Cybersecurity move

Moving home can be an extremely stressful time, and you typically have a lot to think about and do. Cybersecurity may not be top of mind when you’re preparing to pack, but it’s an important consideration. Vulnerabilities can arise from various parts of the moving process, such as when you back up your old devices or install new IoT appliances.

In most cases, the risks can be mitigated through some careful planning and cybersecurity savvy. In this post, we discuss the most important steps you can take to maintain tight cybersecurity before, during, and after your move.

Before you pack up

Preparation is key, and there are a few things you need to do before you go. Plus, you can spend time ahead of your move researching and planning your cybersecurity strategy. Here are the items that should be at the top of your list:

1. Protect against fraud

A home purchase is the largest transaction most people will make during their lifetime. As such, it’s important to protect against the different types of scams out there. Here are a couple to watch out for, with advice on how to avoid being caught out:

Conveyancing fraud (a form of wire fraud)

In the US and the UK, conveyancing fraud is a growing problem, with property insiders reporting more cases since the Covid pandemic. When a homebuyer transfers their deposit to their solicitor, lawyer, or conveyancer, there’s a chance that a cybercriminal could intercept the transaction and steal the money.

In the UK in particular, the interception tends to occur via phishing emails supposedly sent by the lawyer. The email asks for bank details for transferring the deposit for the property. It works this way as the funds are usually held by the lawyer.

To avoid this type of scam, the usual advice is to go directly to the lawyer’s website (not via a link in an email), call them, and check the bank details over the phone.

Title fraud

In the UK, the US, and Canada, most mortgage providers now offer title insurance. Title fraud actually involves a form of identity theft. The criminal poses as the homeowner to sell the property or to take out a mortgage on it. Insurance protects you from the consequences of title fraud, but to avoid becoming a victim, you can follow best practices, such as not divulging personal information to unknown parties and guarding your mail carefully.

2. Arrange for your mail to be forwarded

Mail redirecting.

Post offices around the globe offer mail forwarding (redirecting) services. In this case, you pay a fee to have any mail addressed to your old address redirected to your new address for a specified period of time. This gives you a chance to change your address with all of your service providers and ensures you don’t end up with mail going to your old home.

The risk here is two-fold. If mail ends up at your old address, it may not be dealt with correctly and could end up in the hands of malicious criminals to be used in identify theft or other crimes. Additionally, you could be missing important documents, such as tax or banking information. You may even miss alerts related to criminal activity, such as the aforementioned identify theft.

Although the fees might seem hefty at the time, it’s always worth the peace of mind to pay for the service. Depending where you are, different terms might be available, for example, six months or one year. Just bear in mind that the service can take a few days or even weeks from the time of application to come into effect, so plan ahead and get this sorted well before you move.

3. Back up securely

Before packing up your desktop computer, laptops, and tablets, it’s prudent to ensure you have secure backups of all of their contents. After all, you just never know what could happen to them in transit.

If you don’t already have a secure backup system in place, then now is the time to get one. You have options when it comes to backing up your data, each with their own pros and cons in terms of price, ease of use, and security.

While many people still like to back up their information to a hard drive, there is the risk of physical damage. For this reason and others, cloud backup systems are extremely popular. Top providers with reputable, secure services include IDrive and CrashPlan. Some providers offer free trials or even free basic plans for small amounts of data storage.

CrashPlan homepage.

It’s actually a good idea to keep more than one backup, especially when it comes to very important files. The three-two-one rule is often recommended, where you keep three copies of your data – two local copies (on different devices) and one offsite (in the cloud).

4. Use strong passwords

This is as a good a time as any to revisit your passwords and implement best practices. Using short easy-to-remember passwords? The same ones for every account? It’s not a good idea to do either of these things.

Short, simple passwords are easy to guess through brute force and dictionary attacks. And using the same password across accounts would mean that a breach of one would expose multiple accounts. Instead, passwords should be unique for every account and consist of a long string of numbers, letters, and symbols.

Dashlane homepage.

Of course, it can be very difficult to keep track of lots of complex passwords. Thankfully, a password manager has you covered and will do the work for you. Some top picks include Sticky Password, LastPass, and Dashlane.

5. Shop around for a great VPN

A Virtual Private Network (VPN) is a necessity for solid cybersecurity these days. A VPN encrypts all internet traffic flowing to and from your device so your information is unreadable to any snoopers. This prevents your Internet Service Provider (ISP) from invading your privacy by tracking your online activities. It also stops hackers from monitoring your communications and stealing your personal information.

