October is Cyber Security Awareness Month (CSAM). The goal of CSAM is to help Canadians stay cyber safe by equipping them with knowledge through the following four themes:
This week’s theme of Staying in Touch focuses on staying safe while being social. No matter what’s going on around us, the internet keeps us in touch and spending time with our favourite people. When using the internet and smart devices, it’s important to be aware of cybersecurity threats to proactively prevent falling victim to cybercrime. Here are some tips for being cyber safe while staying in touch:
Avoiding Phishing Scams
Phishing is a common method that hackers will use to steal valuable information from individuals and organizations. Phishing scams are often disguised as messages from people and organizations that you trust, making them easier to fall victim to.
The most important way to avoid a phishing scam is to learn how to recognize one. Here are seven red flags to look out for:
- Urgent or threatening language: Look out for threats of closing your account or taking legal action, and pressure to respond or act on something quickly.
- Requests for sensitive information: Be on alert for links directing you to login pages, requests to update your credentials, and demands for your or your company’s financial information.
- Anything too good to be true: Avoid actions on messages that claim winnings from contests you’ve never entered, prizes you must pay for to receive, and inheritance from long-lost relatives.
- Unexpected emails: Disregard emails such as receipts for items you’ve never purchased and updates on deliveries for things you didn’t order.
- Information mismatches: Look out for incorrect (but maybe similar) sender email addresses, links that don’t go to official websites, errors in spelling or grammar that a legitimate organization wouldn’t miss.
- Suspicious attachments: Avoid attachments that you didn’t ask for that have weird file names or uncommon file types.
- Unprofessional design: Be on alert for incorrect or blurry company logos, image-only emails, and company emails with little, poor, or no formatting.
If you encounter any of these red flags in an email or message, do not interact with it. Rather, delete the email or message. If you are unsure, ask the sender about the message through a different channel.
Keeping Private Information Private
Keep your private information private to prevent it from falling into the wrong hands. Cybercriminals who are planning a cyber-attack may try to collect personal information about you to tailor phishing messages specifically to you. When this happens, it makes it harder to recognize suspicious links and files making it easier for hackers to gain access to your systems. Avoid disclosing personal information to untrusted sources through calls, texts, or emails.
Using Strong Passphrases & Complex Passwords
Did you know that at least 65% of people reuse the same passwords across multiple sites? Although this makes remembering your credentials easier to do, this also makes your accounts vulnerable to cyberattacks.
By creating complex passphrases and unique passwords for each site you use, you instantly tighten up your security, making your accounts less attractive to hackers. Password managers such as Google Password Manager and LastPass can easily help you create complex passphrases and store them so that you never forget a password again.
Some best practices for creating complex passphrases include:
- Avoiding family, pet, company, and familiar names that can be easily guessed by others
- Using unique combinations of letters, numbers, symbols, and cases for each site you use
- Creating passwords with at least 4 words and 15 characters long
Enabling Multi-Factor Authentication (MFA)
Multi-factor authentication (MFA) is an added security feature that is simple to implement, assuring its increased popularity. MFA consists of two or more independent credentials to verify you are who you claim to be. Three of the most common credentials consist of what the user knows (password), what the user has (security token) and what the user is (biometric verification).
Implementing MFA is an excellent way to add an extra security layer to your system. It will prevent malicious activity on your network, keeping your sensitive data safe and secure. We suggest you allow MFA everywhere it can be used and if you don’t have the capabilities perhaps it’s time to invest in a little extra digital security.
Stay Cyber Safe While Staying In Touch
Whether it’s Cyber Security Awareness Month (CSAM) or any other day, always keep cybersecurity practices in mind to keep you cyber safe. For more information about CSAM, check out Get Cyber Safe and be sure to tune into our weekly CSAM articles for the month of October.