Cybersecurity news from NTSC
Working remotely has opened new methods for cybercriminals to steal information off laptops, smartphones, and tablets.
The result is more identity theft, theft of sensitive documents,
and financial losses for employees and employers.
Let’s fix that!
A study by the University of Central Florida says that when we bypass our employers’ security policies — often because we’re trying to get work done faster — we are far more apt to suffer a cyber breach.
Use work devices for work.
Use personal devices for personal stuff.
That minimizes the amount of information an attacker can access and prevents family members from accidentally exposing sensitive data when using a device from work.
Only use approved software on work devices.
For example, don’t use your own app to share work-related files. Even if you’re more comfortable with apps you own, security on those apps may be lacking. Have a question? Talk to the IT Team.
Keep software up to date on your personal electronics and home Wi-Fi network.
Open the “preferences” settings on your Wi-Fi router, the apps you use, and the operating systems of electronic devices you own. Turn on “automatic updates.”
And yes, you should install antivirus on your personal computer, tablet, and smartphone.
Plus, a password manager, VPN software, and a way to back up all your files automatically. Do a web search to find reliable brands for electronic devices you use.
Click to download and print this PDF with more steps
to stay safe while on the job — but out of the office.
Santa is coming — and so are the hackers, says Politico Cybersecurity. So be suspicious of urgent or threatening texts and emails throughout December. That’s because some of the most notable hacks in history have played out between the end of November and New Year’s Day.
Twitter has suffered a cyber breach. If you use Twitter to help you log into other websites, turn off that capability immediately and set up individual logins for those websites. ZDNet quotes cybersecurity experts who say Twitter’s login technology is “broken.” To change your Twitter two-factor authentication, go to Settings & Support > Settings & Privacy > Security & Account Access > Security > Two-factor authentication.
Here we are; another year is almost over, yet the most common password is still “password.” In second place: “123456.” Rapid7 says even cyber professionals are password-lazy too often: the most common password used to protect technical systems is “admin.” Cyber crooks can break into accounts that use those passwords in under one second!
The fake subscription:
"You must call now to cancel."
This scam is increasing “exponentially,” according to the Washington Post, and costing victims hundreds of thousands of dollars.
It begins with a phishing email warning that the victim has purchased an expensive subscription. The email instructs the victim to call a number to cancel the charge. Crooks then try to gain control of the victim’s computer, which gives them access to bank accounts and passwords.
In a similar scheme, the FBI says criminals pose as tech support experts from computer or software companies who promise to fix a victim's computer problems for a fee — plus access to everything on the computer.
Here’s what happens when you call the number.
"My wife has been receiving spam messages at an increasing frequency. Each email says her Amazon.com account has been compromised and contains a link she can use to fix things. She knows this isn't legitimate. But the messages are coming with increasing frequency. The sender's address is slightly altered between messages so that her phone's spam blocker can't block them. What can she do to stop the messages?"
First, don’t ever respond. Sending an “unsubscribe” message only confirms that your wife’s email address is active. The email app she uses probably has a “Report Spam” button. Select the offending email and report it. If you’re concerned that a threatening message is genuine, don’t click on a link in the email. Instead, type the web address into your browser, log in, and check your account.
"I use a thumb drive to enter and store my passwords. I do not use the hard drive on my computer. Is this safe and secure?"
It's risky. Best bet: purchase and install password management software on your computer. If you are committed to using a thumb drive, make sure the drive is password protected and encrypted. First, copy everything on the thumb drive onto your computer. Next, if you use Windows, insert the drive, right-click its icon, turn on “BitLocker,” and follow the instructions. On a Mac, insert the drive, double-click your hard drive icon on the upper right of your screen, and go to Utilities > Disc Utility. Now launch Disc Utility, select “Mac OS Extended (Journaled, Encrypted),” and follow the instructions. Then copy the files from your computer back onto the thumb drive.
"Are there some 'Find my phone' or 'Find my device' programs that are better than others?"
Make life easy! Use the “Find My Device” app that comes with your device. Apple, Samsung, and Google all offer this technology. Take a few minutes to see if “Find My Device” is active on your personal phone, tablet, and laptop. If it’s not working on all those devices, take steps to activate it. That way, if you lose the device, you can use another of your electronics to view its location. And if it turns out the device has been stolen, using "Find My Device" can make data on the device inaccessible.
Cartoon © 2022 CartoonStock | Original content © 2022 Aware Force LLC