Resources
News
Ransomware
Ransomware Ransomware is a special type of malware. Once it infected your computer, it encrypts all of your files and demands you pay a ransome if you want your files back. Be suspicious of any emails trying to trick you into opening infected attachments or click on malicious links, common sense is your best defense. In addition. backups are often the only way you can recover from ransomware.
Mobile Apps
Mobile Apps Only install mobile apps from trusted places, and always double-check the privacy settings to ensure you are not giving away too much information.
Social Media Postings
Social Media Postings Be careful: the more information you post online about yourself, the easier it is for a cyber attacker to target you and create custom attacks against you or your organization.
Secure Your Home Wi-Fi Network
Secure Your Home Wi-Fi Network Be aware of all the devices connected to your home network, including baby monitors, gaming consoles, TVs, appliances or even your car. Ensure all those devices are protected by a strong password and/or are running the latest version of their operating system.
Never Give Your Password Over the Phone
Never Give Your Password Over the Phone Never give your password to someone over the phone. If someone calls you and asks for your password while saying they are from the Help Desk or Tech Support team, it is an attacker attempting to gain access to your account.
Securely Deleting Files
Securely Deleting Files When you delete a file, that file is actually still on your computer. The only way you can truly and securely remove a file is by wiping it or using some type of secure deletion.
Cloud Security
Cloud Security One of the most effective steps you can take to protect your cloud account is to make sure you are using two-step verification. In addition, always be sure you know exactly whom you are sharing files with. It is very easy to accidently share your files with the entire Internet when you think you are only sharing them with specific individuals.
Back up Your Files
Back up Your Files Eventually, we all have an accident or get hacked. And when we do, backups are often the only way to recover. Backups are cheap and easy; make sure you are backing up all of your personal information (such as family photos) on a regular basis.
Use Caution Opening Email Attachments
Use Caution Opening Email Attachments A common method cyber criminals use to hack into peoples computers is to send them emails with infected attachments. People are tricked into opening these attachments because they appear to come from someone or something they know and trust. Only open email attachments that you were expecting. Not sure about an email? Call the person to confirm they sent it.
You Are a Target
You Are a Target You may not realize it, but you are a target. Your computer, your work and personal accounts and your information are all highly valuable to cyber criminals. Be mindful that bad guys are out to get you.
Browse With Encryption
Browse With Encryption When browsing online, encrypting your online activities is one of the best ways to protect yourself. Make sure your online connection is encrypted by making sure HTTPS is in the website address and/or that there is a lock next to it.
Detecting Fraud
Detecting Fraud Review your bank, credit card and financial statements regularly to identify unauthorized activity. This is one of the most effective ways to quickly detect if your bank account, credit card or identity has been compromised.
Forwarding Emails
Forwarding Emails When you forward an email to others or copy new people to an email thread, review all the content in the entire email and make sure the information contained in it is suitable for everyone. It is very easy to forward emails to others, not realizing there is highly sensitive information in the bottom of the email that people should not have access to.
Patch and Update
Patch and Update One of the most effective ways you can protect your computer at home is to make sure both the operating system and your applications are patched and updated. Enable automatic updating whenever possible.
CEO Fraud
CEO Fraud CEO Fraud is a type of targeted attack. It commonly involves a cyber criminally pretending to be your boss, then tricking or fooling you into sending the criminal highly sensitive information or initiating a wire transfer. Be highly suspicious of any emails demanding immediate action and/or asking you to bypass any security procedures.
Kids and Screenshots
Kids and Screenshots If you have kids with mobile devices, create a central home charging station in a place like your bedroom. Before the kids go to bed at night, have them put their mobile devices there so they are not tempted to play with them when they should be sleeping.
Two-Step Verification
Two-Step Verification Two-step verification is one of the best steps you can take to secure any account. Two-step verification is when you require both a password and code sent to or generated by your mobile device. Examples of services that support two-step verification include Gmail, Dropbox and Twitter.
