Top 10 tips to develop your cyber smarts

Most of us know that installing antivirus software on your laptop and changing your Facebook password occasionally is a good idea when it comes to protecting yourself online.

However, did you know that the selfie you took in your lounge room and uploaded to Twitter might reveal your home address? Or that the 'Free Wi-Fi' network at your local café may be harvesting your sensitive details as you type?

Deakin University cyber security expert Professor Yang Xiang explains that as hackers develop increasingly sophisticated methods, it can be difficult to keep up.

"Internet safety is just as important for adults as it is for children and teens," he said.

"Privacy concerns, identity theft and cyberstalking are just some of the potential issues that we all need to be aware of when we're online – not only on our computers but also smart phones."

Professor Xiang's Top 10 cyber safety tips offer something for digital novices and experts alike.  

1. Be aware of information in online social networks
Online social networks have become part of Australian life. However, there is too much information spread via online social networks, including rumours and spam. Before you share a friends' news on Facebook or retweet something interesting, think twice. The 'news' may just be a rumour or the original tweet may contain spam in its embedded URL.

2. Set complex passwords for each website and update them regularly
You probably have many accounts for different websites, such as online banking and online social networks. Set a complex and different password for each site, with the best passwords including at least eight digits with not only letters and numbers but also special characters. If you're finding it difficult to remember them all, a password management tool such as 1password or LastPass can be helpful. It also goes without saying that you should change your passwords regularly to keep hackers guessing.

3. Turn off location service for unnecessary apps on your smartphone
Keep an eye on your smartphone's location settings as they could be revealing your location without you realising it. While some smartphone apps, such as maps or navigation, require access to the location settings, most apps do not require this information. Keep the location service closed for those unnecessary apps to avoid being tracked.

4. Wipe out geo information when you share your photos online
You may want to share your life with friends online via Facebook or Twitter. However, do you know that the photos you upload can include details about your geographic location? For example, if you take a selfie at your home, your address may be unveiled as part of the file. Remember to wipe out the geographic information from photos before you upload them.  

5. Avoid inputting sensitive information on public devices or through public free Wi-Fi
Free Wi-Fi in a café may be nice for Internet surfing, but it is risky to send sensitive information through it. Hackers may set up laptops to broadcast networks with names such as 'Free Wi-Fi' in public places, such as in cafés and libraries. These networks let you pass internet traffic through them and harvest your sensitive details as you type.

6. Don't let your browser save passwords and credit card details for you
When you type in a password or credit card details in a browser, it will ask whether you would like to let the browser remember your login details and passwords so that you don't have to type the details in next time. This may seem convenient but you're also taking the risk that anyone using that same computer – particularly if it's a publicly accessible computer – can access your accounts without a password. In addition, some browsers have a facility that allows subsequent users to view all the user name and passwords that a previous user has saved on the computer.

7. Think carefully before clicking on links and attachments in emails
Cyber criminals are masters at creating convincing emails that look just like emails from banks or other organisations that hold sensitive data. However, clicking on the links in these phony emails often leads you to a phishing website that looks exactly like the official website but is designed to steal your personal information such as account login and passwords. If an email from your bank does not look quite right, don't click on any of the links and call your bank instead.

8. Do not download software from unfamiliar or suspicious sites
Free software downloads on the internet fall into two categories – well-known apps or games that are cracked and freeware such as system optimisation software – and can be quite tempting. However, chances are that when you press the save button to download software from an unfamiliar site, you're actually inviting malware or viruses into your computer. These sophisticated bugs can still intrude into the system and circumvent even the best firewall or anti-virus software.

9. Never or minimize the use of public Wi-Fi and turn off Wi-Fi and Bluetooth on the device when not in use
The old adage 'you get what you pay for' is certainly true when it comes to free Wi-Fi networks. While they may be convenient, they are also open to the public and this includes cyber criminals and hackers who have been known to steal passwords over free Wi-Fi networks. It's best to play it safe with free Wi-Fi networks by not accessing internet banking or checking personal email and turning of Wi-Fi and Bluetooth on smart devices or laptops if you're not using them. These simple steps will go a long way to preventing theft of personal information.

10.  Keep the software and operating system up-to-date
Last, but not least, don't forget the basics. Keep your software, especially anti-virus software, up-to-date at all times to keep the system safe from viruses. Constant updates will also ensure that all the latest patches are applied to your system to protect from known vulnerabilities. It is also good practice to update the system and software or operating system with the latest patches or upgrades when they are made available. 

Professor Yang Xiang is the Director of the Network Security and Computing Laboratory and Associate Head of the School of Information Technology at Deakin University.