Skip to content

Online Security

While no one likes a “do not” list, when it comes to online security, nothing could be more helpful. As you continue your online adventure, this do NOT list will help you avoid the mistakes that derail many a traveller.

DO NOT give your password to anyone. If you need to grant someone else temporary access for administrative reasons, never send the password via email. A good rule of thumb is to send the username via email and the password via SMS. That is, split the login credentials between two mediums and use the more secure medium for the password.

DO NOT keep your password in a digital format (such as an Excel spreadsheet or online notepad). Record your passwords offline and keep them in a safe place. If you use a password manager for general use, don’t use it for bank related accounts. Keep these records offline.

DO NOT use the same password on multiple websites. Create a unique password for every account you create on bank or finance-related websites or apps (that is, wherever you pay online). Make sure you choose a strong password of at least twelve characters, using a mix of numbers, letters (lower and uppercase) and special characters such as ! ? @ # $ % ^ & and _.  Enable 2FA (two-factor authentication) using an authenticator app like Microsoft Authenticator or Google Authenticator.

DO NOT trust websites that start with HTTP. Secure, legitimate websites use the HTTPS protocol (evidenced by the lock icon in the browser), not HTTP. While this doesn’t mean every website that uses HTTPS is safe or that every website using HTTP is a scam, websites that only use http are insecure and vulnerable.

DO NOT use public Wi-Fi networks when logging into your bank account or paying online. If you have to do your banking in the coffee shop, make sure you always use your own secure Wi-Fi connection.

DO NOT trust links in emails unless you are certain the source is legitimate. Always check that the sending email address is a valid domain name. To avoid phishing schemes altogether, go directly to the website using your browser rather than clicking links within emails. Where possible, bookmark your go-to websites and only use these bookmarked links.

DO NOT open email attachments from senders you do not know. Report and mark unsolicited emails as spam. This will teach your spam filter to recognise spam mail while you play your small part in discouraging cold-call email strategies.

DO NOT click on links sent to you via SMS. Ever.

DO NOT neglect to install the security updates on your operating system, your search browser and your apps. Act promptly.

What do you do if you click on a compromised link? This article is very helpful.