Successfully protecting the integrity of our computer systems from continuously evolving, advanced and persistent cyber-related threats is a critical part of our daily operations. More than likely, whether you’re at home or at work, protecting sensitive information while online is important to you too. Fortunately, there are preventative measures you can take to perform good cyber hygiene and avoid falling victim to cyberattacks.
First and foremost, make sure all of your computing devices are running the latest security updates. Always change the default credentials for your home Wi-Fi router; the manufacturer’s settings can be easily hacked providing access to your devices. There is risk anytime you use Wi-Fi in a public space. If you must do so, make sure you are connecting to the correct Wi-Fi, and don’t access sites that require using passwords or files that contain confidential or sensitive information without the added protection of a virtual private network (VPN) connection. Whenever possible, use multi-factor authentication, requiring additional verification beyond username and password, such as a fingerprint or challenge/response questions, to access sites and services.
These scams often pressure you into reacting rather than responding. It is wise to take a moment to assess the situation…
Phishing is a common practice where malicious actors send email, purporting to come from a legitimate source such as an acquaintance, colleague or business, inducing you to provide them access to valuable information, often through instinctive or impulsive actions. For this reason, always stop, look, and think when dealing with your inbox. Be wary if an email is from someone you know, yet the content is unusual or out of character. Look out for suspicious or misspelled domains in the sender’s email address. Be careful if you were cc’d and don’t recognize the other email addresses, or if the email was sent to a seemingly random group of people.
If the subject line doesn’t match the content, or if the email is a reply to an email you never sent, those are red flags. Attachments with file names that don’t match the content of the email, or seem out of character for the sender, are also red flags. Be cautious of emails that include a hyperlink and no other content, or if the hyperlink includes a misspelling of a known entity. Be on the alert if the sender is asking you to click on a link, or open an attachment, to either avoid a negative consequence or gain something of value. If you want to check with the sender about the validity of an email, never do it by replying to the email; call or text them to verify. If you’re at work and in doubt, check with your IT department; they will be glad you did. Remember to stop, look, and think. Over the course of time, phishing will become easier for you to identify.
These scams often pressure you into reacting rather than responding. It is wise to take a moment to assess the situation, which, when you think about it, can be useful advice in many aspects of life.
Always looking out for you
Learn more about your cooperative.