.png "GENERAL CYBERSECURITY SAFETY GUIDE")
Information & Communication Technology has become an integral part of our day-to-day life. It has changed the way we connect with friends, find jobs, and find matches for marrying, run businesses, play games, and do shopping and so on. With the cheap availability of broadband and smartphones, almost everyone has access to the cyber space, connecting virtually to millions of online users across the globe. Increasing use of cyber space has also made us vulnerable to cybercrime threats. A minor lapse/negligence in managing our digital life can open the doors for cybercrimes and hence can lead to financial loss, damage to reputation, harassment etc. So, we must be vigilant and careful while connecting digitally to the outside world whether for financial transactions, social networking, playing games or searching things on the internet etc.
TIPS for Device/Computer Security
ü
Keep your antivirus and operating system updated
at all times.
ü
Backup your sensitive/important data at regular
intervals.
ü
Be careful while opening suspicious web
links/URLs.
ü
Always scan external storage devices (e.g. USB)
for viruses, while connecting to your device.
ü
To prevent unauthorized access to your device,
consider activating your wireless router's MAC address filter to allow
authorized devices only.
ü
Wireless router can screen the MAC addresses of
all devices connected to it, and users can set their wireless network to accept
connections only from devices with MAC addresses recognized by the router.
ü
Secure all your wireless access points with a
strong password. Hackers usually scan for open access points and may misuse it
to carry out unwanted activities. Log records may make you more vulnerable for
such misuse.
ü
Merely deleting sensitive material is not
sufficient, as it does not actually remove the data from your device. ‘File
Shredder Software’ should be used to delete sensitive files on computers.
ü
Delete unwanted files or data from your computer
device. It prevents unauthorized access to such data by others.
ü
Use ‘Non-Administrator Account’ privileges for
login to the computer and avoid accessing with ‘Administrator’ privileges for
day-to-day usage of computers.
ü
Make sure to install reputed mobile anti-virus
protection to protect your mobile from prevalent cyber threats and also keep it
updated.
ü
In case of loss or theft of your mobile device,
immediately get your SIM deactivated and change passwords of all your accounts,
which were configured on that mobile.
ü
Do not leave your phone unattended in public
places and refrain from sharing your phone password/pattern lock with anybody.
ü
Always enable a password on the home screen to
restrict unauthorized access to your mobile phone. Configure your device to
automatically lock beyond a particular duration.
ü
Always lock your computer before leaving your
workplace to prevent unauthorized access. A user can lock one’s computer by
pressing ‘Ctrl +Alt + Del’ and choosing ‘Lock this Computer’ or “Window button+
L”.
ü
Remove unnecessary programs or services from
computer which are not required for day to day operation.
For Safe Internet Browsing
ü
Beware of various fraudulent lucrative
advertisements regarding discount coupons, cashback and festival coupons
offering payments through UPI apps popping up while browsing.
ü
Some URL links on the internet are advertising
to provide fake mobile Oximeter apps to check your oxygen level. Do not
download such fake Oximeter apps on your mobile, as these apps may steal your
personal or biometric data from your mobile phone.
ü
Avoid using third-party extensions, plug-ins or
add-ons for your web browser as it may track your activity and steal your
personal details.
ü
Always browse/visit the original website for
purchasing.
ü
Always type the information in online forms and
not use the auto-fill option on web-browser to fill online forms as these forms
may store your personal information such as card number, CVV number, bank
account number etc.
ü
Be careful about the name of a website. A
malicious website may look identical to a legitimate one, but the name may use
variation in spelling or a different domain (eg.,[dot]com, [dot]net etc.)
ü
In general all the government websites have
[dot]gov[dot]in or [dot]nic[dot]in ending.
ü
Avoid clicking 'Keep me logged in' or 'Remember
me' options on websites, especially on public computers.
ü
Beware of fraudulent charity activities or
non-existent charitable organizations having names identical to government
charity funds, requesting money for victims, products or research. Always check
the credentials of charity organizations before donation.
ü
Never allow the browser to store your
username/password, especially if you use a shared computer device. Also make it
a habit of clearing history from the browser after each use session to protect
your privacy.
ü
Be cautious with tiny or shortened URLs (it
appears like http://tiny.cc/ba1j5y). Don’t click on it as it may take you to a
malware infected website.
ü
Prior to registering on a job search portal,
check the privacy policy of the website to know the type of information
collected from the user and how it will be processed by the website.
ü
Many social networking sites prompt to download
a third-party application that lets you access more pages. Do not download
unverified third-party applications without ascertaining its safety.
ü
Beware of e-commerce websites and advertisements
selling items at highly discounted prices.
For safe Internet Banking
ü
Always use virtual keyboard for accessing net
banking facility and log off from banking portal/website after completion of
online transaction. Also ensure deletion of browsing history from web browser
(internet explorer, chrome etc.) after completion of online banking activity.
ü
Use multiple factor authentications for login
into your bank accounts.
ü
Avoid writing down or storing in mobile phones
the information used to access digital wallets/bank accounts.
ü
One should not use the same password for
internet banking of all accounts.
ü
One should not keep the same mobile number
registered for all bank accounts.
ü
Always enable getting notification of
transactions from the banks via both SMS & e-mail.
ü
Login and view your bank account activity
regularly to make sure that there are no unapproved transactions. Report
discrepancies, if any, to your bank immediately.
ü
It is preferable to have two separate e-mail
accounts, one for communicating with people and another for your financial
transactions.
For E-wallet Security
ü
Enable password/PIN on your mobile phones,
tablets & other devices that you use.
ü
While doing transactions using your e-wallet,
you should never save the details of your debit or credit cards.
ü
Use multiple factor authentication for logging
into your e-wallets.
ü
Avoid writing down information used to access
the digital wallets in mobile phones.
ü
Install e-wallet accounts from sources you
trust. Do not install e-wallet apps via links shared over e- mail, SMS or
social media. Always verify and install authentic e-wallet apps directly from
the app store (Google/ iOS store) on your smart phone. Please check if the app
is having the “Play Protect” shield.
For E-mail Account Security
ü
Never keep the same password for all your e-mail
accounts.
ü
Use secure network connections.
ü
Avoid the use of public Wi-Fi networks. More
secure Wi-Fi connections require passwords & are easily identified as “WPA
or WPA2”. Highly insecure Wi-Fi is open for anyone to connect to & may be
labelled as a “WEP” (Wired Equivalent Privacy).
ü
Don't click on the links provided in suspicious
e-mails even if they look genuine as this may lead you to malicious websites and
this may be an attempt to defraud your hard earned money.
For Identity Proof Card’s Security
ü
Never leave the discarded photo copy of your
identity proof card at shops.
ü
Never allow the shopkeeper to keep a copy of
your identity proof card in their computer.
ü
Never share your identity proof cards to unknown
persons on social media platforms including WhatsApp.
ü
Never share your property papers or other
personal information on social media platforms.
For Password Security
ü
Keep a strong password of at least 13 characters
with alphanumeric, special character, upper case & lower case combination.
ü
Keep two factor authentication for all your
accounts.
ü
If you suspect that any of your account has been
hacked, immediately change the password and contact the nearest Police Station.