It doesn’t matter if you are a CEO, accountant, or dog trainer – everyone needs to be secure online. October is National Cyber Security Awareness Month (NCSAM) and one of the main goals of the event is for us “security experts” to think of new ways we can educate our family, friends, and peers to be secure online. Even with all the technology available to businesses now, we still find the human element of security to be the weakest link.
To help keep end users safe, we at CCSI have come up with five areas to think about to help you stay secure.
Social Media: Just think about it
Most of us are active in some shape or form on social media, but it can be a dangerous place if used incorrectly. Take for example, English soccer star John Terry, who thought it would be nice to share with his millions of followers on Instagram photos and videos live from his skiing trip. This allowed malicious users to see John and his family were on holiday, giving them the perfect opportunity to raid his $5 million mansion!
Pro-tip: It’s nice to share events with your friends and family, but don’t let people know you’re not at home!
Phishing: Hook, line and Stinker
According to an article on Dark Reading, 91% of attacks start with a phishing attack.
To ensure you don’t fall victim to an attack, remember these five tips:
- Check who the sender is! Do you recognize the individual, company, or anything about them? If not, just delete it.
- If the email is from a friend, check for typos and style! If you’re still not sure and they have a strange request – give them a call to confirm.
- Check the sender’s email address! If you receive an order confirmation from someone like, Amazon, but don’t remember ordering anything – make sure it’s from the correct email account. It’s easy for malicious actors to purchase spoofed email accounts and send information from an account that looks legitimate like amazon_orders@amazom.com (check the “m” on the end of amazon).
- Before you click on anything, make sure the links are genuine! People can use link shorteners or other forms of sneaky behavior to mask the fact it’s a malicious link. If you are not sure, don’t click!
- If you have any doubts, just delete! If it’s important, the sender will get back in touch or find another way of contacting you.
Patch and Protect: Install security tools and keep systems updated
Most exploited vulnerabilities could have been patched. Now, in a huge organization it’s difficult to keep up to speed with everything and prioritize your systems, but on your own computer, you should be responsible for keeping windows and other programs up to date. Lots of updates are performance related, but many will include security and bug fixes too! Also, ensure you use a reputable anti-virus product and malware detection solution, such as this free tool from Malwarebytes.
Passwords & 2FA: Defence in depth
Almost everything you have access to online needs a password. Whether it’s social media, banking, or online shopping. When creating a password, you have to be aware of a few things.
- Do not duplicate passwords across multiple sites. If you use the same password for everything, once a breach has happened on one site, all your accounts are vulnerable.
- Do not make it easy! You would be surprised the amount of users that have passwords like “123456”. Make your password long, complex, and use a mixture of different characters.
- Use a password manager. Site’s like LastPass help you manage all your passwords across the internet by storing them in a secure vault. All you need to do is remember the password for the vault, making life easier and more secure.
- Enable two-factor authentication (2FA). Over time, more sites are adopting 2FA as means of making your accounts more secure. For sensitive data, it’s essential to use 2FA to add that additional layer of defence. Find out more here.
Stop: Do not share personal information online
For the average user, many scenarios wouldn’t even resonate as being dangerous – but anything that is of value to you, could also be used against you! Here are some examples:
- Are you ever tempted to share that picture on social media of plane tickets for your next vacation? Stop, that data can be comprised by hackers!
- As mentioned before, sharing those holiday snaps whilst you are away can let malicious users aware that you are not at home. Be very careful what you post on social media! Don’t share anything that is private or could jeopardise your safety.
- Found a great deal online? Be careful if you don’t know the source. Do a quick search online for the company, check out reviews and if you’re not sure – ask a friend or family member to have a look. Remember the saying, “if it’s too good to be true, it usually is”.
- Always be careful when receiving emails from suspicious parties. We have all had that email from a Nigerian prince who needs your bank details to help transfer $10,000,000 in exchange for a 10% cut. If it sounds suspicious, ignore it and delete. Please don’t send your account details!
Staying safe online is paramount to the future of the internet. Malicious actors are always two steps in front of us and they target the weak and vulnerable to make a quick return. It’s important to talk with friends and families about ways you can stay secure, sharing information, and tips to make it easier.
To learn more about how you can stay safe online, check out this infographic from Stay Safe Online.
