Lesson Account profile and security

Common Online Security Threats and How to Avoid Them

Tips to keep your information secure in an online world.

In today's online world, security fraud is prevalent and poses a significant risk to individuals and businesses alike. To help safeguard your personal information and finances, it's essential to be aware of common online security threats and preventative measures you can take.

Below are a few of the most common online security threats and what you can do to help protect yourself from them.

Phishing

Phishing is when cybercriminals pretend to be trusted institutions, organizations, or people that will deceive individuals into disclosing sensitive information such as login credentials, credit card numbers, or other personal data. These attacks usually involve fake emails, links or attachments that appear legitimate but are designed to steal information or dispatch malware. To prevent these types of attacks, be sure to always verify the legitimacy of any email, link or attachment. Do not click on any suspicious links, and never share any personal information via email to unknown sources.

Identity Theft

Identity theft is when someone takes your personal information and uses it to do things like take out loans, open accounts, or open credit cards in your name. Your personal information can also be used to trick the people around you into sending them money or personal information thinking they are helping you. To prevent identity theft, be sure to always keep your accounts secure through strong, unique passwords and the use of MFA (multi-factor authentication), use different passwords for different accounts in case one should be breached, and never use personal passwords for corporate accounts and vice versa. Be sure to also keep all personal information confidential and never share without confirming the identity of whom you are sharing it with.

Ransomware

Ransomware attacks are a type of malware that encrypts your files or blocks access to a computer system, then demands a sum of money for the release. To protect yourself from these attacks, make sure to back up your data, avoid downloading anything from unsecure sources, avoid clicking on any suspicious links and ensure that your software is always up to date to avoid potential vulnerabilities.

Online Shopping Scams

Online shopping scams are when a fraudulent website offers a product or service for sale, but never delivers or honors the transaction. To avoid these scams, shop from reputable retailers, read reviews on trusted websites and double check all URLs for legitimacy. Additionally, be sure to always use secure payment methods when making online purchases.

Social Engineering Attacks

Social engineering attacks happen when a cybercriminal uses psychological tricks such as persuasion and confidence to convince individuals into divulging sensitive information. Traits to look for in social engineering attacks are: they are time-sensitive, they play on emotions and they are crafted in such a way that the threat actor appears to be trustworthy. These attacks can take place over the phone, email, text message, or any other form of communication. To prevent these types of attacks, be cautious when sharing private and confidential information with anyone you do not know. Always take measures to verify any sources or organizations that ask for personal information before providing it.

Fake Tech Support Scams

Fake tech support scams are when any unsolicited calls or pop-up messages claim that you are in need of technical assistance. To stay safe from these, ignore any of these attempts and only seek tech support from trusted companies.

Online Investment Scams

Online investment scams are when an individual is enticed with false investment opportunities that lead to financial loss. To protect your assets, conduct thorough research on investment opportunities and be sure to invest only through trusted platforms or financial institutions.

Online Dating Scams

Online dating scams occur when a fake persona or dating profile is created with the intent to build trust and manipulate their victims into sending money or revealing personal information. To prevent being scammed, be cautious of anyone asking for money or personal information online and take steps to verify the identity of the person you’re interacting with.

Email Account Hijacking

Email account hijacking is when an individual's email account has been accessed by a cybercriminal. These attacks can lead to the criminal gaining access to the individual’s personal information and log-in credentials for accounts. To prevent this, enable multi-factor authentication (MFA) for your email accounts, use different passwords between sensitive and less important accounts. Having strong, unique, and separate passwords for your accounts means that if cyber criminals steal the password for one account, it cannot be reused for other sites.

Remember that staying informed is crucial to online security. Be sure to exercise caution online in any situation that could expose your personal information. Additionally, keep your devices and software up to date, use strong and unique passwords, and invest in reliable antivirus software. By following these precautions, you can help reduce the risk of falling victim to common online security frauds.

For more ways to keep your Questrade account secure, explore our account security centre.

Note: The information in this blog is for educational purposes only and should not be used or construed as financial or investment advice by any individual. Information obtained from third parties is believed to be reliable, but no representations or warranty, expressed or implied, is made by Questrade, Inc., its affiliates or any other person to its accuracy.

Related lessons

Want to dive deeper?

Read next

Explore

Have more questions?

Tell us what you need help with, and we’ll get you in touch with the right specialist.