October is here and that means it’s the start of the National Cyber Security Awareness Month sponsored by the Department of Homeland Security. This falls at a particularly troubling time as we’ve seen a number of high profile breaches occur in just the past 30 days. I often get asked the same question by people: ‘with all these breaches happening, what can I do to protect myself?’. Well I’m here to share a couple tips on how to stay safe.
First things first, don’t go online ever. I’m kidding of course, but the reality is that as soon as you get online, you’re putting your personal data at risk. The unfortunate truth is that you as a user could do everything you possibly can to keep your information safe, but if a website is attacked, your personal information is up for grabs. But we all have a need to get online, so knowing that it’s a hostile environment, we need to constantly be on our toes. The same guard you have up in the real world needs to be applied to the digital world as well. If someone on the street says, “Hey I have a Rolex here, I’ll sell it to you for 20 bucks”, you’d probably think this is a scam and the watch is a fake. Well, the same hesitation should be enabled for your digital actions as well. Get an email that says you’ve won a free car? Probably don’t click on that email. A website is asking you for your social security number, mother’s maiden name and credit card number? Might not be wise to put all that information in. Just stopping, analyzing the situation and erring on the side of caution can make a huge difference.
That brings me to my first big tip: DO NOT TRUST LINKS AND ATTACHMENTS IN EMAILS, SMS, CHATS, ETC. I can’t stress this enough, just don’t do it. It’s one of the oldest tricks in the book and most people know the name for it already: it’s called phishing. The bad guys are trying to lure you into clicking on a malicious link so they can gain personal data from you or try to install malware on your computer. Just don’t do it, resist the urge!
My second tip is one of my favorites as it prevents people from accessing your account with a previously stolen password.
We’re all humans and we naturally try to make our lives easier. When it comes to passwords we create, we are not the most secure and creative bunch. Most folks will use the same password on every website. When a site gets breached and your password is stolen, attackers can use those passwords on any of the sites you use the exact same password on. Obviously, changing up your password is a good idea and keeping unique passwords is always smart. But these can be guessed or hacked by brute forcing password combinations. Instead, users should always enable what’s called two-factor authentication. By doing this you will not only input your password upon login, but you’ll also need to input a small string of numbers that will be sent to you either by text, email or voice message; you’re not only proving you know your password, but also that you have a device or access to another system that only you should have access to. This makes it difficult for a bad guy to login to your account without also having to steal your phone. Turn on two-factor authentication whenever possible.
My last tip is an unfortunate one but it’s necessary. Constant monitoring of your credit card and credit history is vitally important. Even if you have never logged into any site in your entire life, a company could get breached and your data could be leaked. Even by taking every precaution you can be a victim. By constantly monitoring your credit, or signing up for a service that monitors this for you, you’ll be alerted if anything nefarious is happening with your accounts. It’s better to know quickly and be able to act upon it, then to find out years from now that you have 6 surprise mortgages that are all past due.
I hope this year’s National Cyber Security Awareness Month gains more attention from everyone, as we desperately need companies and users to work together to secure our personal identity and online safety.