A great perk to using a VPN is that all of your internet traffic gets tunnelled through an intermediary server in a location of your choice. In doing so, it switches out your real IP address with one from the VPN server, so it appears to the destination website that you’re in the same location as the server. This is great for bypassing geo-restriction measures on various websites, including streaming platforms like Netflix, Hulu, and Amazon Prime Video, sports websites, gaming services, and more.

During your move

While unloading boxes and unpacking the essentials will be high-priority, so will getting your internet connection and devices set up. Here are some things to consider:

1. Secure your wi-fi router

It’s easy to think that wi-fi routers are set-it-and-forget-it units and that your ISP will take care of security aspects for you. However, it’s always a good idea to take control of your own security and follow a few simple steps to make sure your wi-fi router is as secure as possible:

  • Change the default admin credentials so that it’s difficult for someone who connects to your network to take over your account. Don’t use identifying information in the account name.
  • Limit the number of people who have access to your password and make it difficult to remember in case you do need to pass it out to visitors
  • Stop your router from broadcasting its identifier so that it’s hidden from view. You can turn it on temporarily if you need to connect a new device.
  • Strengthen your wi-fi encryption by using WPA2 or WPA3.
  • Turn off Universal Plug ‘n Play (UPnP) which communicates with manufacturers but also provides a channel for hackers.

Of course, it’s also important to keep router firmware up to date as updates often patch security holes.

2. Consider a router VPN

Upon arriving at your new home, you’ll likely be setting up things like your computers and smart TV as soon as possible. Of course, many of these devices (as well as others) will need to be hooked up to the internet, so getting your wi-fi installed the day of or after your move is a must.

While you’re at it, you may want to consider setting up a VPN on your wi-fi router to protect some or all of your internet-connected devices at the router level. A VPN router will encrypt the traffic flowing to and from any device connected to it. It will also enable you to spoof your location and access geo-restricted services. This is particularly helpful for devices for which there is no native VPN app, such as smart TVs, game consoles, and smart home internet-of-things devices.

ISPs typically won’t be much help here as they’ll require you to use a specific modem-router combo. However, it’s possible to use a dual router setup using an additional VPN router.

FlashRouter dual router setup page.

There are various options for VPN router setup, including purchasing a preconfigured router (simple to set up but pricey) or configuring the VPN yourself on a compatible router. Many of the top VPN providers work with routers, and come with detailed set-up guides to help you configure them correctly. ExpressVPN goes one step further by providing its own router firmware.

3. Choose devices wisely

You may decide to operate other IoT devices such as an alarm system, a virtual assistant (for example, Amazon Echo or Google Home), baby monitors, wearable fitness devices, a game console, a doorbell camera, and more. While some of these are security devices, bear in mind that many come with their own cybersecurity risks.

Smart devices send information to each other and to us, and if we can remotely access that information, then it’s possible that cybercriminals can, too. This is especially concerning when devices are fitted with cameras and microphones, and there have been some cases where unauthorized parties have been able to look or listen in on people’s activities and conversations at home.

For example, webcam hacking is more commonplace than we’d like to think and can originate from something as simple as a user accidentally downloading malware onto their device.

Aside from invading privacy and stealing information, hacking can give a cybercriminal control of a device. This is particularly worrisome for something like an electric door lock where a criminal could open your door remotely and walk into your house. One case of a baby monitor being hacked was particularly alarming as the hacker took control of the microphone and used it to threaten to kidnap the baby.

Before taking the leap into creating a full-fledged smart home, consider which devices you really want and need and how they will affect your cybersecurity. Look out for products with known flaws and check for cybersecurity weaknesses such as cameras or microphones that could be hacked. Note that using a VPN router to protect these devices can be a big help.

4. Shred old documents

While you’re packing or perhaps when you’re unpacking, you’ll no doubt be having a good sort out of many of your belongings. This will likely include old documents, such as bills and bank statements that you no longer need.

Even if these documents have your old address on them, it’s important that these items don’t just get tossed in the garbage. There’s the potential that documents could wind up in the wrong hands and be used in crimes such as credit card fraud and identity theft.

The simplest course of action is to destroy these documents using home shredding equipment. If you have too much to deal with by yourself, you can hire a service that will dispose of bulk documents for you securely. Don’t want to pay for disposal? Some financial advisors and accountants will offer this service free of charge to their clients. You can also look out for events run by local crime units or shredding companies themselves. They will often invite the public to bring their old documents for secure disposal as an initiative against fraud.

