April Security Awareness News

• Top Tips for Personal Security
• 5 Security Tools Everyone Should Use
• Common Scams to Watch Out For

Top Tips for Personal Security
Let’s shift our focus from how you can help your organization remain secure to how we can help you stay secure. Here are a few tips to avoid data theft, financial loss, or malware infections:

• Stay alert for phishing attacks
  Phishing is one of the most common attacks you’ll encounter both at work and at home. Stay on the lookout for common warning signs like bad grammar, misspellings, threatening language, and a sense of urgency. Don’t click on any links or download attachments that came to you randomly.
• Think like a scammer
  Before sending someone money or revealing personal information, think through the situation from a scammer’s perspective. Does it seem like a good way to defraud someone? Does anything seem out of the ordinary? Trust your instincts and avoid assuming someone is who they claim to be.
• Stay safe on social media
  Unless you’re trying to build a personal brand, it’s best to set your social media accounts to private and always vet anyone who wants to connect with you. Cybercriminals search public profiles for any information that might be useful to carry out scams.
• Protect your mobile devices
  From messaging to banking to social media, our smartphones open a lot of digital doors. If available, enable remote services that allow you to locate a missing device or erase all data when the phone can’t be recovered. Only download applications from trusted sources, and keep an eye on the permissions any software asks for.
• Replace your passwords with passphrases
  We need our passwords to be easy to remember, yet hard to crack. Passphrases accomplish this by forming a sentence (at least 16 characters long) that is meaningful to you and only you. Obscure song lyrics or book quotes, for example, make for great passphrases.

5 Security Tools Everyone Should Use

1. Password Managers
   • The problem: most of us have dozens upon dozens of passwords to remember.
   • The solution: a program that remembers them for you and stores them behind one master password.
     That’s the job of a password manager— software that can create, store, and sync your login credentials across multiple devices. Be sure to make your master password strong, unique, and memorable.
2. Multi-factor Authentication (MFA)
   • The problem: if your password gets stolen, you could lose control of your account.
   • The solution: requiring a second code before access to an account is granted.
     Even if you enter the correct username and password for an account, MFA prompts for a second code that’s sent via some other communication method. Enable it wherever possible.
3. Ad Blockers
   • The problem: online advertisements are annoying and can be dangerous.
   • The solution: browser plugins that block most advertisements and popups.
     Cybercriminals can inject legitimate websites with malicious ads. Ad blocking plugins automatically eliminate most of them and will make your browsing experience more enjoyable and more secure.
4. Antivirus Software
   • The problem: computer infections lead to data theft and/or poorly performing devices.
   • The solution: software that detects and removes malicious programs or code.
     While free versions of antivirus programs work well, paid options have many extra features you might find valuable. Do some research, find one that fits your needs, and install it on all devices.
5. Alternative Browsers
   • The problem: many websites and web browsers track and store information about users.
   • The solution: using an alternative browser that focuses on privacy instead of data collection.
     If you want to avoid the potential privacy concerns related to your internet activities, consider using a browser that, by design, blocks internet trackers and doesn’t store browsing habits.

Remember, at work, always follow policies and never install any software or applications unless they’ve been explicitly approved.

Common Scams to Watch Out For
Cyber criminals are opportunistic. They’ll gladly target individuals just like they do large organizations. Let’s explore a few common scams that anyone might encounter.

• The fake rental property
  Imagine paying a deposit on a new rental home, only to find out later that someone already lives there. Rental scams usually involve a fraudulent listing of a real property. The scammers sometimes figure out how to copy keys (or break into the home to unlock it) so the victim gets an opportunity to view the home in person.
• The caller who demands payment by gift cards
  The caller might claim to be from a power utility company or a financial collection agency and threaten you with fees or account closures. Instead of a traditional payment, they ask you to purchase gift cards and provide the relevant information on the cards.
• The extortionist
  Fear is the most powerful ingredient in extortion scams. They typically involve an email with a threatening subject line like “I saw what you did.” The messenger claims they used remote desktop software to record your screen and your webcam. They then threaten to send the video to all of your contacts unless you immediately pay the scammer.
• The one where your account has been suspended
  This common phishing scam comes via an email that features logos and contact information from a real business. The message states that your account has been suspended due to fraudulent activity and that you must update your login credentials, or the account will be closed permanently.

In all cases, you can easily avoid becoming a victim by:

• Using situational awareness and common sense
• Verifying someone’s legitimacy before sending payment
• Slowing down if a situation is emotionally triggering or unrealistic
• Thinking before clicking or downloading anything