By Courtney Casey, Accent Computer Solutions
We’re living in a time where cybercrime and ransomware attacks are announced like the next big box office hit. They’re making an impact worldwide, causing headaches and financial troubles for many businesses and consumers. So, how do you stay safe from these threats?
Here are a few tips to keep your personal information out of the wrong hands.
Be Conscious of What You Share Online
The lines of privacy have blurred in our “share everything” social media culture. People are sharing aspects of their personal life that they never did before, giving criminals a leg up.
Sharing your whereabouts can cause trouble in a couple ways. Tagging images and status updates with your location may seem harmless, but it allows the outside world to see exactly where that image was taken or posted from. Where you live, work, exercise and spend your time is now out in the open. This information can potentially be used for things like opening credit cards in your name.
Surveys and quizzes are common on social media platforms like Facebook. They’re certainly fun, but it’s important to be aware of the information you’re sharing. Questions like: What was your high school mascot?, How old were you when you graduated high school?, When did you meet your spouse?, etc. seem like innocent trivia. However, this can unintentionally give away answers to some of your security questions for banking or other accounts in the process.
Use a Password Manager
A study by Dashlane in 2015 found that the average person has 90 online accounts. Nearly 5 years later, we can only imagine how that number has grown.
Keeping up with which email address, username and password combination you use can be nearly impossible. So, people often resort to using the same or similar combinations for everything. The problem is: If one is compromised, they’re all compromised.
Using a password managing app or service is highly recommended. This allows you to create and store complex passwords in a secure manner without having to remember them all. Many smartphones have a password manager built in. There are paid options available as well, including LastPass, Keeper, and Dashlane.
Use Two-Factor Authentication When Possible
Security is all about layers. Passwords are good and another recommended layer is to use two-factor authentication when possible.
Two-factor authentication is like using two forms of ID to get into the website, app or service. This additional verification step could be a text message, phone call, email or authentication app.
The most common method is using a text message with a code that changes each time you log in. You’ll type in your email address and password to the website. Then, they’ll text you a code that you also type in online. That way, even if your password gets out, hackers won’t be able to log in unless they have the additional code.
Even websites like Facebook offer two-factor authentication these days. When you see that it’s available, it’s recommended that you turn it on.
Stay Skeptical When Opening Emails
One of the most common types of scams affecting businesses and consumers is referred to as phishing. Phishing attacks are generally emails that entice users to perform an action, like clicking a link to an infected webpage, opening a malicious attachment or even wiring money.
These aren’t the “Nigerian Prince” or “long lost relative” scams we saw ten years ago. Today’s scams are incredibly hard to spot. Hackers are clever, creating fake emails that look like real ones you’d be expecting.
The scams today could appear to be emails from your bank asking you to log in to confirm or deny a charge; emails from shipping providers asking you to click the tracking link; or, an investment service asking you to provide your account number so they can transfer funds. All of these could be legitimate requests, which is why so many people fall for them.
It’s important to stay skeptical when going through your inbox. Spam filters are good, but they can’t catch everything.
Here are a few ways of spotting phishing emails:
- Check the email address – Hover your mouse over the “Sent From” line. Does the email address look real? Is it spelled correctly? Is there anything skewed, like a zero where an “O” should be?
- Check the subject line – Messages that contain threats to shut down your account or ones that use words like “Urgent” to generate a false sense of importance, are usually scams. They’re using scare tactics to get you to act quickly and recklessly.
- Check the body of the email – Look for poor grammar, spelling errors, inconsistencies and things that just don’t make sense. Requests for personal information are another sign. No respectable service, company or provider would ever ask for things like passwords, credit card numbers or social security numbers over email.
- Review the links and attachments – As a general rule, if you don’t know the person who sent the link or attachment or if it seems out-of-the-blue, don’t click on it.
If you have any questions about whether the email is fake, it’s best to call the sender (using a phone number you know is correct, not the one in the email) and ask them about it personally. You can’t be too cautious!
Courtney Casey is the Director of Marketing for Accent Computer Solutions, Inc., a leading provider of information technology (IT) services and consulting for California-based small and midsize businesses