An international cybersecurity expert has warned the boom in internet-connected gadgets in Christmas stockings this year makes the festive period an “ideal time” for hackers.
Professor Karen Renaud of Abertay University in Dundee has issued a guide detailing how to avoid falling prey to cyber fraudsters over the holidays, with scammers keen to target everything from email addresses and bank account details through to artificially intelligent home assistants, connected speakers and the latest phones and tablets.
Internet of Things gadgets are among the hottest gift ideas for Christmas 2018, with the global market value for the sector expected to grow to an estimated $520 billion by 2021 – more than double that of last year.
Prof Renaud warned that the security of all these devices is only as good as the personal password protection and cyber-awareness of the individual, and urged families to tread carefully when connecting to anything to the web – including children’s toys.
She said: “It may be the season of goodwill, but unfortunately that doesn’t extend to scammers who won’t be taking a break this festive season.
“Lots of us will be setting up online accounts this Christmas for gadgets we’ve received as gifts and many more of us will be logging on to enjoy the Boxing Day sales.
“That makes it an ideal time for criminals, who’re looking to steal your money or personal details.
Prof Renaud carries out teaching and research within the Division of Cybersecurity at Abertay, home of the world’s first degrees in Ethical Hacking, where students are trained in offensive cybersecurity techniques and thought to think like hackers.
She said there are several easy ways to increase your chances of staying safe this Christmas.
Professor Renaud said: “If you get a new gadget this Christmas it’s almost inevitable you’ll end up creating a new online account to go alongside it.
“When you do you’ll end up creating a new password and that’s a nightmare to remember, right?
“That’s why you should use a password manager. They store your passwords so securely that even if someone takes your phone or laptop they won’t be able to get a hold of your passwords.”
“A strong password doesn’t have to be something that’s difficult to remember, use snippets from your life that always stick with you – something a hacker couldn’t find out, and is unlikely to guess.
“Perhaps there’s a line in a poem you learned in Primary School that sticks with you, or maybe you still remember the telephone number you had when you were 11.
“Writing down passwords might sound crazy, but you’re looking to deter that hacker on the other side of the world, not someone you live with who might find them.”
“If you get an e-mail advertising some Boxing Day deal that looks too good to be true, it probably is. Don’t click that link!
“Similarly you may end up getting a text or message saying your bank account has been blocked – the last thing you want at this time of year.
“Once again, don’t click on any link provided. Go to your bank and check it out in person, or call the number printed on the back of your card.”
“Just because a device or gift is new doesn’t mean the software or firmware on it is. Security flaws and bugs are regularly patched out. We all want to use our new things right away, but it’s always worth installing patches first.
“When it comes to new devices, be sure to change the default password of anything you’re going to connect to your wifi. Write it on a sticky note and attach it to that device to make sure you have a strong password.”
“Ideally you want to be varying your passwords anyway, but it’s especially important to make sure your e-mail password is different from every other password.
“If you don’t do this, and a criminal gets a hold of that information they suddenly have access to other accounts that you own.
“Remember, a hacker only has three chances to gain access to your account before it’s locked. Don’t make it easy for them.”
To find out about studying Ethical Hacking at Abertay visit: https://www.abertay.ac.uk/course-search/undergraduate/ethical-hacking/
For further cybersecurity advice visit: http://karenrenaud.com/advice.html