Bluetooth
Bluetooth Turn off Bluetooth if you are not using it on your computer or device. Not only does this make it more secure, but it also saves battery life.
Plugins
Plugins Every plugin or add-on you install in your browser can expose you to more danger. Only install the plugins you need and make sure they are always current. If you no longer need a plugin, disable or remove it from your browser via your browser's plugin preferences.
Shopping Online
Shopping Online When shopping online, always use your credit cards instead of a debit card. If any fraud happens, it is far easier to recover your money from a credit card transaction. Gift cards and one-time-use credit card numbers are even more secure.
Conversations
Conversations When traveling, it is very easy to forget where you are when discussing business with colleagues. That airport, taxi, restaurant or hotel lobby may have individuals nearby eavesdropping on your conversation. When discussing confidential information, agree to hold off on the conversation until you can be assured of privacy. Also, be careful not to share sensitive information with strangers you meet.
Unique Passwords
Unique Passwords Make sure each of your accounts has a separate, unique password. Can't remember all of your passwords/passphrases? Consider using a password manager to securely store all of them for you.
Search Yourself Online
Search Yourself Online Ever wonder just how much information is publicly available about you? Ever wonder how cyber criminals harvest information and customize attacks for their victims. The technique is called Open Source Intelligence (OSINT) and it is far simpler and more powerful than you think.
Smart Home Devices
Smart Home Devices Now adays most of us have numerous devices in our homes connect to the Internet. From thermostats and gaming consoles to baby monitors, door locks or even your car. Ensure you change the default passwords on these devices and enable automatic updating.
Email Auto-Complete
Email Auto-Complete Be careful with email auto-complete. This is an email feature that automatically completes a name for you when you begin typing it in the TO field. However, your email client can easily complete the wrong name for you. If you are emailing anything sensitive, always be sure to check the TO field a second time before hitting the send button.
Securely Disposing Mobile Devices
Securely Disposing Mobile Devices Do you plan on giving away or selling one of your older mobile devices? Make sure you wipe or reset your device before disposing of it. If you don't, the next person who owns it will have access to all of your accounts and personal information.
Reporting an Incident
Reporting an Incident Bad guys are very persistent, eventually anyone can make a mistake. If a phone call from the "Help Desk" doesn't sound quite right, if an email seems suspicious or if a program you installed starts acting funny, ask for help! In addition, perhaps you lost a work laptop or a USB drive. The sooner you report an incident, the sooner we can help resolve the problem.
Personalized Scams
Personalized Scams Cyber criminals now have a wealth of information on almost all of us. With so many hacked organizations now a days, cyber criminals simply purchase databases with personal information on millions of people, then use that information to customize their attacks, making them far more realistic. Just because an urgent email has your home address, phone number or birth date in it does not mean it is legitimate.
Phone Call Attacks
Phone Call Attacks More and more scams and attacks are happening over the phone. Whenever you get an urgent phone call on the phone pressuring you to do something (such as a caller pretending to be the tax department or Microsoft Tech Support) be very suspicious. It's most likely a scammer trying to trick you out of money or pressure you into making a mistake. Protect yourself, simply hang up the phone. You are not being rude, the person on the other line is trying to take advantage of you.
Careers in Cybersecurity
Careers in Cybersecurity Have you considered a career in Cybersecurity? It is a fast-paced, highly dynamic field with a huge number of specialties to choose from, including forensics, endpoint security, critical infrastructure, incident response, secure coding, and awareness and training. In addition, a career in cybersecurity allows you to work almost anywhere in the world, with amazing benefits and an opportunity to make a real difference. However, the most exciting thing is you do NOT need a technical background, anyone can get started.
Anti-Virus
Anti-Virus Make sure you have anti-virus software installed on your computer and that it is automatically updating. However, keep in mind that no anti-virus can catch all malware; your computer can still be infected. That is why it's so important you use common sense and be wary of any messages that seem odd or suspicious.
