Category: Passwords

Spend a few minutes to check out these scams so that you don’t become a victim

Filed under: Passwords,Scams,Security - Apr 30 2025

Print This Article Print This Article Published 5/5/21. Updated April 2025

In summary…

  • NEVER respond or react hastily to unexpected messages: If you get a pop-up message, email, phone call, text message, or any other urgent message about a virus/security problem, account problem, or ask you to call about an unexpected charge – DO NOT click on any links or call a phone number provided in the message. Always initially assume it’s a scam until proven otherwise.
  • Refer to links in the article below about how to close out of fake warning messages that appear to lock your computer or device.
  • Scammers often PRETEND to be from a business, organization, or financial institution or even a person that you know.
  • Scammers advertise on search engines (Google, Yahoo, Bing) so that people looking for help with a product or service will call them instead of a real support number listed on an official company website.
  • Legitimate companies will never ask for remote access/control of your computer or smartphone, unless you initiate the call to a number listed on the official company website. If the person with a legitimate company accessing your computer asks you to log into your account to “fix” or “help” with a problem, asks for money, money transfer, cryptocurrency or gift cards, immediately turn off your computer and end the call. Then call your trusted computer tech, relative or close friend to help validate the communication you just had.

Scammers are becoming increasingly clever. Every month we hear from clients who have been scammed by letting someone take control of their computer and coerce them into paying for support for non-existent computer or account-related problems. With a little bit of knowledge of how these scams work, you won’t become a victim yourself.

Scams typically start with a website pop-up, email, phone call or text message from a well-known company such as Amazon, Windows/Microsoft, Apple, or Netflix. You are notified about a large purchase that has been or will be charged to your account – or there’s a problem with your account or device/computer. You’re told to call, click a link or talk to a fraud/account representative to confirm the purchase or account information. No matter how legitimate it sounds – It’s a scam! Read on about some of the most common scams we’ve encountered recently:

  • “Someone just charged an item to your Amazon account. I’m calling to confirm the purchase or refund your money.”
  • “This is the FBI and we’ve detected pornographic images on your computer. You must pay a fine right away!”
  • “This is your friend Bob. Can you please buy a gift card for me so I can give to my niece – I’ll pay you back.”
  • “Grandma, this is your grandson – I’m in trouble and you need to bail me out. Please don’t tell mom!”
  • “Your credit card number has expired. I’m calling to get your new number or your service will be cancelled right away!”
  • “I’ve hacked into your email account – I can prove it because your password is xxxxxx. I’ve got embarrassing pictures of you that I captured with your webcam. If you don’t pay up, I’ll release the the pictures to all of your contacts.”
  • “Your computer protection has expired. If you don’t call right away we’re charging $399 to your account to renew the protection.”
  • “Your Cloud subscription has expired or run out of space. Reply or click to renew or update you payment information.”
  • “Failure to pay your bridge toll in this message will result in fines or jail time”.
  • “The 50% discount on your Internet Service is about to expire. Call right away to renew.”

WHAT YOU SHOULD DO: Ignore the pop-up, email, call or SMS. If you answer an unexpected phone call, don’t answer or engage with the scammer – hang up. Most likely there is no problem at all. Unfortunately you can’t trust unknown or unsolicited callers to be who they say they are, nor can you trust the name or number on Caller ID – scammers frequently used forged numbers. NEVER allow someone you don’t know coerce you into letting them view your computer screen or allow remote access. You wouldn’t allow someone knocking on your door to come in – the same should be true for an unsolicited phone call or message.

If in doubt, log into your account normally (not via a link in an email or telephone number provided in a recording) to check for any unrecognized activity. Or you can call the company using the phone number listed on their official website, or printed on a card you have from the company.

If you’ve already gone too far and realize that you’ve engaged in a conversation with a scammer – below are some examples of how you can quickly get out of the situation.

  • “My attorney/caregiver handles all of my affairs. Contact him/her.”
  • “Send me an official correspondence in the mail – you should already have my mailing address.”
  • or simply, JUST HANG UP and don’t answer the phone if they call back. It’s OK to be rude to a scammer.

