people who will attempt to take advantage of people during times of uncertainty and fear. We wish it wasn’t so, but it is.

Right now, there are cybersecurity scams circulating the internet targeting people who want information about COVID-19. We want to help you protect yourself against them.

How to protect yourself from cyber scams

There’s plenty of tools and habits you can use to keep your accounts and information safe from scammers and cybersecurity threats. You are the most important tool you have though. It’s the steps you take and the thought you give to what you’re doing online that will go the furthest in protecting you from cyber threats.


Think critically about what you click on

If you’re not 100% certain about a link, don’t click on it. Use your favourite search engine to search for the website and go there directly. For instance, you should go directly to the website for your financial institution if an email asks you to log in to your bank or credit union.

And try to think about the sources of the information you’re being given.

For information about COVID-19, seek information from the WHO and local and federal government sources.


Security software

The security software you use should be up to date and should connect to all your devices, including external devices that you plug in. Good software will automatically connect to external devices and run scans.

If your program offers it, be sure to turn on automatic updates. This will ensure your device is always running the most current version of the software, helping you stay safe from the most recent threats.


Use current browsers and operating systems

Just like your antivirus software, you should ensure you are using the latest versions of your web browser and that you are running the most recent updates on your devices. These updates help protect you from cybersecurity threats, while also fixing any bugs or issues.


Guard your personal information like it’s a secret

Your personal information – like your birth date, where you live, and your purchasing history – is valuable. It might be fun to have this information on your social accounts, but you need to be careful about who can see it.

Take a look at your privacy settings on any social media accounts you have or any other sites where your personal details are shared. Think about whether you really need to have that information shared publicly or whether it’s something that’s best kept between you and your friends.

It’s okay to not want to share everything with everyone online. It’s okay to set limits.


Use unique passwords

Here’s a list of the most common passwords from 2019 (according to CNN):

  1. 123456
  2. 123456789
  3. qwerty
  4. password
  5. 111111
  6. 12345678
  7. abc123
  8. 1234567
  9. password1
  10. 12345

If you use any of those passwords (or passwords that are similarly simple), change them now.

The best passwords, according to the Canadian Credit Union Association Tip Sheet, are longer, difficult to guess and contain a combination of letters, numbers, and symbols. You should use different passwords for different accounts, where possible.

At a minimum, have different passwords for your work and personal accounts. Also, you should have different passwords for your more important accounts, like your banking, email, and social accounts.

And – don’t keep your passwords in a document on your computer. Write it down and keep it stored in a safe place away from your computer.

Check out the Canadian Centre for Cyber Security’s page about Passphrases and passwords for more tips.


Cyber security infographic


Don’t tell anyone your passwords

Financial institutions and government bodies won’t ask you to tell them your passwords (other than phone passwords) or give personal details over the phone or by email.

Be cautious about any email or phone call asking you to provide personal information or passwords – no matter how serious or formal they sound. Scammers prey on people by creating fear. Always check with a reputable source directly (not by following a link) before paying any money or providing any details.


Use Authentication Tools

Enable features that require you to verify your login via a means beyond just your email and password.

If you have the option of using two-factor authentication – tools that send a unique code to your phone or email address – use them.

If you’re relying on security questions, ensure the answers aren’t available anywhere online. The names of your children and details about your schooling, for instance, are often public on Facebook. So, they might not be the best choice.


Stay safe with https:// sites

Sites that are security enabled start with “https://”. Only conduct any banking or shopping on websites that have this security certificate.

You can find out whether a website has a security certificate by checking the website bar. Double click on the website bar if you can’t see ‘https://www.’ before the site address.

Before double-clicking:

Browser address bar demonstrating website address onlyAfter double-clicking:

Website bar showing security certificateThis is a security-enabled site.

Note: http:// (without the ‘s’) is not secure.


Stay informed during COVID-19

Keep an eye on reputable websites like the Canadian Centre for Cyber Security and, in particular, their Staying Cyber-Healthy during COVID-19 campaign page.

Be your best defence

Always think about how your online behaviour could affect you or those you love down the line.

Don’t forward links to sites you’re not certain about, be careful of forwarding chain emails with links, and don’t share information about others you wouldn’t want people to know about yourself.

If you’re ever uncertain about whether a communication from us is real, get in touch with us.

We’re here to help. And, in the fight against cybercrime, we’re better together.