It’s October, and you know what that means? It’s cybersecurity month!
It’s the perfect time to talk about everything cyber, from how to protect yourself online from phishing scams to why we need to be aware of our digital footprint.
But what is cybersecurity awareness month? We’ll also share a few tips on how to stay safe when using your computer or smartphone. Then we’ll move onto more serious topics like how to spot phishing emails and ransomware attacks and avoid falling victim to social engineering attacks which often lead to business email compromise.
And finally, we’ll give you a quick overview of the different types of security threats out there and how they work.
Table of Contents
What Is Cybersecurity Awareness Month?
Cybersecurity Awareness Month is an annual event in which organizations educate their employees on the importance of being aware of cybersecurity risks to boost cybersecurity defenses.
The campaign aims to raise awareness among consumers and businesses alike about the dangers of cybercrime and encourage them to take steps to prevent these crimes.
Did you know that the first cybersecurity awareness month was held in 2004 by the National Cyber Security Alliance (NCSA) in a collaborative effort with the Department of Homeland Security’s (DHS) cybersecurity division? Since then, many other countries have adopted similar methods to increase their cybersecurity education.
National Cyber Security Awareness Month kicked off on October 1st. To help spread awareness, we’re highlighting tips on how individuals can protect themselves against cyber threats.
NCSAM’s theme is See Yourself In Cyber, which emphasizes the potential vulnerability of all internet-connected devices. These devices include computers, mobile phones, tablets, smartwatches, thermostats, home automation systems, vehicles, medical equipment, and toys.
Cybersecurity starts with YOU, and it is everyone’s responsibility. We hope this month encourages people to take ownership of their online security and educate others about what they can do to keep their information safe.
There are currently 5 billion Internet users worldwide. With the growth of IoT and the increasing use of digital technology across every industry, there is no doubt that this number will continue to rise. As the global population becomes increasingly reliant on digital technologies, the importance of cybersecurity grows exponentially.
Week 1 – Phishing
The National Cybersecurity Awareness Month theme of week one is “Phishing.” Phishing is a type of scam where criminals impersonate trusted organizations and send fraudulent emails to trick unsuspecting victims into giving away their login credentials. The best way to stay from phishing attempts is always to be vigilant and suspicious of unsolicited email messages. Never respond to any message asking for your username or password, regardless of who sent it. Instead, report them immediately by contacting customer service via phone.
Types of phishing attacks include:
• Email spoofing – Cyber actors send emails that look like they come from a legitimate source, such as your bank or credit card company. Cyber criminals may create fake websites to look similar to those used by actual companies. They then send out fake emails pretending to come from these businesses.
• Fake apps – Cyber criminals often distribute malicious apps disguised as popular apps. Once installed, the app sends out spam messages or performs unwanted actions without warning.
• Fake websites – Fake website scams are when a hacker makes a spoofed website mimic a legitimate site. This allows hackers to steal user names and passwords. Hackers can also install keystroke loggers (software that records everything typed) onto a computer to steal data.
• Fake text messages – Criminals may send out fake texts that appear to be from your bank but instead direct you to a malicious website. These are called smishing messages.
• Malicious links – criminals sometimes try to lure users into opening malicious files on their computers. This includes email attachments, downloads from untrustworthy websites, or clicking on links embedded in advertisements.
• Viruses – hackers can use viruses to infect your device remotely. If your system gets infected, the hacker may steal your personal information or install malware on your machine.
A single phishing attack could lead to identity theft, financial loss, or even worse. It is important to remember that cybercriminals don’t care if you lose money or not; they want access to your sensitive information.
Week 2 – Password Management and Data Protection
Week two’s National Cybersecurity Awareness Month tip looks at password and data management, which refers to creating complex passwords with the help of a password manager. A password manager automatically generates unique, strong passwords for you, stores them safely and helps you access them when needed. It also allows you to easily share your passwords with family members or friends if you need to. But only do so if necessary because sharing your passwords could put your account at risk.
A password manager is an excellent tool because it makes remembering many different usernames and passwords easy. However, some people find memorizing dozens of random strings of characters challenging. To make things easier, a password manager creates a single master password that unlocks all of your other accounts. You only need to remember one thing!
A password manager should be treated just like any other valuable item. Make sure you store it securely and don’t leave it unattended. Also, never reveal your master password to anyone else, including your spouse or children.
If you’re not using a password manager, here are some tips to keep your account safe. Create a long, complicated password that combines upper-case letters, lower-case letters, numbers, and special characters. Use letters, numbers, and symbols to make it harder for someone to guess. For example, “HbS5^6&St#a” would be much more secure than “12345”. Be sure to change your password regularly to prevent others from guessing what it might be. And, if you forget your password, you can reset it online or call customer support.
