|
October is Cybersecurity awareness month.
At OEM, we often talk about preparedness kits, go-bags, and how to respond during a disaster. But it's equally important to be prepared to protect yourself—and your business—online.
Cyber threats like identity theft, fraud, scams, phishing, and hacking can be just as devastating as a natural disaster. In many cases, recovery can take years.
Part of OEM’s mission is to stay vigilant about potential cybersecurity risks. In recognition of Cybersecurity Awareness Month, here are some important tips and things to watch out for.
Before you can protect yourself, it’s important to understand and recognize the potential threats, which include:
PHISHING - An attempt to gain information voluntarily via deception.
MALWARE - Malicious software accessing sensitive data or destroying/ damaging operating systems and communication systems.
RANSOMWARE - Locking files for ransom.
IDENTIFY THEFT - misusing your personal information.
IMPOSTER SCAMS - Pretending to be someone trustworthy.
ONLINE SHOPPING SCAMS and INVESTMENT SCAMS - Involves social media and social engineering similar to pyramid scams.
RENTAL SCAMS - acting as a landlord or homeowner renting a home or Airbnb, but requires money upfront and is reluctant to do a showing before money changes hands.
A.I. SCAMS - Using yours or a loved one's likeness or voice, for ransom or extortion, similar to imposter scams but can be very convincing, and sound terrifying, but is not real.
HACKING - the unauthorized access or exploitation of computer systems, networks, or devices, often by finding and using vulnerabilities.
Most of the threats facing you in cyberspace require some sort of cooperation on your part, in order for the fraud, scam, or threat to work.
Statistically, the biggest threat to your personal and financial information is YOU! Most of these occur due to lack of protection of sensitive data.
Here's some recommendations to protect yourself:
- Use a privacy screen to prevent others from viewing your device in public places.
- Train staff in electronic and access security protocols.
- Don't leave your smart phone unlocked, or computers open and unattended.
- Cover the number pad, if entering any pin numbers.
- Pre-program the trusted phone numbers of your financial institutions into your phone. If you receive a suspicious call, use these numbers to verify whether it's legitimate.
- If you are unsure of a request, phone call or email, do not divulge any sensitive information.
- Do not trust sellers who require payment via pre-loaded credit cards.
- Avoid using contact details listed in emails from alleged institutions, as they may be part of a phishing or imposter scam. Use the verified contact information you've previously saved to your phone.
- Use biometrics such as fingerprint, or facial recognition for access to electronic devices.
- Avoid doing any banking or sharing sensitive information over an open Wi-Fi network, such as those found in coffee shops or bookstores.
- Avoid downloading content or browsing peer-to-peer (P2P), torrent, piracy-related sites, or the dark web, as they often carry significant security risks.
- Use a VPN (Virtual Private Network) when accessing the internet whenever possible.
- A secure site should have an updated security certificate. You can verify this through your browser. Be wary of sites requiring a login with HTTP (Hyper Text Transfer Protocol) instead of HTTPS. The "S" in HTTPS means "secure".
- Ensure your operating system, anti-virus, and firewall software have the latest updates.
- Use strong, complex passwords. A good password should be long, include a mix of uppercase and lowercase letters, numbers, special characters, and be unique and random. For example: "Jigsaw%Quest7trait/fork48"
- Keep vital data on a thumb drive and back it up regularly.
- Don't leave passwords or usernames on sticky notes, or on your desk or somewhere that others have access to or in plain view. Do not share your passwords with anyone, and avoid using the same password for multiple accounts.
- Update your password at least once a month.
- Never leave your device or building access cards in your car or in plain sight. The same goes for your mail and any important documents; keep them secure and out of view.
- Don’t just toss documents with your personal info in the trash or recycling. Make sure to shred them first. We recommend getting a shredder that crosscuts.
- The most common form of identity theft is a result of stolen mail so try to empty your physical mailbox daily. If you use a cluster/community box, try not to mail important documents there. Use a P.O. Box at your local post office.
Finally, be aware of your surroundings. If you see something suspicious, say something. Protect vital information from prying eyes and hands.
For more information regarding cybersecurity. Visit our nation's leading cyber security defense agency. CISA (Cybersecurity & Infrastructure Security Agency.)
|
