Meet "Dennis from accounts*" whose life was turned upside down after clicking on an online ad that promised "10 ways to build more muscle".
It looked legit, so he decided to sign up, creating an online login profile to complete his order, which involved giving his email and creating a password. Trouble for Dennis was, he used a password he uses for all sorts of things…. like Facebook, Instagram and Gmail (thankfully not his bank account).
Next thing he knew, his friends on Facebook were asking if he'd been hacked.
Malicious messages were being sent from him to his friends and family, things were starting to spiral. The hacker had accessed his Gmail and promptly changed Dennis' password, and then set about changing his passwords on all his social media accounts.
Once the Police got involved, Dennis was able to persuade the hacker he'd been sprung by identifying he was operating from a shady internet café at Aotea Square.
The hacker gave up the password and Dennis was able to get his online life back. He was lucky. But he shares these top tips for "protecting your online self" with us:
Check your privacy and security settings and add two-factor authentication to your login process.
Have unique passwords for all your accounts, but particularly for online banking and your password recovery email.
Be wary of online ads. What seems to be too good to be true probably is, don't go there.
Do not publish personal information on social media, it can be used against you in your security questions.
Be careful accepting new friend requests, steer clear of people you don't know.
This Cyber Smart Week, take some time to look at your online connections and what you choose to share with them. While Dennis was able to recover his online life after months of torment, you might not be so lucky.