October is Cybersecurity Awareness Month, a month dedicated to learning and teaching about cyber hygiene practices. The yearly observance of the month began in 2004 to help individuals learn best practices for online safety and how to prevent threats from taking over their online lives. This year, the topics of focus include multi-factor authentication (MFA), phishing, software updates, and passwords.
The importance of MFA cannot be understated. It is one of the simplest measures an individual can take to prevent cyber-attacks. MFA requires a secondary method to confirm your identity before allowing access, usually in the form of a text message, email, or app with a push notification or a 6-digit code. MFA matters because if the bad guys happen to have your password, they are much less likely to gain access to your account without also having the secondary code for identity confirmation. MFA is a required step for most online accounts, from email to social media to bank logins, to help protect people from ransomware or other attacks. Double check you have it enabled on all your online accounts, both business-related and personal, for enhanced security.
Another important topic for Cybersecurity Awareness Month is secure passwords. Learning how to format passwords so they are harder to crack is an easy step towards heightened account security. Some of the simplest passwords, including ones like “12345” or “admin”, can take mere minutes for a computer to guess. We recommend combining 2 or 3 normal, everyday words together while throwing in a symbol and a number somewhere in the mix. Taking an extra 30 seconds out of your day to make a long and complex combination of letters, numbers, and symbols that may take you a few more seconds to enter when logging in could save you the time and hassle of having your data compromised.
Regular software updates are another way you can easily prevent threats from entering your network with minimal effort on your end. All that’s needed is executing the update procedure for your software. For example, in Adobe Acrobat, you would simply use the Help menu by clicking Help…Check For Updates. Many people ignore this vital step, as they view the popups and reminders your device sends periodically as an annoyance or interruption to their day. Like complex passwords, updating your device’s software regularly takes a small piece of your time in exchange for avoiding extensive downtime and lost money in the case of a ransomware attack.
Phishing is an ever-present threat in the online world. Bad actors continue to work towards making phishing attempts more difficult for the average person to spot, but here are a few tips we like to use.
- Always check URL links in emails by either hovering your mouse over it or pasting it into a blank text document to see if it contains any suspicious wording.
- Look for links that end in “.php” as they are often malicious or phishing links.
- Inspect the sender address looking for anything out of the ordinary.
- Check the email body for spelling errors or out of place/unexpected content.
- Learn to recognize when the sender is asking for something urgently, because it’s likely to be a phishing attempt.
In a nutshell, taking a few extra steps to double check a link before clicking it can save you a headache later. If it seems odd, it is best to call the sender and ask for clarification.