Cyber Security
ACX Group and all its subsidiaries take cyber security seriously, we are all constantly made aware of the ongoing threats posed by cyber criminals and the impact they have on businesses and individuals. While we take significant measures to protect our systems, cyber criminals are agnostic as to whom they steal from or the lengths they will go to exploit systems to steal money. It is, for this reason, we want to also provide the following guidance to help our customers best protect their own systems and online accounts.
Our customers access our website and exchange from smartphones, laptops, tablets, and computers all over the world, often these are the same devices that are used for writing emails, browsing the web, banking and even playing computer games. Cyber criminals know this, so they can target our devices via all means of attacks.
Our customers access our website and exchange from smartphones, laptops, tablets, and computers all over the world, often these are the same devices that are used for writing emails, browsing the web, banking and even playing computer games. Cyber criminals know this, so they can target our devices via all means of attacks.
The Most Common Attacks to Be Aware Of
Malware
Malware, or malicious software is a term to describe any file or program that is intended to disrupt a computer. There are multiple methods of delivering malware to a user, some of which are phishing attacks, social engineering, and exploits.
Social engineering
Social engineering is used to deceive and manipulate victims to obtain information or gain access to their computers by persuasion or appealing to their emotions (e.g. invoking a sense of urgency or fear). This is achieved by tricking users into revealing sensitive information, clicking malicious links or by physically gaining access to a computer through deception.
Phishing
Phishing is a method of social engineering used to trick people into divulging sensitive or confidential information, often via email. It is not always easy to distinguish from genuine messages, these scams can inflict enormous damage on organisations.
Credential-based Attacks
Credential-based Attacks are based on the concept that individuals often use the same credentials across multiple websites and services. This means that compromised credentials on one platform can be re-used to try and gain access to other services.
Social Media
Social Media is increasingly used to build relationships and can lead to exploitation in the event you interact with criminals impersonating friendly users.
How To Improve Your Security
In response to these methods of cyber-attack, there are multiple ways to make it harder for attackers to compromise our services and your data.
- Create complex passwords: A good way to create strong, memorable passwords is by using 3 random words. Do not use words that can be guessed (like your pet’s name). You can include numbers and symbols if you need to, for example, “$$Sad#atbiT96!”. Avoid reusing the same password. However, the best password is one generated, stored and managed by a password manager. A properly configured password manager can manage all your online passwords in one secure location. (Do not use freeware versions.)
- Enable two-factor authentication (2FA):Two-factor authentication (2FA) helps to stop hackers from getting into your accounts, even if they have your password. Some online banking uses 2FA automatically. It does this by asking for more information to prove your identity, such as a code that is sent to your phone.
- Keep your devices up-to-date:Out-of-date software, apps, and operating systems contain weaknesses. This makes them easier to hack. Companies fix the weaknesses by releasing updates. When you update your devices and software, this helps to keep hackers out. Turn on automatic updates for your devices and software that offer it. This will mean you do not have to remember it each time. Do not ignore the update reminders on your devices.
- Back up your data: Backing up means creating a copy of your information and saving it to another device or to cloud storage (online). Backing up regularly means you will always have a recent version of your information saved. This will help you recover quicker if your data is lost or stolen.
- Email Awareness: In a typical phishing attack, scammers send fake emails to thousands of people, asking for sensitive information (such as bank details), or containing links to malicious websites. If unsure, do not click on any links or open attachments in the email. Always verify the sender/email if it is a suspicious looking email. Utilise secure email protocols: there is a suite of tools available which can be used to verify the contents and attachments of emails to filter out any suspicious emails before they come into your inbox.
- Keep social media accounts secure: Most reputable social media platforms have configurable settings to maintain the security of your account, which you should make sure are enabled. It is also best not to share anything remotely sensitive on social media, even if it may get you more ‘likes’, and clear out anything historic which is no longer relevant and could be used against you.
- Use secure wi-fi: Public wi-fi you can connect to in cafes, train stations, and airports are not secure, and can put any devices you connect with at risk. Use private wi-fi where possible, but otherwise consider using Virtual Desktop Interfaces to protect your communication.