Often times scammers tell you that you must act fast – so that you don’t have time to think about it, contact a trusted tech-savvy friend, family member or computer technician. Stick to your better judgement, remain in control of the conversation – or just hang up.

If you’ve already been scammed, contact us for a thorough computer security check so that we can determine when it’s safe to use your computer.

Learn more:

Print This Article Print This Article

Understanding Two-Factor Authentication (2FA): Enhancing Your Online Security

Filed under: Passwords,Security - Nov 06 2024

With the rise in cyber threats and data breaches, protecting your online accounts is more crucial than ever. One of the most effective ways to secure them is through Two-Factor Authentication (2FA). This guide explores what 2FA is, how it works, and why it’s essential for safeguarding your digital identity.

What is Two-Factor Authentication (2FA)?

Two-factor authentication is an extra layer of security used to verify that a user attempting to log into an online account is who they claim to be. Instead of relying solely on a password, 2FA requires a second piece of information—a second “factor”—which can only be obtained by the rightful account owner.

2FA factors typically fall into three categories:

  1. Something you know – like a password or PIN.
  2. Something you have – like a mobile device or a security key.
  3. Something you are – biometrics like a fingerprint, facial recognition, or voice.

With 2FA, you’ll need two of these factors to access your account, making it significantly more challenging for cybercriminals to breach it.

How Does 2FA Work?

The 2FA process generally follows these steps:

  1. Enter Your Username/Password: Begin by entering your usual password, which remains the first layer of protection.
  2. Receive a Verification Prompt: After entering your password, you’ll receive a second prompt to authenticate your identity. This prompt can be:
    • A one-time code sent via text message or email.
    • A code generated by an authenticator app (like Google Authenticator or Authy) that refreshes every 30 seconds.
    • A push notification sent to your phone, which you approve or deny.
    • Biometric verification, such as a fingerprint scan or facial recognition.
  3. Complete the Second Step: After verifying this second factor, you gain access to your account.

Types of Two-Factor Authentication

There are various forms of 2FA, each with its own security strengths. Here are the most common ones:

  1. SMS-Based 2FA:
    • A unique, time-sensitive code is sent to your mobile phone via text message.
    • While convenient, it’s less secure due to the risk of SIM swapping, where attackers can hijack your phone number to intercept the code.
  2. Authenticator Apps:
    • Apps like Google Authenticator, Authy, and Microsoft Authenticator generate time-based codes that expire every 30 seconds.
    • Authenticator apps are highly secure as they aren’t reliant on SMS, making them resistant to SIM swapping and other phone-based attacks.
  3. Hardware Tokens:
    • Devices like YubiKey and Google Titan Key act as physical keys that plug into your computer or connect wirelessly. These tokens verify your identity when logging in.
    • Hardware tokens are very secure, as attackers would need physical possession of the device.
  4. Biometric 2FA:
    • Biometrics, such as fingerprints, facial recognition, or voice ID, serve as the second factor in 2FA.
    • Biometrics add strong security but are less widely supported across platforms and may require specific hardware.
  5. Push Notifications:
    • Many services, like Microsoft and Google, send a push notification to a trusted device. Approving the notification verifies your identity.
    • Push notifications are generally secure, especially if your device is protected with a password, PIN, or biometric.

Why You Should Use 2FA

Two-factor authentication offers several benefits, making it an essential component of a secure online presence:

  1. Increased Security:
    • With just a password, anyone who has your login credentials can access your account. Adding a second factor significantly reduces the risk of unauthorized access.
  2. Protection Against Phishing:
    • Phishing attacks attempt to trick you into revealing your password. 2FA adds a hurdle, as attackers won’t have access to your second factor, like your phone or authenticator app.
  3. Minimal Impact on Usability:
    • While 2FA adds an extra step, it only takes a few seconds and provides substantial security benefits, often with only a small impact on convenience.
  4. Peace of Mind:
    • 2FA can give you confidence that your accounts are safer, helping protect personal information, financial data, and sensitive communications.

