Eight ways to prevent data leakage and malicious attacks – HKCERT

    Large-scale data breaches have been happening at a high frequency around the world recently. They involve different industries, such as finance, hospitality and information technology. The most serious incident of the year allegedly involved 1 billion personal data. Information security is now part of daily life.

    The advancement of technology has allowed hackers to expand the scope of attacks for a profit with new attack techniques emerging one after another. This makes information security a more concerning issue to Internet users. Hackers can use the information obtained illegally, such as e-mails, phone numbers and passwords, to launch cyber attacks on individuals or businesses, incurring a financial and reputational loss.

    Photo for illustrative purposes only. | Photo by Max Bender/Unsplash/NHA File Photo
    Photo for illustrative purposes only. | Photo by Max Bender/Unsplash/NHA File Photo

    Subscribe to our Telegram channel to get a daily dose of business and lifestyle news from NHA – News Hub Asia!

    One example of such attacks is that hackers will try to pretend to be someone the victims know in real life and send spoofed emails or instant messages, to gain their trust and lure them to click on phishing links. In view of this, as a local information security expert, the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) of the Hong Kong Productivity Council calls on individuals and enterprises to always pay attention to cyber security and to take steps to secure their data properly.

    Below are some simple pieces of advice from HKCERT and the Office of the Privacy Commissioner for Personal Data to prevent data leakage:

    1. Do not open suspicious emails or messages to prevent phishing
    2. Never open hyperlinks or download any attachments from unknown emails
    3. Never disclose your personal data including identity card, bank account and credit card information via email or any unknown websites
    4. Never disclose or share your password with others
    5. Never login your online bank account or any sensitive online accounts through public Wi-Fi
    6. Handle transactions of e-wallet from email with due care. Never sign or confirm without verification
    7. When using any online services, change your password regularly and enable multi-factor authentication
    8. Download operating systems or applications from official sources and keep them up to date

    More information:

    For information security-related incidents, for example, ransomware, phishing, denial of service attacks, etc., please report to HKCERT through its online Incident Report Form at https://www.hkcert.org/incident-reporting. For other enquiries, please contact HKCERT by email: hkcert@hkcert.org or call its 24-hour hotline: 8105 6060.

    Source: HKCERT