1. Never click links you do not trust. If someone sends you a message asking you to log into one of your accounts, do not use the link they sent you. Open a web browser and manually go to the account in question.
2. Don’t let anyone pressure you into making a rash decision. Criminals will try to create a sense of urgency when they have you on the line. They do this to make you think quickly and make a mistake. Take a breath and if needed and tell the person you will get back with them so you can think things over.
3. Keep your software up to date and remove software you are not using. This is in addition to keeping Operating Systems (Windows, MacOS, Android, iOS) updated. Someone looking to exploit you will look at everything you have installed on your computer or phone. Maybe that forgotten and unpatched application you installed a year ago to join someone’s conference call? It could have a bad security issue. An issue like this can be a cyber-criminal’s way in if left unpatched.
4. Phishing red flags:
Poor English, grammar, or weird words\combinations can signal a phishing message. For example, the word “kindly” is not a common word and is very prevalent in spam emails we process here at GFI Digital.
Phishing can happen on any platform. One common style is “smishing” or phishing via text message. Be careful opening text messages or clicking on links in messages from someone you do not know.
Gift cards are a common way for scammers to take money from their victims. If someone is asking you to buy them gift cards, stop and think about what you are doing before you proceed.
Payroll changes are another common way scammers will try to steal money. Always verify any attempt to change bank or payroll changes with the person requesting the change.
Scammers will create a bogus email address, but with the name of someone you know (often an executive in the company). When you glance over the email, it looks like it came from them, and you feel a sense of trust. Always verify who sent the email by looking a the email address it came from.
5. Over sharing sensitive information online is an overlooked issue. Here are a few examples:
Photos with computers in the background can tell someone what brand of computer you have and what types of software are installed on it.
Posting about a present or future vacation can give criminals a window of opportunity to take advantage of your absence.
Posting your job title or the company you work for can help criminals select targets when they go to phish or steal from you.
6. Password security is paramount. These are things you can do now to help improve security:
Do not use simple passwords and do not reuse the same passwords. If someone steals your credentials, they are going to try those credentials in every online vendor, bank, etc. to see where they can get in.
Password cracking software exists that will attempt to expose your passwords by using giant lists (called dictionaries) of simple or common words. Longer and more complex passwords may not stop a dedicated attacker, but it can add days, months, or years to the cracking process I mentioned before.
A common best practice now is to use a password manager to help you keep track of and use different passwords for all of your accounts.
7. Always use antivirus on your computers. So much happens behind the scenes and at speeds unnoticeable to track on your computer. Good antivirus software will monitor and try to keep bad things off your device. It may not catch everything though, so that it is why it is important for you to be attentive to what you are doing on your computer or mobile device.
8. Think of how much personal information you push through your cell phone every day and you can imagine why it is a prime target for criminals. Your cell phone is a small computer, so you need to treat its security the same as you would any other device. Here are some things to consider:
You should consider using anti-virus on your cell phone.
Your smart phone should require security to unlock it and you should never leave it unlocked when you are not using it.
Be wary of free applications and applications from publishers you do not trust. Some apps may not be malicious, but they harvest data about you to be sold to other companies.
With that in mind, be careful about what permissions you allow within applications and delete the apps you no longer use.
9. Wi-Fi security is often overlooked.
Your personal Wi-Fi should require a strong password to connect and use the strongest security possible. Even if you think you have nothing to hide or lose, a criminal can still connect and commit crimes through your Wi-Fi network. This can lead police back to you during an investigation.
Be careful of what you send through a public Wi-Fi connection. If certain security precautions are not in place, the person who runs the Wi-Fi network can harvest data and see what you transmit.
Remove old saved Wi-Fi networks from your devices. A common tactic for attackers is to setup malicious Wi-Fi networks with common names (think Starbucks Wi-Fi, etc). Then, they hope your device will auto connect when you are nearby so they can exploit or capture data from it.
10. Do not use CDs, flash drives, or any other media from sources you do not trust. A common tactic for criminals is to offer free USB drives (sometimes saying there is music on them). They can also drop them on the ground in front of businesses or homes hoping someone will use them with their computer. Drives and CD’s like this can have malware built into them.
11. Finally, do not be afraid to ask for help. Ask friends and family at home and coworkers at work to double check anything you are not certain about.
More Cybersecurity Articles:
Comments