How to Enable 2FA on Popular Platforms

Enabling 2FA is straightforward on most platforms. Here’s how to set it up on a few commonly used services:

  1. Google and Gmail:
    • Go to Google Account Security Settings.
    • Select 2-Step Verification and follow the prompts to add an authenticator app or SMS verification.
  2. Facebook:
    • Open Settings & Privacy > Settings.
    • Under Security and Login, find Two-Factor Authentication and choose your preferred authentication method.
  3. Apple ID:
    • Open Settings on your iPhone or Mac, go to Password & Security, and select Two-Factor Authentication.
  4. Microsoft Accounts:
    • Log in to account.microsoft.com.
    • Go to Security > Additional Security Options > Two-Step Verification.
  5. Social Media & Financial Accounts:
    • Most major platforms, including Twitter, Instagram, and online banks, offer 2FA under account security settings.

Tips for Using 2FA Effectively

  • Using Authenticator Apps is better than SMS: Authenticator apps are generally more secure than SMS codes, which can be vulnerable to interception or SIM swapping or someone taking over your cell number. However, using SMS is better than no 2FA at all.
  • Keep Backup Codes Safe: Many services provide backup codes for times when you can’t access your primary 2FA method. Store these codes securely, as they can be a lifesaver if you lose your phone.

Conclusion

Two-factor authentication is an essential security measure that everyone should enable on their online accounts. By adding an extra layer of verification, 2FA makes it much harder for cybercriminals to gain access, protecting you from unauthorized access and fraud. Take the time to set up 2FA on your important accounts today—it’s a small step that can provide significant security benefits.

Print This Article Print This Article

Unique Passwords: Why They’re Like Using Different Keys for Your House, Car, and Office

Filed under: Passwords,Security - Nov 05 2024

In today’s digital age, one of the simplest yet most effective security measures we can take is to use unique passwords for each of our online accounts. This practice may seem tedious, but it’s not unlike having a separate key for every important lock in our daily lives. Imagine the risks if your house key could also unlock your car, your office, and your safe. If someone got their hands on it, they’d have complete access to everything you own. Just like in the physical world, using unique passwords is like keeping different “keys” for each digital door we want to secure.

Why Unique Passwords Matter

Using the same password for multiple accounts is the digital equivalent of using the same key for every lock. It might be convenient, but it creates a single point of failure: if a hacker gets hold of your password for one account, they suddenly have access to all the others.

Hackers know this, which is why one of their common tactics after breaking into a weakly protected account is to try the same credentials on other popular services. This practice is called credential stuffing, and it’s highly effective against those who reuse passwords.

Comparing Unique Passwords to Separate Keys

Let’s break down some specific comparisons that show why unique passwords are just as essential as separate physical keys.

1. Control Over Access

  • Physical Keys: Imagine you lend your car key to a friend, but you wouldn’t want that same key to open your home. Separate keys give you control over who accesses different spaces.
  • Passwords: Unique passwords give you similar control in the digital world. If you use a distinct password for each account, even if you have to share it temporarily, you’re not risking other accounts. For instance, if you share a streaming password, you’re not also granting access to your bank account.

2. Damage Containment

  • Physical Keys: If you lose a key, the risk is contained. You know that only the specific place that key unlocks is at risk. Replacing one lock is manageable.
  • Passwords: If one unique password is compromised, only that one account is affected, not your entire digital life. It’s much easier to recover from a single breach than to address the consequences of multiple accounts being hacked.

3. Layered Security

  • Physical Keys: Having separate keys adds an extra layer of security, as someone would need multiple keys to access every part of your property.
  • Passwords: Unique passwords create a similar layered defense. If a hacker wants access to all your accounts, they’ll need to go through each password individually, which is time-consuming and often impractical. Even if they break into one account, they’re blocked from the rest.

4. Preventing Social Engineering Attacks

  • Physical Keys: Imagine a stranger gains access to one of your keys and attempts to access other areas, only to find they’re locked. You can catch this suspicious activity early.
  • Passwords: In the digital world, using different passwords helps you identify compromised accounts faster. If you see suspicious activity on one account, you can address that specific password without worrying that your other accounts are similarly vulnerable.

How to Manage Unique Passwords

Understandably, managing different passwords for every account can be daunting. But with the right tools and practices, it’s much simpler than it seems. Here are a few strategies:

  • Password Managers: These tools securely store and manage your passwords, allowing you to create complex, unique passwords without needing to remember each one individually.
  • Two-Factor Authentication (2FA): Adding a second form of verification, like a text message code or an authentication app, strengthens your security and provides an extra layer if your password is compromised.