Data protection involves keeping your data secure when you share it. It’s essential to know how to protect yourself against cyber attacks. Some ways to protect your data include:
• Encrypt sensitive documents – if you have confidential financial records, consider encrypting them so only you can read them.
• Use two-factor authentication – many services now require additional verification steps before accessing your account. This helps prevent unauthorized access to your funds.
• Back up your data – make sure you back up all of your data regularly. Your cloud storage provider may offer backup options as well.
Other ways to protect yourself online include using a VPN (a virtual private network), which encrypts your internet traffic and hides your IP address. You should also avoid logging into accounts from unknown devices, especially public Wi-Fi networks. Finally, never click on links in an email or instant message unless you know exactly what you’re doing.
Week 3 – Multi-Factor Authentication
Week three’s National Cybersecurity Awareness Month tip is about Multi-factor authentication (MFA), which uses multiple methods to verify your identity. These could include entering a code sent to your mobile phone, scanning a physical token, or answering questions about your physical location. MFA prevents attackers from gaining access to your account even if they get hold of your username and password.
There are three types of MFA:
• Something you know – you need to provide some secret answer to identify yourself. Examples include a PIN or pattern, passcode, or security question.
• Something you have – this requires possessing a physical object to prove your identity. Examples include a smartphone, biometric scanner, or hardware token.
• Something you are – this requires you to show evidence that you are physically present at a particular place. Examples include a time-based token, GPS tracking, or geo-fencing technology.
Multi-Factor Authentication (MFA) helps keep your accounts safe. When enabled, it adds another layer of security to help protect against unauthorized logins. In addition to requiring a password, some sites require a code sent via text message, phone call, or email. This extra step ensures that only people authorized to use your account can do so.
To enable multi – factor authentication on an online service, follow these steps:
1. Go to the website where you want to enable MFA.
2. Click the Account Settings link in the top right corner of any page.
3. Under Security, click the Change button next to Two-Step Verification.
4. Select the type of MFA you’d like to use. You can select either SMS Auth or TOTP Auth for 2-step verification. You’ll be prompted to add another factor if you’re already signed into your Google account with 2-step verification.
5. Enter your phone number or device ID, then tap Next Step.
You can also set up MFA by adding a second factor to your existing Google Account. To do this, follow these steps:
1. Sign in to your Google Account using your primary identification method (e.g., your Gmail address).
2. Click the gear icon in the upper right corner of the screen.
3. Tap Additional sign-in methods.
4. Scroll down and choose “Add more sign-in methods.”
5. Set up MFA for your new method of identification.
6. Add your phone number or device identifier.
7. Choose whether to receive SMS messages or generate one-time passwords (TOTPs).
8. Confirm your selection.
9. On the next screen, enter your phone number or device id.
10. Tap Continue.
11. Follow the prompts to complete the setup.
Week 4 – Avoid Job Offer Scams
Our last National Cybersecurity Awareness Month tip is how to avoid job offer scams that may target those looking for work. If you’re contacted by someone claiming to represent a company offering you a position, don’t respond. This week’s scammer: The recruiter will ask you to deposit money before they begin working on your behalf.
What happens when you give out personal information? Many people think that just because they’ve given their contact details to a business, they’re now vulnerable to all kinds of fraud. But there’s no such thing as too much caution. It’s always better to err on the side of caution than to regret giving away your data later.
If you get something suspicious in the mail, delete it immediately. Don’t open anything from anyone who doesn’t know you personally. And if you see something unusual on social media, report it to Facebook or Twitter. They take reports seriously and may even remove the content.
What should you look out for? Here are a few warning signs:
• Someone contacts you about a job opportunity without asking permission first.
• An unsolicited request for payment.
• An attempt to access your bank account.
• A request for sensitive financial information.
• A claim that you must pay a fee to apply for a job.
• Unusual requests for photos or videos.
• Any solicitation or promotion that seems off-topic.
• Anything that asks you to share personal information.
• An email from an unknown sender containing links to websites that seem sketchy.
• An email appears to come from a legitimate company but contains spelling mistakes.
• A message that says you won a prize or contest and includes a link to download software.
You’ll want to increase your online security to avoid job offer scams. You can use two-factor authentication to protect your accounts and ensure that only you have access to them. You can also keep your computer safe with antivirus software and update your operating system regularly.
Wrapping Up
Cybersecurity Awareness Month shouldn’t be a scary time of year. Instead, it should remind you to stay vigilant and do everything possible to protect yourself against cyber threats and cyber crimes. Solid cyber hygiene habits can help you stay safe during this busy season. This month’s online safety tips will help you do just that. We hope you find them helpful! If you have any questions, please send us a message and as always, Stay Safe!
Recent Comments