Daniel Markuson of VPN service provider NordVPN has revealed what he described as the “five deadly sins” commonly made online that are high-risk openings to hackers and scammers.

“Over the past few years, we noticed an interesting privacy paradox worldwide. As well all know, people express privacy concerns and fear identity theft. Yet they still reveal their personal details online for the sake of creating their online personas or for small bounties,” said Mr Markuson.

“The existing pool of leaked data creates an invaluable resource for hackers. Because of that, in 2019 we’ll see even more identity theft, phishing scams, personal data leaks and financial losses.”

According to the firm, there are five key weaknesses that are still catching out many people — most of which are fairly obvious and already well publicised.

1. Weak passwords

“This is the biggest sin you can do online”, the company said.

However, the biggest sin remains one of the most common. According to NordVPN, the most popular password globally today is still “password”.

VIEW ALL

A separate study last year by Okta suggested that just 4.4 per cent of business passwords adhere to the “default policy” of being at least eight characters in length, and combining numbers and both upper and lower case letters.

Half of all passwords it examined were too short.

2. Getting tricked with phishing emails and messages

Phishing scams are becoming ever more personalised, and hence trickier to spot.

“Even if an email or message contains a personal greeting, your address, or other sensitive details, it doesn’t mean that it comes from your bank,” it said.

Such scams often impersonate large organisations or government departments, including telcos, energy and software giants, and even the tax office.

3. Oversharing on social media

Posting things online in your youth may seem like a good idea at the time, but as NordVPN notes, they “will still be there when you are a company director down the road”.

As such, it is important to avoid posting things that may cause regret later on, and personal information — such as phone numbers, addresses and other identifying information — should stay personal.

Indeed, this was one of the ways in which scammers are accessing mobile phone numbers, according to the Telecommunications Industry Ombudsman, which are then being used to raid bank accounts.

The company also strongly suggested that travel photos are always best posted on your return home, and not while your home — and potentially your business premises — sit empty.

4. Connecting to public Wi-Fi

“Those are true goldmines” for hackers, the company said.

Last year, the Australian Cyber Security Centre (ACSC) revealed that losses from using free Wi-Fi hotspots hit $48 million. One such con job involves posing as a legitimate online retailer.

5. Installing too many apps

They may seem convenient, but not all apps and browser extensions are good. Some of them were only created to track your online activities and browsing habits or even steal your data, the VPN provider said.

This article originally appeared on Lawyers Weekly's sister publication, My Business.