The Bottom Line

Using unique passwords is one of the best ways to protect your online presence, just as having separate keys safeguards your physical spaces. It might take a bit of effort to get started, but the security benefits far outweigh the minor inconvenience. In a world where data breaches are increasingly common, having “different keys for every lock” could be what stands between you and a major security issue.

Print This Article Print This Article

Can you spot a “phish”? Check out these phishing/scam clues and examples, then take the quiz

Filed under: Passwords,Scams,Security - Oct 21 2024

Print This Article Print This Article Updated 10/21/24:

Can you spot an email or text message trying to “phish” your personal information or is otherwise a scam? When viewing a suspicious email, here are some key things to look at to help identify phishing/scam emails. Treat all email as guilty/scam until proven innocent/not-a-scam:

  • Subject – Look for bad grammar, misspelling, trying to get to act immediately, emojis and excessive punctuations (!!!) to entice you to read the email.
  • “From” – Does the email addresses match the sender? For example, we’ve seen lots of emails from “McAfee”, but the email address shown is from a random @gmail.com address. However the email address that it’s coming from should not be your only determination whether or not an email is real since an email address is easily spoofed.
  • “To” and greeting – Is the email addressed to your email address and name, or “undisclosed recipients” and “Dear user”. – A company that you already do business with will send an email addressed to your email address and name.
  • Grammar – Treat every email that’s trying to get you to react as suspicious. Slowly read the email as if you’re a teacher grading a student’s English paper.
  • Punctuation – Look for words that should/should not be capitalized, periods and commas in the wrong place, spaces that should/should not exist, and excessive punctuation.
  • Fonts – Phishing/scam emails often overuse bold and colored fonts, and different typefaces.
  • Look for clues the the email writer’s native language/country is not English/U.S. – Are dates formatted as the U.S. Month/Day/Year – or it is Day/Month/Year? Do phone numbers begin with “+1”? Country code prefixes are often used outside of North America.
  • A sense of urgency for immediate action – “Must respond within 24 hours or else…”
  • A scare tactic – Look for threats such as “… result in loss of important information” or “we’ll be forced to terminate/charge your account.”
  • Personal/private information – A company that you do business with already knows your email address, name, password, etc. Unless you are logging into your account on their official website, they would not ask you to enter it into an email or web form and send it back to them.

Please review the screenshots below of emails received and forwarded to us by our clients. Can you spot all of the clues that each one is a phishing/scam email? Answers are given below each screenshot.

(more…)

The best methods to reduce the amount of spam/junk email in your Inbox

Filed under: Passwords,Uncategorized - Aug 08 2023

Updated 11/15/23:

Here are some of the best methods to reduce the amount of spam/junk email in your Inbox:

  • Use an email service with good junk/spam email filtering. Gmail is our favorite free email service that does a pretty good job at segregating important email from spam, as well as promotional, social, and any other emails you want to filter out of you main Inbox.
  • Unsubscribe from specific emails only after you’ve verified that they are from a legitimate sender.
  • For any obvious junk/spam email that arrives in your Inbox, report it as spam/junk – but don’t unsubscribe if your email service offers a setting to do so.
  • Don’t react to junk/spam email by clicking links or replying. Just delete it.
  • Use different email addresses or aliases and/or different email services to segregate personal emails, email addresses you use for banks and financial institutions, travel confirmations, newsletters, etc. Google’s Gmail, Yahoo Mail and Outlook.com all offer such features.
  • Use a strong, unique password and enable 2-step verification for your email account so that hackers can’t access your account and steal your contacts list among other dangers.
  • When addressing email to multiple recipients, use Blind Carbon Copy (BCC) so that you’re not inadvertently sharing people’s private email addresses with others. Also, compose descriptive subjects so that spam filters and the recipient can tell whether or not your email is spam.
  • Realize that you cannot prevent all junk email. The longer you have an email address and the more people and businesses that it is given to, the more junk email you will likely receive over time.
Print This Article Print This Article

You likely don’t need to upgrade Adobe Reader

Filed under: Computing Tips,Passwords - Jun 22 2023

When using the PDF viewer Adobe Reader, you may get prompts suggesting that you should/need to upgrade to Adobe Acrobat. Adobe Acrobat is the paid version that includes additional features, such as the ability to create, edit, and protect PDF files. Most home computer users do not need to upgrade to Adobe Acrobat and pay for features that they do not need.

