While the Internet allows us to stay connected, informed, and involved with co-workers, family and friends, any public environment requires awareness and caution. Just as you use locks to keep criminals out of your home, you also need safeguards to secure your computer.

  • Think Before You Click: Recognize and Report Phishing -- If a link looks a little off, think before you click. It could be an attempt to get sensitive information or install malware.
  • Update Your Software: Don't delay -- act promptly if you see a software update notification. Better yet, turn on automatic updates.
  • Use Strong Passwords: Use passwords or passphrases that are long, unique, and randomly generated.
  • Use password managers to generate and remember different, complex passwords for each account. A password manager will encrypt passwords, so you only need to remember one password!
  • Enable Multi-Factor Authentication: You need more than a password to protect your online accounts, and enabling MFA makes you significantly less likely to get hacked. 
  • Safeguard your phone. Always keep your mobile devices in your possession and be aware of your surroundings.
  • Confirm before sharing. If you use social networking sites such as Facebook, limit the amount of personal information you post online and use privacy settings to avoid sharing information widely.
  • Beware of any requests to update or confirm your personal information. Most businesses or organizations don’t ask for your personal information over email.
  • Add only people you know on social media sites and programs like Skype; adding strangers could expose you and your personal information to scammers.
  • Avoid opening attachments, clicking links, or responding to email messages from unknown senders or companies that ask for personal information.
  • Beware of “free” gifts or prizes. If something is too good to be true, then it probably is.

Report a Cyber Incident

CISA provides a secure means for constituents and partners to report incidents, phishing attempts, malware, and vulnerabilities.
Report a Cybersecurity Incident: Report anomalous cyber activity and/or cyber incidents 24/7 to [email protected] or (888) 282-0870. Report incidents as defined by NIST Special Publication 800-61 Rev 2, to include
  • Attempts to gain unauthorized access to a system or its data,
  • Unwanted disruption or denial of service, or
  • Abuse or misuse of a system or data in violation of policy.
Federal incident notification guidelines, including definitions and reporting timeframes, can be found  here.
Organizations can also report anomalous cyber activity and/or cyber incidents 24/7 to [email protected]

References:

futuristic criminal in a hoodie on a computer screeen

Business Email Compromise

Business Email Compromise (BEC) is a sophisticated cybercrime that involves attackers gaining unauthorized access to a business email account. For more about  Business Email Compromise ...

distressed woman looking at her cell phone

Cyberstalking

Cyberstalking is a form of online harassment that involves using the internet or other forms of electronic communication to stalk or harass an individual. For more about  Cyberstalking ...

man at a computer suffering a ransomeware attack

Ransomware

Ransomware is a type of malicious software designed to deny access to a computer system or files until a sum of money, or ransom, is paid to the attacker.  For more about  Ransomware ...

patcrypt a large team of developers with code on their screens

Cybercrime as a Business

With criminals adopting principles akin to legitimate enterprises, the efficiency and precision of their attacks increase, posing a greater challenge for individuals to safeguard themselves. For more about  Cybercrime as a Business ...

Data Protection - person typing on keyboard


Additional topics to remember...

  1. Medical Devices - Be sure to find out who provides the information and know where you’re going online. Many pharmaceutical companies create websites with information to sell products; criminals will mimic these websites. Look for sites ending in .edu (for education) or .gov (for the government).
  2. Banking - Avoid accessing your personal or bank accounts from a public computer or kiosk, such as the public library. Don’t reveal personally identifiable information such as your bank account number, social security number, or date of birth to unknown sources. When paying a bill or making an online donation, type the website URL into your browser instead of clicking on a link or cutting and pasting it from the email.
  3. Shopping - Make sure the website address starts with “HTTPS,” s stands for secure. Look for the padlock icon at the bottom of your browser, indicating the site uses encryption. Type new website URLs directly into the address bar instead of clicking on links or cutting and pasting from the email.