Cybersecurity is not just a topic for enterprises, businesses and government agencies. Home users are just as vulnerable to malicious cyberattacks. As October is National Cyber Security Awareness Month (NSCAM), it’s important that home users are routinely educated about online safety. To help, we’ve compiled a list of our top seven cybersecurity tips that anybody can apply in their home.
- Password Use
Passwords are your first line of defense online and yet it is the first area where many of us fail. Who hasn’t written a password down on a Post-it note at some point? Here are the basic dos and don’ts of password usage:
- Do not use the same password across multiple accounts. (We know you do this. Stop it. Now.)
- Do use strong passwords. Password123 is not a good password. Neither is monkey. Or your cat’s name. In fact, don’t use any of these Top 100 Passwords.
- Do not share your passwords.
- Do use a password manager.
- Do change default passwords. Many smart devices that connect to your network, such as baby monitors, printers or thermostats, may have default passwords.
- Safe Online Shopping
Who doesn’t love to shop from the comfort of their own home? In a couple of clicks you can compare products and prices from multiple retailers, have products delivered to your home in a matter of hours and you can do all this while wearing your pajamas.Here’s how you can safe while shopping online:
- Look for the padlock or https: Reputable websites use technologies such as SSL (Secure Sockets Layer) that encrypt data during transmission. Look for the little padlock in the address bar or a URL that starts with “https” instead of “http,” as the “s” stands for “secure.”
- When shopping on online marketplaces like eBay, be sure to check seller reviews and reputation level before deciding to buy a product. New accounts or accounts with comments accusing the seller of being a scammer or posting fraudulent listings should be red flags.
- Avoid shopping while using public computers or public Wi-Fi.
- Use a credit card or payment option with online fraud protection.
- Recognizing Phishing Emails
Phishing emails look like legitimate company emails and are designed to steal your information. They usually contain a link to a website that will ask for your login credentials, personal information or financial details. These websites are clever fakes designed to take your information and pass it back to the cybercrooks behind the scam.
In general, if you are not expecting an email from that company, you should be suspicious. Other tell-tale signs of phishing emails are as follows:
- The email is not addressed to your full name. It will use generic terms like “Dear Customer.”
- The email contains grammatical or spelling errors.
- The email asks for personal information.
- The email contains urgent or threatening language.
If you think you have received a phishing email, do not click on any links or open any attachments. To be sure, log directly into your relevant account to check for updates or messages or contact the company directly through their website.
Take our Phishing Quiz to see if you are able to identify phishing emails.
- Check Your Financial Statements
Be sure to monitor your bank accounts and credit card statements for suspicious activity on a weekly basis. If you spot something unfamiliar or see transactions that you are not aware of, it could be a sign that you are compromised.
Report potential fraud to your bank as soon as possible by calling your bank directly and asking to be connected to the fraud department.
- Ransomware 101
Do you have files on your computer that you care about? Maybe your photos from the last five years? An extensive music library? Copies of resumes, address books, course work or other documentation?
Do you have a backup of all of that data? You should.
Ransomware is a type of malware that infects your computer, locking files or restricting your access to the infected systems. Ransomware attacks attempt to extort money by displaying an alert to victims, typically demanding that a ransom be paid in order to restore access to your system or files.
It’s not just businesses that are targeted by ransomware creators. In fact, home users are often an easier target as most have no data backups, a lack of awareness and little to no cyber security education.
It all happens in a matter of seconds. You’ve clicked a link in an email or downloaded a malicious document. In a few seconds, all their data will be encrypted and they’ll have just a few days to pay hundreds of dollars to get it back. Unless you have a backup.
So, how can you protect yourself against ransomware attacks? Here are our top 5 tips:
- Don’t store important data only on your PC.
- Have one or two different backups of your data. Use an external hard drive or a cloud offering.
- Keep your operating system, virus protection and software up to date, including the latest security updates.
- Don’t open attachments or click on links in suspicious emails. Even if you know the sender, if it doesn’t feel right, delete it.
- Consider using an ad-blocker to avoid the threat of malicious ads.
- Wi-Fi Usage
Stay safe on public Wi-Fi. In general, don’t interact with websites that require your financial or personal details while you are using public Wi-Fi. Those activities are best kept on secure home networks.
If you are using public Wi-Fi, avoid unsecured Wi-Fi signals and, where possible, connect using a virtual private network (VPN)
- Stop Clicking. (or Recognizing Common Scams.)
Did you receive an email from your bank asking you to log in and provide your Social Security number or date of birth in order to resolve an issue on your account? Don’t click it.
PayPal emailed you warning that your account was suspended temporarily and provided you a link to update your account details? Don’t click it.
Yay! Someone sent you a gift card out of the blue! Just log in to redeem it! Don’t click it.
There are a lot of scams out there. But you don’t need to live in fear online as many of them follow a similar pattern and can be avoided with a few safe practices. In general, if someone is offering you something for free, you should approach with suspicion and caution. For your financial or commercial accounts, do not click on links in emails, instead go to the official website and log in directly to your account to check for updates.
And check out the FBI’s list of Common Fraud Schemes.
About Cybersecurity Awareness Month
The 15th annual National Cybersecurity Awareness Month (NCSAM) highlights user awareness among consumers, students/academia and business. NCSAM 2018 addresses specific challenges and identifies opportunities for behavioral change. It aims to remind everyone that protecting the internet is “Our Shared Responsibility.”
In addition, NCSAM 2018 will shine a spotlight on the critical need to build a strong, cyber secure workforce to help ensure families, communities, businesses and the country’s infrastructure are better protected through four key themes:
- Oct 1-5: Make Your Home a Haven for Online Safety
- Oct 8-12: Millions of Rewarding Jobs: Educating for a Career in Cybersecurity
- Oct 15-19: It’s Everyone’s Job to Ensure Online Safety at Work
- Oct 22-26: Safeguarding the Nation’s Critical Infrastructure
Learn more at StaySafeOnline.org.