Here are the pros and cons of upgrading to Adobe Acrobat from Adobe Reader:

Pros:

  • Create and edit PDFs: Adobe Acrobat allows you to create and edit PDFs, which is not possible with Adobe Reader. This means you can add text, images, and annotations to PDFs, as well as rearrange pages and delete content.
  • Convert PDFs to other formats: Adobe Acrobat can also convert PDFs to other formats, such as Word, Excel, and PowerPoint. This is useful if you need to share a PDF with someone who doesn’t have Adobe Reader.
  • Protect PDFs: Adobe Acrobat can protect PDFs with passwords, encryption, and digital signatures. This helps to keep your PDFs secure and prevents them from being tampered with.
  • Add advanced features: Adobe Acrobat also includes a number of advanced features, such as the ability to create PDF portfolios, add watermarks, and track changes.

Cons:

  • Cost: Adobe Acrobat is a paid software, while Adobe Reader is free.
  • Complexity: Adobe Acrobat is more complex than Adobe Reader, so it may take some time to learn how to use all of its features.
  • Not necessary for everyone: If you only need to view and print PDFs, then you don’t need to upgrade to Adobe Acrobat. Adobe Reader is sufficient for most users.

Additionally, word processing programs such as Microsoft Word and LibreOffice Writer let you save documents as a PDF (Portable Document Format) file. So if you have a word processing document that you don’t want easily changed or edited, you already have the ability to save it as a PDF file.

Overall, Adobe Acrobat offers a number of advantages over Adobe Reader, but it is also more expensive and complex. Whether or not you should upgrade depends on your needs. If you need to create, edit, or protect PDFs, then Adobe Acrobat is a good choice. However, if you only need to view and print PDFs, then Adobe Reader is sufficient.

Here is a table that summarizes the pros and cons of upgrading to Adobe Acrobat from Adobe Reader:

FeatureAdobe ReaderAdobe Acrobat
CostFreePaid
ComplexitySimpleComplex
FeaturesBasicAdvanced
Necessary for everyoneNoYes (for some users)
Print This Article Print This Article

Social engineering scams becoming more common than computer viruses – What you need to know to avoid them

Print This Article Print This Article

When I started Computer Techs in 2003, the most common danger on the computer was the virus. The computer virus was often spread through email attachments. Fast forward 20 years, now the most common danger is social engineering scams. And what was once just random guesses of people’s email addresses, now scammers also use phone numbers to call or send messages to contact their potential victims.

These days scammers and hackers have a lot more information about you due to website data breaches and the treasure trove of information that has been exposed about you – such as your name, email/physical address, phone number – and sometimes passwords. They often use that information to send emails, text messages or phone calls to persuade you to that there’s a problem that needs immediate attention. Examples of what they want you to do include:

  • Click a link or open an email attachment. Links often lead to look-alike websites in which you are asked to provide personal information – such as username and password – or even financial information
  • Call a number provided in the email or message so that you can dispute a (false) charge or purchase that was made
  • Request remote access to your computer or smartphone to fix or help with an account problem

When you receive such messages or calls – do not act immediately, it’s likely a scam. Instead read the following information to help you determine the authenticity of what you just received.

Can you spot a “phish”? Check out these phishing and fake email examples – Computer Techs

Avoid Social Engineering and Phishing Attacks – CISA

What is Social Engineering? Examples and Prevention Tips – Webroot

Top 5 computer and phone scams to watch out for – Computer Techs

How to Keep Money from Being Stolen Through Online Banking

Filed under: Computing Tips,Passwords,Scams,Security - Dec 16 2022
Print This Article Print This Article
How to Keep Money from Being Stolen Through Online Banking

Online banking is one of the most convenient services available and offers individuals, businesses, and organizations a way to quickly and easily manage their finances. Unfortunately, online banking is also vulnerable to all of the same security risks that stem from the virtual nature of the internet. It’s important to take steps to ensure that your hard earned money is secure from theft and fraud.

