Cybersecurity Awareness Month: Tips for Internet Security
Tips for Internet Security
The Internet has integrated into every aspect of our daily life from connecting with our friends and family to managing our banking and medical records. Cybercriminals attempt to extract this information by luring Internet users into clicking on malware links or tricking employees into providing company’s financial information. Be on guard for cyber-attacks and support National CyberSecurity Awareness Month (NCSAM) with CyberNINES. Start with these simple tips from CISA and National Cyber Security Alliance (NCSA) to ensure your safety online.
- Double your login protection. Multi-factor authentication (MFA) ensures that the only person who has access to your account is you. You can use it for email, social media, banking, and any other service that requires logging in. If available, it’s highly advised to enable MFA by using one of these options: a trusted mobile device (e.g. your smartphone), an authenticator app, or a secure token—a small physical device that can hook onto your key ring.
- Shake up your password protocol. According to NIST guidance, you should consider using the longest password or passphrase permissible. Never use the same password for different sites. Password managers can help you generate and remember different and complex passwords for each of your accounts.
- Keep up to date. Update your software regularly by turning on automatic updates so you don’t have to think about it, and set your security software to run regular scans.
- If You Connect IT, Protect IT. Update your computer, smartphone, game device, or other network devices to the latest security software, web browser, and operating systems. Sign up for automatic updates, if you can, and protect your devices with anti-virus software.
- Play hard to get with strangers. Links in email and online posts are often the way cybercriminals compromise your computer. If you’re unsure who an email is from—even if the details appear accurate—do not respond, and do not click on any links or attachments found in that email. Be cautious of generic greetings such as “Hello Bank Customer,” as these are often signs of phishing attempts. If you are concerned about the legitimacy of an email, call the company directly.
- Think before you act. Cybercriminals often use a sense of urgency to make you act immeddiately. If you receive a suspicious email that appears to be from someone you know, reach out to that person directly on a separate secure platform. If the email comes from an organization but still looks “phishy,” reach out to them via customer service to verify the communication.
- Never click and tell. Limit what information you post on social media and keep your Social Security Number , account information, and passwords private. Such specific information about you as your full name, address, birthday, and even vacation plans, or your faviourite coffee place, are all that cybercriminals need to know to target you or your loved ones, online or in the real world. Disable location services that allow anyone to see where you are—and where you aren’t—at any given time.
- Keep tabs on your apps. Most connected appliances, toys, and devices are supported by a mobile application. Your mobile device could be filled with suspicious apps running in the background or using default permissions you never realized you approved—gathering your personal information without your knowledge while also putting your identity and privacy at risk. Check your app permissions and use the “rule of least privilege” to delete what you don’t need or no longer use. Learn to just say “no” to privilege requests that don’t make sense. Only download apps from trusted vendors and sources.
- Stay protected while connected. Before you connect to any public wireless hotspot—such as at an airport, hotel, or café—be sure to confirm the name of the network and exact login procedures with appropriate staff to ensure that the network is legitimate. If you do use an unsecured public access point, practice good Internet hygiene by avoiding sensitive activities (e.g., banking) that require passwords or credit cards. Your personal hotspot is often a safer alternative to free Wi-Fi. Avoid clicking on hyperlinks in emails and hover over links to verify authenticity. Only use sites that begin with “https://” when online shopping or banking. The “s” indicates encryption is enabled to protect users’ information.
BEWARE OF THESE COMMON INTERNET SCAMS
- COVID-19 Scams take the form of emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19.
- Imposter Scams occur when you receive an email or call from a person claiming to be a government official, family member, or friend requesting personal or financial information. For example, an imposter may contact you from the Social Security Administration informing you that your Social Security number (SSN) has been suspended, in hopes you will reveal your SSN or pay to have it reactivated.
- COVID-19 Economic Payments scams target Americans’ stimulus payments. CISA urges all Americans to be on the lookout for criminal fraud related to COVID-19 economic impact payments—particularly fraud using coronavirus lures to steal personal and financial information, as well as the economic impact payments themselves—and for adversaries seeking to disrupt payment efforts.