Computers and technology are a vital part of everyday life. We use computers and mobile devices for everything—work, shopping, personal communications, conducting business, and more! While we can’t live without technology, it could be the open door thieves use to access your private and sensitive information. The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cyber Security Alliance continue the tradition of October being National Cybersecurity Awareness Month, now in its 17th year—this year's theme is "Do Your Part. #BeCyberSmart.” It’s a perfect time to educate yourself about the latest scams and methods for protecting your data.
Types of Scams
Cybercriminals' two main goals are to get you to respond to them and hand them your information or find a way to enter your systems and other hardware to mine your data for their use. Typical scams include:
- Phishing – Phishing is a method of sending out emails, calls, or texts that appear legitimate, but once you respond by clicking a link or downloading an attachment, thieves have access to gather your data.
- Spear-phishing – Much like the more general phishing, the contact starts with emails, calls, or texts. However, with spear-phishing, the criminals target you specifically by tailoring the message to match something in your life, such as where you shop, where you work, or personal data like, information about family members or hobbies.
- Malware – Cybercriminals create and distribute software, installed often without the user's knowledge to access personal information.
- Ransomware – Ransomware is designed to block a user's access to their files or information. Often times, hospitals, schools, and businesses can be victims of ransomware. Cybercriminals hold a victim’s access hostage by trying to demand money to gain their information back, or risk having to rebuild their entire information and file foundations.
- Trojan Horses – Trojan horse type of attacks enter your system when you download files such as PDFs, DOC files, or other seemingly valid files. But the file is corrupted with damaging software instead, allowing the attackers to gain access to networks and computers quickly.
- Eavesdropping Attack – If you have ever been on public Wi-Fi, you could be a victim of an eavesdropping attack. The attacker connects to a public Wi-Fi network then masks their system to intercept data on the network from other people on that same Wi-Fi connection—gathering any personal information that you access while on that connection.
- Juice Jacking – Juice jacking typically finds its victims while they are traveling. We have all seen the public kiosks that allow users to charge their phones or laptops in airports or other travel rest stops. Thieves have installed hardware into these charging stations' ports that will enable them to access any phone or computer connected to the station.
Ways to Protect Yourself
- Ensure that Your Operating System and Antivirus Software is Up-to-Date
Having an out-of-date operating system or antivirus software is like rolling out the welcome mat for cybercriminals. When the criminals are writing software to infiltrate a computer, they are using the most current operating system and antivirus software as a guideline, anything that is older can be detected by malware and can easily access your hard drive.
- Check Your Credit Report Regularly
Checking your credit report regularly or employing a credit report monitoring service will enable you to know if someone is using your good name to take open new credit cards, buy cars or houses, or personal loans. If you find something suspicious, you can report it to the credit bureau and attempt to dispute it. You can also ask the three credit bureaus to freeze access to your reports.
- Use Two-Factor Authentication
When you use two-factor authentication (2FA), you log in with your typical username and password. Additionally, you need to verify the login by text or email, or another method that you have set up with the company or website. We see two-factor authentication most often in the banking industry. If you wish to have two-factor authentication for your business or personal website, there are 2FA apps available to use as an extra layer of security.
- Keep Off of Public Wi-Fi
Whether at a coffee shop, a hotel, an airport, or your local library, a public Wi-Fi connection can allow thieves access to your passwords, financial information, and private pictures or videos. Hackers simply intercept traffic on the network, and your computer or mobile devices thinks that the hacker's computer is the access point to the Internet.
- Create Strong Passwords
Creating a password that is short and easy to remember may help you in your daily use; however, a simple password makes a hacker's job almost effortless. Never use your personal information for creating a password and change your passwords on a semi-regular basis to safeguard your information.
- Consider a VPN
A VPN, or virtual private network, is a service that encrypts your data. Any email, instant message, browsing history, credit card information, or downloads are encrypted to keep your information safe.
- Educate Children
As families face the COVID-19 pandemic and most educational opportunities are moved to a virtual classroom, make sure that children are educated about the cybersecurity. Once a thief can access a network, it could be easy for them to access a work or company-owned computer.
- Seniors are Often Targeted
Seniors are a vulnerable target group for thieves and fraudsters. Technology is hard to keep up with if it’s not an integrated part of your life. As some seniors venture into the virtual world to stay connected with friends and family, they can quickly become victims of scams and cybercriminals. Typical scams specific to seniors are telemarketing fraud, Medicare/health care fraud, and reverse mortgage scams.
The above tips and list of possible threats are not comprehensive, so it best to keep yourself as educated as possible when it comes to new or developing threats to personal data. Online safety and information privacy are essential for everyone to stay cyber smart.