You wouldn’t want to suddenly realize that your bank account has been drained of your hard-earned cash!

Let’s take a look at a dozen ways to keep your money safe while banking online.

(more…)

Top Tips for Secure Online Holiday Shopping This Gift-Giving Season

Filed under: Passwords,Scams,Security - Nov 25 2022
10 Tips for Secure Online Holiday Shopping This Gift-Giving Season

The holidays are a busy time for online shoppers. According to a recent study, over 60% of consumers said they would do some or all of their holiday shopping online this year. That’s a lot of people clicking away on their keyboards and smartphones, looking for the best deals on gifts.

With all of this online activity, it’s important to remember to stay safe. Here are 10 tips to help you do just that:

Adopt Strong Password Security Practices

One of the easiest ways to protect your online accounts is to use strong, unique passwords for each one. That way, even if a hacker does manage to get one of your passwords, they won’t be able to access your other accounts.

It can be tough to remember a bunch of different passwords, so you might want to consider using a password manager. This will allow you to create strong, random passwords for all of your accounts and only have to remember one master password.

Avoid Clicking On Links In Emails From People You Don’t Know

Phishing emails are a common way for hackers to try to get your personal information. They’ll send you an email that looks like it’s from a legitimate company, but the link in the email will actually take you to a fake website. Once you’re on the fake website, they may try to get you to enter your personal information or login credentials.

If you get an email from a company you do business with, don’t click on any links in the email. Instead, go to the company’s website directly and see if there is any information about the email. Or, give them a call from a number obtained on their website to confirm that the email is legitimate.

Use A Credit Card Instead Of A Debit Card

When you’re making online purchases, it’s best to use a credit card instead of a debit card. This is because credit cards have better built-in fraud protection. If someone hacked your credit card information and made unauthorized charges, you would not be responsible for those charges.

With a debit card, on the other hand, the money is taken directly out of your bank account. So, if someone did make unauthorized charges, you’d have a much harder time disputing the charges.

Don’t Click On Suspicious Links

If you receive a holiday promo in your email from a store you’ve never shopped at before, be wary. It could be a phishing attempt to get your personal information. The same goes for links posted on social media. If it looks too good to be true, it probably is.

If you’re not sure whether a link is safe, you can always hover over it to see where it’s going to take you. If the URL looks suspicious or doesn’t match the store’s website, don’t click on it.

Only Shop Reputable Brand Websites

When you’re looking for holiday deals, it can be tempting to go to less well-known websites that seemingly offer great prices. But, these websites might not be legitimate. They might sell counterfeit goods or they might not even ship the items you ordered.

To avoid getting scammed, only shop at websites for stores that you know and trust. And, if you’ve never heard of the website before, do some research to make sure it’s legit.

Keep Records Of Your Shopping Transactions

After you’ve made an online purchase, make sure to keep a record of the transaction. This can help you keep track of your spending and also act as proof of purchase if there are any problems with the order. If your credit card information is stolen, you can also use these records to dispute any fraudulent charges.

Maintain Good Security Habits

In addition to following the tips above, it’s also important to maintain good security habits in general. This includes keeping your computer and other devices up-to-date with the latest security patches. It also means being cautious about the websites you visit and the email attachments you open.

Consider our Computer Maintenance Plan to keep your computer up-to-date and secure.

By following these tips, you can help ensure that your holiday shopping is safe and secure.

If you have any other questions or need help with your smart speaker don’t hesitate to contact us!

4 Things You Can Learn from Cybersecurity Awareness Month in October

4 Things You Can Learn from Cybersecurity Awareness Month in October

Cybersecurity isn’t just about companies preventing their networks from being breached. It’s something that everyone that uses technology needs to be mindful of. On a personal level, you can think of it as information and device security. 

Stopping hackers from getting to your personal data and keeping dangerous viruses out of your computer requires a personal level of cybersecurity. Being safe online is one part of the equation. The consequences of being lax about things like passwords and using free Wi-Fi without safeguards can be high.

Over 24 million Americans have had online accounts taken over by hackers, this includes workplace retirement apps. It’s scary to think of accounts having to do with your money being emptied by a scammer, but it happens all too often. Last year, account takeovers rose nearly 72%. 

