Cybersecurity isn’t just about companies preventing their networks from being breached. It’s something that everyone that uses technology needs to be mindful of. On a personal level, you can think of it as information and device security.
Stopping hackers from getting to your personal data and keeping dangerous viruses out of your computer requires a personal level of cybersecurity. Being safe online is one part of the equation. The consequences of being lax about things like passwords and using free Wi-Fi without safeguards can be high.
Over 24 million Americans have had online accounts taken over by hackers, this includes workplace retirement apps. It’s scary to think of accounts having to do with your money being emptied by a scammer, but it happens all too often. Last year, account takeovers rose nearly 72%.
Every October, two US government agencies promote Cybersecurity Awareness Month. The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) provide helpful tips and resources for both consumers and businesses to raise cybersecurity awareness.
Why not take some time this October to brush up on your security hygiene? You can visit the Cybersecurity Awareness Month website to get some free resources, and below we’ll highlight four key best practices being promoted this year.
Tips to Be “Cyber Smart” and Protect Your Data
This year’s Cybersecurity Awareness Month theme is “See Yourself in Cyber” and it’s all about breaking the misconception that cybersecurity is just for companies and IT people.
The site notes that cybersecurity is really all about people adopting best practices when using computers, mobile phones, and accessing online accounts.
Here are four simple, but effective ways to improve your cyber hygiene and keep your devices and online accounts from being hacked.
Enable Multi-Factor Authentication
Multi-factor authentication (MFA) is also called two-factor authentication (2FA) and two-step verification. What it means is that there is more than one step to gain access to your account.
MFA is very, very effective at stopping scammers from breaching your online accounts, such as a bank account, Facebook account, Amazon account, and others. Microsoft, which sees about 300 million attempts by hackers to breach its cloud services each day, says that using multi-factor authentication can stop 99.9% of attempted fake sign-ins.
With MFA/2FA, you will receive an additional prompt before you can access your account. This typically will come in the form of a one-time passcode (OTP) that is sent to your mobile phone.
Once you log in with your username and password, you will normally see a button to send the MFA code. Some systems give you a choice to send via text, email, or automated voice call. This OTP is usually about 5 or 6 digits, and you need to enter it to get access.
How do you add MFA/2FA to an account?
- Go to your account settings for an online account.
- Look for an area for privacy or security.
- If there is a search option in the settings, search on either “multi-factor, two-factor, or two-step.
- When you find this, turn this feature on.
- Go through the prompts to set up a phone number (or another method) to receive the one-time passcode.
Tip: Open a new browser tabs to quickly check your email for a one-time passcode, then go back to the website to enter the passcode you just received.
How and why to use browser tabs
Use Strong Passwords
The #1 cause of data breaches around the world is not some big virus or another form of malware. It’s breached passwords. Hackers are having a field day breaking into personal and business accounts by guessing, stealing, and otherwise compromising weak passwords.
Ditch those easy passwords that you find simple to remember. If they’re easy to remember, then they are easy to hack. You should use strong password best practices to create passwords.
Strong passwords look like this:
- Have at least 10-12 characters
- Use at least one uppercase letter
- Use at least one symbol
- Use at least one number
The best way to manage strong and unique passwords for every login is to use a password manager. There are both free and paid versions you can find online. Just be sure to use a reputable password management tool. I use LastPass since I can use it on multiple operating systems and devices. You can also use the password manager built into your browser or operating system as long as your devices are password protected.
Recognize Phishing
Fake emails and text messages can trick you into giving away your login information to a website. They can also cause you to download malware. Phishing can look like a shipping notification from Amazon or an urgent notification to update your email account.
Learn how to recognize phishing so you can avoid falling into its trap. It’s also helpful to use an email system – such as Gmail – with good spam and phishing detection.
Phishing recognition tips:
- Hover over links without clicking them to see the real URL
- Any slight misspellings or grammar that is “off”
- If the email is unexpected (such as a receipt for something you never bought)
- An email address that uses the company name first, instead of after the @ symbol – for example: (name of bank)@strangedomain.com instead of contact@(name of bank).com
Update Your Software
Software often has vulnerabilities that allow hackers to exploit a device. For example, poorly written code might allow a scammer to use a loophole to take control of your computer or smartphone.
Your best defense against software and operating system vulnerabilities is to keep all software and apps on your devices updated regularly. Those updates will include the latest patches for newly found vulnerabilities that keep hackers from using them.
Get Help With Your Personal Cybersecurity
Computer Techs enjoys working with Reno area residents to improve their cyber hygiene. We can help with virus scan and removal, email filtering to reduce phishing, MFA setup, and much more.
Contact us today with any questions or computer needs!