What is the most important aspect of security? Security always begins with an attention to one’s personal responsibility. While citizenry depends on competent law enforcement, people must also take ownership of their personal actions and decision making and demonstrate an attention to the potential risks of their immediate surroundings. Common sense measures such as never leaving a valuable item unattended in a public place or avoiding poorly lit streets at night go a long way to ensuring one’s safety.
The same holds true for cyber security. When we are digitally connected, we are also vulnerable. It is an important truth to recognize. That is why proper attention to cyber hygiene is so imperative today. While we all rely on the collective efforts of corporate IT personnel, internet service providers and endpoint protection software, protecting our personal information and identity still comes down to the individual measures we take daily. Below are ten best practices that every digitally connected individual should take today to ensure their privacy and online security.
Turn Cookies Off
Browser cookies are a two-edged sword. While those tiny code snippets that websites automatically deliver to your devices make browsing convenient, they also put your privacy at risk. Cookies enable the ability for third parties to gather information about your computing device and track your movements. You probably have hundreds of embedded cookies on your computer and don’t know it. With increased cyber threats such as session hijacking, it is advisable to delete and disable them. This can be easily done whether you use Edge or Chrome as your preferred browser.
Use multifactor authentication (MFA) when offered
Many employers are now enforcing the use of multifactor authentication (MFA) for employee email accounts and other cloud services they use. There is a reason for this. Relying on a password alone to protect your online accounts is a risky practice as passwords can be easily cracked or stolen by cybercriminals. You should take advantage of MFA whenever it is offered. Check the websites of your banking and financial accounts to see if they offer MFA. All the major cloud services such as Google offer MFA options such as SMS texting or a FIBO key.
Have I been Pwned?
To be “pwned” means that one of your email accounts has been compromised or hacked. Most likely it happened because of a data breach. It also means your online accounts are seriously vulnerable to compromise. Fortunately, finding out whether you’ve been pwned is as easy as visiting this website that helps check your exposure on the Internet.
Confirm official Wi-Fi network when traveling
Digitally connected users are constantly looking for an area Wi-Fi network when they are on the road. Cybercriminals know this too which is why they broadcast rogue networks. Also referred to as evil trins, these fraudulent networks are wireless access points that an attacker sets up to emulate a legitimate Wi-Fi network that users might be looking for such as the guest network in a hotel or coffee shop. It is best practice to always confirm the name of an official guest network with the front desk or counter employee.
Be wary of free charging stations
Many businesses offer free charging stations as a customer courtesy. Unfortunately, these stations attract the attention of malicious characters too. These stations are often poorly monitored by the businesses that offer them, opening the door for cybercriminals to hijack them to deposit malicious code on devices that plug in to charge. This cyber-theft tactic is called “juice jacking”. The FBI issued a warning against using public charging areas in April of 2023. Take the responsibility for charging your devices by using your own chargers.
Email content
Email was created at a time when no one thought about cybersecurity. For that reason, email is highly vulnerable to manipulation and compromise. Just as you would never publicly post your personal information such as a social security number, always refrain from sharing any sensitive information via email. Never assume that an email is private.
Freeze your credit to protect your identity
Most people know to freeze their credit with the three credit bureaus once their personal information has been compromised. However, waiting to freeze your accounts until after the fact presents a lot more headaches. Why not freeze them now? Think about it. How often do you apply for a new credit card, car loan or home mortgage? These instances are rare so keeping your credit in a frozen state can proactively protect you from identity theft and financial fraud and ensure peace of mind. Note that different states have different laws regarding the freezing of accounts so check the website of your state attorney general’s office or consumer protection agency.
Experian Freeze or Unfreeze Your Credit File for Free – Experian
Transunion Credit Freeze | Freeze My Credit | TransUnion
Equifax Security Freeze | Freeze or Unfreeze Your Credit | Equifax®
Deep fakes
Scams and frauds have been around for centuries, but advanced technology has made it easier than ever before. Seeing is no longer believing thanks to deep fakes. Deep fakes are a form of digital manipulation that utilizes artificial intelligence and machine learning to create convincing fake images, videos, and audio recordings. Fraudsters used AI to mimic a CEO’s voice to convince an employee to wire $243,000 to a new account. There is even a ploy called “The Grandparent Scam” in which fraudsters simulate the voice of a grandchild in a call to a grandparent – usually urgently asking money for an emergency. A healthy dose of skepticism goes a long way today. Always verify something out of the ordinary.
HALOCK Security Briefing Archives: Updates on cybersecurity trends, threats, legislation, reasonable security, and more that impact your risk management program.
SCHEDULE YOUR FULL HALOCK SECURITY BRIEFING