Cybersecurity Digital Lives

Most people do not think of their phone as the most sensitive object they own, but for a large share of the cybercrime cases I have handled with Gujarat Police and CID through Selkey Cyber Security, it was exactly that. A phone holds a person’s banking apps, their photos, their private messages and increasingly their identity documents, all behind a lock screen most people never think to strengthen.

Published September 7, 2021

Digital life is no longer a separate category from ordinary life. Banking, socializing, learning and working all run through the same handful of apps, which means a single compromised account can cascade into several other problems at once. I have seen a hacked social media account used to run a fraud on the victim’s own contact list, and a leaked email password used to reset banking credentials within the hour. The connections between accounts are exactly what make a single mistake expensive.

Banking and payments

UPI and net banking have made money movement instant, and that speed cuts both ways. A fraudulent transaction clears just as fast as a legitimate one. The habits that consistently protect people I have worked with include never sharing an OTP over the phone regardless of who is asking, checking a payment request twice before approving it, and setting a transaction limit on UPI apps so a single mistake cannot drain an entire account.

Social media and messaging

Impersonation is the most common social media-related complaint I see. Someone clones a public profile using photos scraped from it, then messages the victim’s contacts asking for money. The fix is not complicated: keep profiles private where possible, and treat any urgent money request from a contact as suspicious until confirmed through a different channel, such as a phone call.

Family and younger users

A large part of the awareness work Selkey NGO runs in schools exists because younger users tend to trust digital strangers faster than older users do. Simple habits, like never sharing a password with anyone including friends, and knowing how to report and block rather than engage, prevent a large share of the incidents I have seen affect students directly.

Work and cloud storage

Remote work has moved a lot of sensitive material into cloud storage and personal devices that were never designed for it. Separating work and personal accounts, using a password manager instead of reusing passwords, and enabling multi-factor authentication on cloud storage are the three changes that consistently show up in the cases that were contained quickly versus the ones that spread.

The pattern behind all of it

Every category above comes back to the same idea: a digital life is only as secure as its weakest connected account. Fixing one habit, like reusing a password, closes off a surprising number of different attack paths at once. That is the argument I make in every seminar I run, whether the audience is students, employees or business owners. Digital security is not a separate skill to learn on top of an already busy life. It is a small number of habits applied consistently across the accounts that already run that life.