Keeping Passwords Simple
Keeping Passwords Simple We know at times this whole password thing sounds really complicated. Wouldn't be great if there was a brain dead way you could keep passwords simple and secure at the same time? Well, it's not nearly as hard as you think. Here are three tips to keeping passwords super simple while keeping your accounts super secure.
Dark Web
Dark Web The Dark Web is a network of systems connected to the Internet designed to share information securely and anonymously. These capabilities are abused by cyber criminals to enable their activities, for example selling hacking tools or purchasing stolen information such as credit card data. Be aware that your information could be floating around the Dark Web, making it easier for cyber criminals to create custom attacks targeting you..
Virtual Private Networks
Virtual Private Networks Virtual Private Networks (VPN) create encrypted tunnels when you connect to the Internet. They are a fantastic way to protect your privacy and data, especially when traveling and connecting to untrusted or unknown networks, such as at hotels or coffee shops. Use a VPN whenever possible, both for work and personal use.
Shopping Online Securely
Shopping Online Securely When shopping online, always use your credit cards instead of a debit card. If any fraud happens, it is far easier to recover your money from a credit card transaction. Gift cards and one-time-use credit card numbers are even more secure.
Scamming You Through Social Media
Scamming You Through Social Media You may be aware that cyber attacks will try to trick you over the phone or through email using phishing attacks, but do you realize they may try to attack you also over Social Media, such as through Snapchat, Twitter, Facebook or LinkedIn? Just like in email, if you get any Social Media messages that are highly urgent or too good to be true, it may be an attack.
Got Backups?
Got Backups? Eventually, we all have an accident or get hacked. And when we do, backups are often the only way to recover. Backups are cheap and easy; make sure you are backing up all of your personal information at home (such as family photos) on a regular basis.
Digital Inheritance
Digital Inheritance What happens to our digital presence when we die or become incapacitated? Many of us have or know we should have a will and checklists of what loved ones need to know in the event of our passing. But what about all of our digital data and online accounts? Consider creating some type of digital will, often called a "Digital Inheritance" plan.
Messaging / Smishing Attacks
Messaging / Smishing Attacks Cyber attackers can just as easily trick or fool you in messaging apps as they can in email. Be on the look-out for scams or attacks via apps such as Slack, Skype, WhatsApp or event simple text messaging. The most common clues are tremendous sense of urgency or curioustiy.
Privacy
Privacy Privacy is more than just settings in your Social Media account or using the Tor Browser. Your data and actions are collected in a variety of ways. The more aware you are of just how much of your data is collected, the better you can protect it.
Secure Your Home Wi-Fi Router
Secure Your Home Wi-Fi Router The most effective steps you can take to secure your wireless network at home is to change the default admin password, enable encryption and use a strong password for your wireless network.
Hosting a Video Conference
Hosting a Video Conference When hosting a video conference, make sure you password protect the conference so only authorized individuals can join. If there are any strangers or people who you do not recongize on the call, remove them.
Updating Plugins
Updating Plugins Every plugin or add-on you install in your browser can expose you to more danger. Only install the plugins you need and make sure they are always current. If you no longer need a plugin, disable or remove it from your browser via your browser's plugin preferences.
Kids and Family Members
Kids and Family Members If you have children visiting or staying with family members (such as grandparents), make sure the family members know your rules concerning technology that your kids must follow. Just because your kids leave the house does not mean the rules about what they can do online change.
Attending a Video Conference
Attending a Video Conference When attending a video conference, make sure you are using the latest version of the conferencing software. In addition, if you are using the video option make sure there is nothing sensitive behind you that others would see.
Security Technology Cannot Stop All Attacks
Security Technology Cannot Stop All Attacks Technology alone cannot protect you. Bad guys are constantly developing new ways to get past firewalls, anti-virus and filters. You are the best defense against any attacker.
