MANILA, Philippines - There was a time when people didn’t need to look both ways before crossing the street and, as cars poured down the road, go through a learning period to do what now comes naturally to us.
In many ways we’re at a similar stage now with the Internet.
More and more Filipinos use the web to make their lives easier, to connect with family and friends, and complete daily tasks like banking and shopping. Yet they’re still not doing the digital equivalent of looking both ways before crossing. According to the Philippine National Police’s Anti Cybercrime Group, our level of awareness of cybercrime is about three or four, on a scale of 10. Luckily, just as it’s not hard for pedestrians to stay safe on the roads, the habits that keep us safe online are neither technical nor complicated. It’s just a matter of knowing the dangers and developing good habits.
By far the most common cybercrime is the theft of a password and other personal information. Phishing is when criminals send emails, text messages, or create websites pretending to be a genuine source such as your bank, but are really created to steal your usernames, passwords or credit card details.
This might seem less dramatic than the big publicized hacks on corporations, but phishing is actually much more effective than you might think. According to research from our security engineers, some phishing scams fool up to 45% of their victims, and once hijackers have your information, they can break into your account in as little as 30 minutes.
All of this may sound scary, but the good news is that companies like Google work hard to keep your information secure. At Google alone, we have hundreds of engineers working full-time on safety and security. However, too often, there is too much coverage of the risks of being online, without enough focus on how people can help themselves keep safe.
Understanding security can be hard, especially for less technical users. We don’t believe that it should be your full-time job to stay secure on the web, and that tips should be easy to understand and put into practice.
That’s why we support efforts like Safer Internet Day that raise awareness about online security, and help families keep safe on the web.
When it comes to phishing, some basic know- how can greatly reduce the chance you become a victim.
• Check the URL in the address bar. It might look right in the email, but it could take you to a scam site designed to steal your personal details. Also check for ‘HTTPS’ in the address bar, which means the site is secure.
• Always check the sender’s email address. Does it look right to you? Phishing emails will often contain spelling mistakes and other irregularities.
• Recognize scare tactics. Genuine sites never use scare tactics to get you to enter your username, password or credit card numbers. This is a red flag that the site may not be genuine.
• Always check the spelling. Even though phishing can be sophisticated, hijackers are not always great spellers. Typos on a website or email could indicate that they are not the real deal.
Some other simple rules can also help keep you safer online. For example, don’t reuse the same password for important accounts. You may have a strong password, but if one account gets broken into, it greatly increases the chances of the others being compromised, too. You don’t use the same key for your house, car, office and post box, so don’t do the same for the keys to your bank, email and social networks.
We’ve also long recommended people set up a second layer of security on your most important accounts. The password is the first line of defense against outsiders who access your emails, photos and social accounts, but it doesn’t have to be the only one. Adding a two-step verification to your Google Account means you will get a special code sent to your phone each time you access your account from a new device. It’s like adding a second lock to your door, so even if someone has your first key, they still won’t be able to get in.
As we live more of our lives online, we believe that convenience and security shouldn’t be a contradiction.
Visit Google’s refreshed security check up tool to manage your account security at google. com/safetycenter.