Cybersecurity is not just for businesses and public sector organisations; it’s for individuals as well. We all know about the various financial scams that come at us through our smartphones and emails but there are other threats posed by public wifi networks and dodgy websites that we need to be aware of as well.
Cybersecurity for individuals is about taking proactive steps to protect your personal information, finances and digital life from online threats, says Eoghan Daly, partner and head of cybersecurity with BDO. “It’s not just about guarding against hackers but also about building good ‘cyberhygiene’ habits,” he advises. “Thinking before you click on a link or open an attachment is also a crucial part of personal cybersecurity, as is being mindful of what you share online.”
In many ways, the mindset and approach for individuals when it comes to personal cybersafety are like those we experience in our working lives, agrees Justin Moran, head of governance and security at Three Ireland. “The criminal’s tactics and aims are broadly similar, except the target is the individual instead of the business or public sector organisation.”
Common personal cybersafety practices include strong password hygiene, enabling multi-factor authentication on personal devices and apps, changing any default passwords on home or office network connectivity and investing in up-to-date antivirus software on those key devices where people save personal and sensitive information, says Moran.
RM Block
Awareness is increasing, but so is the sophistication of online threats. The rise of deepfakes, spoofed websites and AI-generated messages has made it harder than ever to distinguish real from fake especially when urgency or fear is used to push people into clicking quickly.
There is an increasingly solid awareness of threats and scams, but Moran says people can be complacent in their implementation of protective behaviours. “In many cases, people still reuse passwords across multiple sites and apps, avoid multi-factor authentication and anecdotal evidence indicates that people still use public wifi for banking or shopping, all of which significantly increases personal cybersafety risk.”
Another common weak spot is the increasing overlap between our personal and professional lives. Using personal devices for work, or work devices for personal activity, can open the door to breaches that affect not just the individual, but wider organisations or families.
Individuals are most vulnerable to social-engineering attacks, particularly phishing. Phishing involves attackers impersonating legitimate entities (like a bank) to trick people into revealing sensitive information, says Daly. “Their vulnerability often lies in a moment of inattention, or a sense of urgency created by the attacker.
“Unpatched software and devices are another significant vulnerability, as attackers can easily exploit known security flaws.”
Public wifi networks do not offer the necessary protections to help protect people’s sensitive systems and data, including valuable information such as credit card or banking data.
Moran says that fraudsters have access to inexpensive tools and technologies which allows them to monitor and intercept public wifi network traffic, for example, at a coffee shop, on public transport or in public venues. “Anywhere they suspect such information may be readily available to steal from the unsuspecting individual. It is extremely important that people practise personal cybersafety by never transacting or accessing personal and sensitive information over public wifi networks.
“If people are increasingly on the move, take the upfront time to research and invest in established mobile VPN (virtual private network) solutions from recognised providers which will help ensure basic privacy, secure public wifi browsing or access to other services.”
To spot a dodgy website, the first thing to check is the URL, says Daly. “A secure website will have ‘https://’ at the beginning and a padlock icon in the address bar. The ‘s’ stands for ‘secure’ and indicates that the connection is encrypted. Also, pay attention to the domain name.
“Scammers often use URLs with slight misspellings of well- known brands. Other red flags include poor grammar and spelling, a lack of contact information, and offers that seem too good to be true.”
Using a reputable web browser with built-in security features can also help by warning you about known malicious sites.
Moran says another aspect often overlooked is social media engagement and oversharing. “Criminal hackers and fraudsters have the tools and techniques to harvest information across internet and social media sites targeting identity-based information.”
Such information may support fraudulent impersonation-style attacks against the individual with the fraudsters achieving their aim of financial gain. “So, pay attention to those posts and avoid oversharing sensitive or other personal information which may be other’s potential gain.”
Parents and guardians should also be aware of how children interact with digital devices and social platforms. Young people are often targets for scams, cyberbullying or data harvesting through gaming apps and social media. Creating family-wide rules and fostering open conversations about online safety are vital steps.
Daly says that backing up your data is crucial. “This can protect you from ransomware attacks that lock your files and demand payment, as well as from hardware failure.”
As our lives become more digital, cybersafety is becoming a basic life skill – not just a technical one. Everyone has a role to play in reducing risk, one small habit at a time.