After you’ve settled in

Most of the points below should be considered at all times. However, after you move is a great time to refresh your knowledge of cybersecurity and ensure you’re doing all you can to stay safe.

1. Review cybersecurity with family members

Whether you have kids who need guidance with social media, or seniors who need reminding about using email securely, this is an ideal opportunity to review risks and how to mitigate them.

For children, remind them of the dangers of sending explicit messages, images, or videos over social media or email, and help them adjust their privacy settings on their social media accounts.

Unfortunately, seniors are often the targets of online and offline scams, as criminals prey on vulnerable people or those who are unable to make informed decisions. If you have a vulnerable person living with you, teach them about the dangers that are out there (phishing scams are particularly prevalent among seniors) and explain the precautions they can take. In all cases, encourage family members to simply ask for help if they’re facing any challenges navigating the online environment.

2. Look out for phishing links

You’ll likely have a new IP address when you move and this can trigger alerts from online accounts. As such, when logging in to these accounts, you might be bombarded with messages and confirmation emails to check that you’re actually who you say you are. Amongst these, it would be easy for the odd phishing email to sneak past you.

These emails are designed to trick you into handing over personal information such as your address, banking information, or login credentials for an online account. They might request that information is sent in response to the email or that you follow a link (known as a phishing link) and enter details on a fake website.

What’s more, if people know you’re moving, you could become a target for spear phishing. This is when the criminal already has some information about you and uses it to find out more. For example, someone who knows you’ve recently moved could send a link that appears to come from the post office asking you to confirm your details and resend payment information for mail-forwarding services.

Phishing emails are getting tougher to spot, but tell-tale signs of a fake message include poor spelling and grammar, a misspelled company name, or a link that has a mismatched domain name. To see the URL of a link in an email, simply hover over the link (but don’t click it) and the URL should pop up (usually in the bottom left-hand corner of the screen). On a smartphone, long-press the link to bring up the URL.

3. Use your security software

It’s all well and good having things like firewalls, antivirus software, and a VPN in place, but it’s more important you actually use them. Make sure you know how to set up the relevant security software on each device and explain to any other users what they’re there for and how to check they’re enabled.

What’s more, all software, including operating systems and security software should be kept up to date. Many IoT devices will have regular software updates available as well. One of the main reasons for updates is to patch existing vulnerabilities, so it’s always best to run them as soon as possible.

4. Shop securely

There’s no doubt you’re going to need to purchase some items for your new home, whether it’s a few knick-knacks or multiple pieces of furniture. Chances are, with the ease of online shopping, many of those purchases will be made online.

Here are a few tips to follow for safe online shopping:

  • Watch out for sites that don’t look legitimate, for example, those that are poorly designed, have no contact information, or no privacy policy.
  • Avoid shopping online while connected to a public wi-fi network, as these are ideal places for hackers to lie in wait to steal your payment information. If you must shop while on the go, use a VPN (most have native smartphone apps) to automatically encrypt your connection when an unsecured wi-fi network is detected.
  • Pay by credit card or a third-party payment service and avoid paying in cash. Review your credit card statement afterwards.
  • Don’t let sites store your credit card information.

If you’re selling your old items, beware of common scams on online selling and auction sites. One scam involves buyers retracting payment after an item has been shipped, so be sure to check payment has cleared before sending anything. Overpayment scams are also common: in this case, the seller states they have overpaid via cheque or card so you issue a refund, but the cheque or card payment never clears.

4. Follow best housekeeping practices

We’ve mentioned some of these already, but here’s a handy checklist of housekeeping best practices to follow after your move and beyond:

  • Keep software up to date.
  • Use strong passwords.
  • Shred old documents that hold personal information.
  • Avoid sending personal information over email.
  • Keep up-to-date on common online scams and watch out for scam emails, texts, and phone calls.
  • Use a VPN, especially when using public wi-fi.

Cybercriminals are becoming more and more sophisticated and the risks will always be there, but the above steps should help to mitigate them.

Conclusion

Moving home can be stressful enough without having to worry about cybersecurity threats as well. Thankfully, by following the tips above, you can ensure a safe, secure move for all your digital belongings.

The main thing to bear in mind is that, as our world becomes increasingly digitized, there are an increasing number of opportunities for cybercriminals to strike. By staying savvy and educating your family on cybersecurity, you can remain one step ahead.