Basic Internet Security Tips
Cyber criminals are constantly looking for new ways to target and trick you into giving up your personal information or compromising your computer. Hence it is becoming more and more critical that you understand what you need to do to protect yourself from cyber attacks. Even though your organization may have a cyber security department tasked with protecting you from attacks, it does not mean you are safe. Just as it is impossible for police officers to protect every member of the public at once, it is impossible for cyber security officers to protect every computer at once. Thus it is up to every person within an organization to be informed and do their part to protect themselves and their organization. Here area few key things that anyone can look for that can help protect against cyber attacks.
1. Email Safety
Don’t open unknown links or attachments. Even links from friends or colleagues can be malicious. A compromised email account will be used to send a message with a malicious link to all the account’s contacts. Most people will click on a link from a friend or relative without thinking (or will let curiosity get the best of them). The email sample below is an example of a spear phishing email. These types of emails contain information relevant to the recipient and the sender is trying to get some information out of the user through deception. Any unusual or unexpected request for information or request to follow a link should be verified via another communication method with the sender. Many phishers use incentives (like the promised 6.3 million dollars below) or scare tactics (your email account will be deleted) to get users to act without thinking it might be a trap.
2. Social Networking
Information is power. Social Networking sites are great for keeping in touch with friends and meeting new people but they can also reveal information about you to criminals. Be sure to know what your security policy is set to on site where personal information can be seen publicly. It is always best to be cautious about what you discuss on social media sites. Some accounts are fake and fronts for information gathering. Thoughts like, “John Smith may have been someone I went to school with 25 years ago, I will befriend him” may reveal personal information to a complete stranger. The common phrase cannot be reiterated enough: “anything you post on the internet can become public”. So choose your words and friends wisely.
3. Virus / Malware
Everyone gets sick during the course of their life. You can however do things to boost your immune system to resist most illness. Viruses are similar, Infections are bound to happen due to the sheer amount of malware on the Internet and its pervasiveness in across every day websites. Therefore it is important to know what software can protect your computer and the steps you should take if your computer does get infected.
Common symptoms of an infected computer:
-Your trusted antivirus (meaning you installed it) alerts you to an infection.
-Normally trusted web sites (such as google.com) redirect you to malicious sites.
-Software appears on your computer you did not install (Such as the fake antivirus software shown below).
-Sluggish internet may even be an indicator.
Tips to remove malware:
-Run an antivirus scan on your computer (Again, make sure you are using trusted antivirus software such as Norton, Trend, or Kaspersky that you installed)
-Run antispyware tools such as MalwareBytes (free to download) or Trend Micro’s HouseCall software. Run it multiple times and after multiple reboots to ensure your computer is clean.
-Log onto a separate profile on your computer. Many viruses can be contained to a single profile on the computer. Running a scan from a separate profile will be much more thorough.
-Sometimes the only thing you can do is save only those files you need (pictures, documents, etc.) and reformat your computer.
-Some viruses are transferable through USB thumb drives so ensure those devices are not connected to an infected PC or you may end up spreading the malware.
Oh No, My Account got Hacked!!
Many people who have had accounts hacked wonder how their passwords were obtained. While it could be the fault of the account issuer such as Yahoo, Hotmail, AOL or Facebook, that is highly unlikely. Reputable sites such as those use heavy security and encryption on the databases that house that information. Because cyber criminals are looking for the quickest and easiest way to make money they focus their efforts on mass scale attacks.
Years ago brute force attacks were the easiest way a hacker could gain account access because people would use simple passwords such as their dog’s name or “love”. Now users are creating complex passwords and so login thieves have developed new methods. A current trend is for login information to be stolen from an old, unattended database or webpages with limited security. The attacker then tries those email addresses and passwords on Facebook and other popular sites. Due to the fact that people tend to use the same password and rarely change them, this method can often lead to multiple accounts being compromised. The only way to guard against this is to use multiple passwords across multiple sites. This scenario of course creates the conundrum of having multiple, complex passwords and needing to remember which works on each site. One solution is to create a master list using shorthand of accounts and passwords. Initials and shorthand will help you remember which password goes to which login without allowing someone else access to all your passwords. Nevertheless if you do pursue this route, be sure to keep this list in a safe, secure place.
By being cautious and following some simple guidelines for cyber security you can protect yourself and your organization from cyber attacks. If you ever have questions or concerns take the time to talk to your systems administrator and they will be more than happy to help you understand cyber security better.