Cybersecurity isn’t just about companies preventing their networks from being breached. It’s something that everyone that uses technology needs to be mindful of. On a personal level, you can think of it as information and device security.
Stopping hackers from getting to your personal data and keeping dangerous viruses out of your computer requires a personal level of cybersecurity. Being safe online is one part of the equation. The consequences of being lax about things like passwords and letting strangers into your computer without safeguards can be high.
Over 24 million Americans have had online accounts taken over by hackers, this includes workplace retirement apps. It’s scary to think of accounts having to do with your money being emptied by a scammer, but it happens all too often and increasing each year.
Every October, two US government agencies promote Cybersecurity Awareness Month. The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) provide helpful tips and resources for both consumers and businesses to raise cybersecurity awareness.
Why not take some time this October to brush up on your security hygiene? You can visit the Cybersecurity Awareness Month website to get some free resources, and below we’ll highlight four key best practices.
Tips to Be “Cyber Smart” and Protect Your Data
Here are four simple, but effective ways to improve your cyber hygiene and keep your devices and online accounts from being hacked.
Enable Multi-Factor Authentication
Multi-factor authentication (MFA) is also called two-factor authentication (2FA) and two-step verification. What it means is that there is more than one step to access your account.
MFA is very effective at stopping scammers from breaching your online accounts, such as a bank and financial institution accounts, Facebook and other social media accounts, Amazon and other online shopping accounts, Microsoft/Apple and other device login accounts, and others. Microsoft, which sees about 300 million attempts by hackers to breach its cloud services each day, says that using multi-factor authentication can stop 99.9% of attempted fake sign-ins.
With MFA/2FA, you will receive an additional prompt before you can access your account. This typically will come in the form of an additional one-time passcode (OTP) that is sent to your email or text message to your mobile number.
How MFA/2FA works: Once you log in with your username and password, you will be prompted for your MFA OTP. Some systems give you a choice to send via text, email, automated voice call or device prompt. Some also allow you to print recovery codes that can be used in the event you’ve lost access to your 2FA email or device.
How do you add MFA/2FA to an account?
- Go to your account settings for an online account.
- Look for an area for privacy or security.
- If there is a search option in the settings, search on either “multi-factor, two-factor, or two-step.
- When you find this, turn this feature on.
- Go through the prompts to set up a phone number (or another method) to receive the one-time passcode.
For more information see: Secure your email and other accounts with 2-step verification.
Tip: Open a new browser tabs to quickly check your email for a one-time passcode, then go back to the website to enter the passcode you just received.
How and why to use browser tabs
Use Strong Passwords
The #1 cause of hacked accounts and stolen data is not some big virus or another form of malware. It’s passwords revealed in data breaches. Hackers are having a field day breaking into personal and business accounts by guessing, stealing, and otherwise compromising weak or reused passwords.
Ditch those easy passwords that you find simple to remember. You should use these best practices to manage passwords.
Strong passwords should:
- Have at least 10-12 characters
- Use at least one uppercase letter
- Use at least one symbol
- Use at least one number
The best way to manage strong and unique passwords for every login is to use a password manager. There are both free and paid versions, just be sure to use a reputable password management tool. You can also use the password manager built into your browser or operating system as long as your devices are password protected.
Recognize & Report Phishing
Fake emails and text messages can trick you into giving away your login information to a website. They can also cause you to download malware. Phishing can look like a shipping notification from Amazon or an urgent notification to update your email account.
Learn how to recognize phishing so you can avoid falling into its trap. It’s also helpful to use an email system – such as Gmail – with good spam and phishing detection.
Phishing recognition tips:
- Hover over links without clicking them to see the real URL
- Any slight misspellings or grammar that is “off”
- If the email is unexpected (such as a receipt for something you never bought)
- An email address that uses the company name first, instead of after the @ symbol – for example: (name of bank)@strangedomain.com instead of contact@(name of bank).com
Read more about recognizing and reporting phishing on the CISA (Cybersecurity & Infrastructure Security Agency) and FTC (Federal Trade Commission) websites.
Update Your Software
Software on your computer or device can have discovered vulnerabilities that allow hackers to exploit a device. For example, poorly written code might allow a scammer to use a loophole to take control of your computer or smartphone.
Your best defense against software and operating system vulnerabilities is to keep all software and apps on your devices updated regularly. Those updates will include the latest patches for newly found vulnerabilities that keep hackers from using them.
Get Help With Your Personal Cybersecurity
Computer Techs enjoys working with Reno area residents to improve their cyber hygiene. We can help with virus scan and removal, email filtering to reduce phishing, MFA setup, and much more.
Contact us today with any questions or computer needs!