Every October, two US government agencies promote Cybersecurity Awareness Month. The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) provide helpful tips and resources for both consumers and businesses to raise cybersecurity awareness.

Why not take some time this October to brush up on your security hygiene? You can visit the Cybersecurity Awareness Month website to get some free resources, and below we’ll highlight four key best practices being promoted this year.

Tips to Be “Cyber Smart” and Protect Your Data

This year’s Cybersecurity Awareness Month theme is “See Yourself in Cyber” and it’s all about breaking the misconception that cybersecurity is just for companies and IT people.

The site notes that cybersecurity is really all about people adopting best practices when using computers, mobile phones, and accessing online accounts.

Here are four simple, but effective ways to improve your cyber hygiene and keep your devices and online accounts from being hacked.

Enable Multi-Factor Authentication

Multi-factor authentication (MFA) is also called two-factor authentication (2FA) and two-step verification. What it means is that there is more than one step to gain access to your account.

MFA is very, very effective at stopping scammers from breaching your online accounts, such as a bank account, Facebook account, Amazon account, and others. Microsoft, which sees about 300 million attempts by hackers to breach its cloud services each day, says that using multi-factor authentication can stop 99.9% of attempted fake sign-ins.

With MFA/2FA, you will receive an additional prompt before you can access your account. This typically will come in the form of a one-time passcode (OTP) that is sent to your mobile phone. 

Once you log in with your username and password, you will normally see a button to send the MFA code. Some systems give you a choice to send via text, email, or automated voice call. This OTP is usually about 5 or 6 digits, and you need to enter it to get access. 

How do you add MFA/2FA to an account?

  • Go to your account settings for an online account.
  • Look for an area for privacy or security.
  • If there is a search option in the settings, search on either “multi-factor, two-factor, or two-step.
  • When you find this, turn this feature on.
  • Go through the prompts to set up a phone number (or another method) to receive the one-time passcode.

Tip: Open a new browser tabs to quickly check your email for a one-time passcode, then go back to the website to enter the passcode you just received.

How and why to use browser tabs

Use Strong Passwords

The #1 cause of data breaches around the world is not some big virus or another form of malware. It’s breached passwords. Hackers are having a field day breaking into personal and business accounts by guessing, stealing, and otherwise compromising weak passwords.

Ditch those easy passwords that you find simple to remember. If they’re easy to remember, then they are easy to hack. You should use strong password best practices to create passwords.

Strong passwords look like this:

  • Have at least 10-12 characters
  • Use at least one uppercase letter
  • Use at least one symbol
  • Use at least one number

The best way to manage strong and unique passwords for every login is to use a password manager. There are both free and paid versions you can find online. Just be sure to use a reputable password management tool. I use LastPass since I can use it on multiple operating systems and devices. You can also use the password manager built into your browser or operating system as long as your devices are password protected.

Recognize Phishing 

Fake emails and text messages can trick you into giving away your login information to a website. They can also cause you to download malware. Phishing can look like a shipping notification from Amazon or an urgent notification to update your email account.

Learn how to recognize phishing so you can avoid falling into its trap. It’s also helpful to use an email system – such as Gmail – with good spam and phishing detection.

Phishing recognition tips:

  • Hover over links without clicking them to see the real URL
  • Any slight misspellings or grammar that is “off”
  • If the email is unexpected (such as a receipt for something you never bought)
  • An email address that uses the company name first, instead of after the @ symbol – for example: (name of bank)@strangedomain.com instead of contact@(name of bank).com

Update Your Software

Software often has vulnerabilities that allow hackers to exploit a device. For example, poorly written code might allow a scammer to use a loophole to take control of your computer or smartphone.

Your best defense against software and operating system vulnerabilities is to keep all software and apps on your devices updated regularly. Those updates will include the latest patches for newly found vulnerabilities that keep hackers from using them.

Get Help With Your Personal Cybersecurity

Computer Techs enjoys working with Reno area residents to improve their cyber hygiene. We can help with virus scan and removal, email filtering to reduce phishing, MFA setup, and much more.  

Contact us today with any questions or computer needs!

Next Page »