Older Generation
Older Generation Using technology securelly can be overwhelming or confusing, especially for those who did not grow up with it. When helping secure those who are uncomfortable with technology focus on just the basics - 1) be aware of social engineering attacks 2) secure your home network 3) keep your systems updated 4) use strong, unique passwords 5) backup your key personal data.
Securing Your WiFi Access Point
Securing Your WiFi Access Point The first step to creating a cybersecure home is to start by securing your WiFi Access Point. Change your WiFi Access Points default adminstrator password to something only you know. Many WiFi Access Points or WiFi routers are shipped with default administrator passwords that are publicly known and posted on the Internet. The first step to creating a cybersecure home is to start by securing your WiFi Access Point. Change your WiFi Access Points default adminstrator password to something only you know. Many WiFi Access Points or WiFi routers are shipped with default administrator passwords that are publicly known and posted on the Internet.
Social Media Privacy Settings
Social Media Privacy Settings Privacy settings on social networks can be confusing to configure and change often. Ultimately, if you do not want your parents or boss reading one of your posts, do not post the message or photo.
Two Home Computers
Two Home Computers If possible, have two computers at home -- one for parents and one for kids. This way they can't accidently infect your computer. If you are sharing a computer, make sure you have separate accounts for everyone and that kids do not have privileged access.
Recording Conference Calls
Recording Conference Calls When hosting or attending conference calls, only record the call if you have prior permission, a work related need to record the call, and you make sure everyone on the call knows it will be recorded.
Don't Lose That Device
Don't Lose That Device Did you know you are 100 times more likely to lose a laptop or mobile devices than have it stolen? When you are traveling, always double-check to make sure you have your devices with you, such as when leaving airport security, exiting your taxi or check out of your hotel.
Major News Events
Major News Events When a major news event happens, cyber criminals will take advantage of the incident and send phishing emails with a subject line related to the event. These phishing emails often include a link to malicious websites, an infected attachment or are a scam designed to trick you out of your money.
Never Share Your Passwords
Never Share Your Passwords Never share your passwords with others, including your supervisor or coworkers. Your password is a secret; it only works if only you know it. If anyone else knows your password, you may be responsible for their actions.
Identity Theft
Identity Theft Identity theft is when someone steals information about you and then uses that information to pretend to be you and commit crimes, such as credit card fraud. One of the key steps to protecting yourself is monitoring your financial, credit score and credit card accounts. The sooner you detect fraud in any of these accounts, the sooner you can minimize the damage.
Never Try to Fix the Problem When Hacked
Never Try to Fix the Problem When Hacked Eventually, we all get hacked. The bad guys are very persistent and we can all make a mistake. If you suspect you have been hacked never try to fix the situation, instead report it right away. If you try to fix the situation, such as paying an online ransom or deleting the infected files, not only could you still be hacked but you are most likely causing far more harm than good.
Finding a USB Drive
Finding a USB Drive Be very careful of any lost USB drives you may find (such as in the parking lot or local coffee shop) or USB drives you are given at public events, like conferences. It is very easy for these devices to be infected with malware. Never use such devices for work, use only authorized devices issued to you by work.
Securing Your Wi-Fi Access Point
Securing Your Wi-Fi Access Point The first step to creating a cybersecure home is to start by securing your Wi-Fi Access Point. Change your Wi-Fi Access Points default administrator password to something only you know. Many Wi-Fi Access Points or Wi-Fi routers are shipped with default administrator passwords that are publicly known and posted on the Internet.
Fake News
Fake News Fake news is a false narrative that is published and promoted as if it were true. People (and organizations) create fake news to control and manipulate your thoughts and actions. Be skeptical of what you read on the Internet, use trusted sources that are vetted, check their motivations and funding.
Email and Emotions
Email and Emotions Never send an email when you are angry or emotional; you will most likely regret it later. Instead, open up an email and write everything you feel, but do not send the email. (Be sure there is no name in the TO field so that you do not accidently send it.) After you have vented, go have a coffee or tea and come back an hour later and re-write your email then. Only reply to any type of emotional situation after you have had time to cool down.