Preventing Cybercrime
While the Internet allows us to stay connected, informed, and involved with co-workers, family and friends, any public environment requires awareness and caution. Just as you use locks to keep criminals out of your home, you also need safeguards to secure your computer.
- Think Before You Click: Recognize and Report Phishing -- If a link looks a little off, think before you click. It could be an attempt to get sensitive information or install malware.
- Update Your Software: Don't delay -- act promptly if you see a software update notification. Better yet, turn on automatic updates.
- Use Strong Passwords: Use passwords or passphrases that are long, unique, and randomly generated.
- Use password managers to generate and remember different, complex passwords for each account. A password manager will encrypt passwords, so you only need to remember one password!
- Enable Multi-Factor Authentication: You need more than a password to protect your online accounts, and enabling MFA makes you significantly less likely to get hacked. See Multifactor Authentication.
- Safeguard your phone. Always keep your mobile devices in your possession and be aware of your surroundings.
- Confirm before sharing. If you use social networking sites such as Facebook, limit the amount of personal information you post online and use privacy settings to avoid sharing information widely.
- Beware of any requests to update or confirm your personal information. Most businesses or organizations don’t ask for your personal information over email.
- Add only people you know on social media sites and programs like Skype; adding strangers could expose you and your personal information to scammers.
- Avoid opening attachments, clicking links, or responding to email messages from unknown senders or companies that ask for personal information.
- Beware of “free” gifts or prizes. If something is too good to be true, then it probably is.
Report a Cyber Incident
CISA provides a secure means for constituents and partners to report incidents, phishing attempts, malware, and vulnerabilities.Report a Cybersecurity Incident: Report anomalous cyber activity and/or cyber incidents 24/7 to [email protected] or (888) 282-0870. Report incidents as defined by NIST Special Publication 800-61 Rev 2, to include
- Attempts to gain unauthorized access to a system or its data,
- Unwanted disruption or denial of service, or
- Abuse or misuse of a system or data in violation of policy.
References:
- Consumer Reports. (2024). Password Managers.
- Cybersecurity & Infrastructure Security Agency (CISA). (2024 July 31). Joan the Phone: Music Video. Retrieved from https://www.youtube.com/watch?v=E4P7EJktAfM.
- Cybersecurity & Infrastructure Security Agency (CISA). (n.d.). More than a Password. Retrieved from https://www.cisa.gov/MFA
- Cybersecurity & Infrastructure Security Agency (CISA). (n.d.). Multifactor Authentication. Retrieved from https://www.cisa.gov/topics/cybersecurity-best-practices/multifactor-authentication.
- Cunningham, A., Klosowski, T., & Eddy, M. (2024, January 25). The best password managers. The New York Times.
- Federal Trade Commission. How To Recognize, Remove, and Avoid Malware | Consumer Advice (ftc.gov)
- Federal Trade Commission. (2021 May). Protect Your Personal Information and Data. Retrieved from https://consumer.ftc.gov/articles/protect-your-personal-information-and-data
- National Cybersecurity Alliance Manage Your Privacy Settings (staysafeonline.org)
- Office of the Privacy Commissioner of Canada. Tips for using privacy settings.
- Paulsen, C. (NIST) and Patricia Toth (NIST) (November 2016). NIST IR 7621 Rev. 1. Small Business Information Security: The Fundamentals. National Institute of Standards and Technology (NIST). Retrieved from https://nvlpubs.nist.gov/nistpubs/ir/2016/NIST.IR.7621r1.pdf
- SANS Security Awareness. (2024). OUCH! Security Awareness Newsletter. Retrieved from https://www.sans.org/newsletters/ouch/
- SANS Institute. (2023). Power of Password Managers. OUCH! Security Awareness Newsletter. Retrieved from https://www.sans.org/newsletters/ouch/power-password-managers
- SANS Institute. (2021). One Simple Step to Securing Your Accounts. OUCH! Security Awareness Newsletter. Retrieved from https://www.sans.org/newsletters/ouch/one-simple-step-to-securing-your-accounts/.
- Spadafora, A. (2024 March 19). Tom's Guide.The Best Password Managers for 2024. Retrieved from https://www.tomsguide.com/us/best-password-managers,review-3785.html.
Additional topics to remember...
- Medical Devices - Be sure to find out who provides the information and know where you’re going online. Many pharmaceutical companies create websites with information to sell products; criminals will mimic these websites. Look for sites ending in .edu (for education) or .gov (for the government).
- Banking - Avoid accessing your personal or bank accounts from a public computer or kiosk, such as the public library. Don’t reveal personally identifiable information such as your bank account number, social security number, or date of birth to unknown sources. When paying a bill or making an online donation, type the website URL into your browser instead of clicking on a link or cutting and pasting it from the email.
- Shopping - Make sure the website address starts with “HTTPS,” s stands for secure. Look for the padlock icon at the bottom of your browser, indicating the site uses encryption. Type new website URLs directly into the address bar instead of clicking on links or cutting and pasting from the email.
Stay Cyber Safe
- Learn about the common fraud schemes from the Federal Bureau of Investigation (FBI).
- Avoid scams, protect your identity, and secure your computer with tips from the Federal Trade Commission’s (FTC) OnGuard Online.
- Follow ten simple, customized steps from the Federal Communications Commission’s Smartphone Security Checker to secure your mobile phone. In addition, learn how to safely use public Wi-Fi networks and what steps to take if your phone is stolen.
- Protect yourself, your family, and your devices with tips and resources from the National Cyber Security Alliance.
- The National Security Agency (NSA) recommends these Best Practices for Securing Your Home Network
- Cybersecurity and Infrastructure Security Agency (CISA) suggests 4 Things You Can Do To Keep Yourself Cyber Safe