Cybersecurity & You: How to help stay safe online

Cybersecurity involves the practice of protecting computers, networks, or digital systems from attacks, unauthorized access, damage, or theft. Every day, cyber attackers make millions of attempts globally to breach devices in order to steal personal information—passwords, financial account numbers, etc.—and perpetrate fraud. Take these simple steps to protect your privacy and reduce your risk of data theft:

Be password strong.

• Create a combination. Include a complicated mix of uppercase and lowercase letters, numbers, and symbols that is at least 12 characters long to make it extremely difficult for criminals to guess—especially if words are random and out of order. Another option is to use a password manager, which will suggest tough-to-decipher passwords.
• Add an extra layer of protection. Enable multifactor authentication (MFA) where more than a password is required to access an account, e.g., a phone-generated code, face ID, fingerprint, or eye scan.
• Stash them away where no one but you can find them. It’s tempting to create easy-to-remember login credentials, but a password manager application will store complex passwords securely, so there’s no need to remember them or jot them down on paper that can be misplaced.
• Have a unique password for each account. Change them periodically, steer clear of those you’ve used previously, and never share your username or password with anyone.

Don’t be fooled by social engineering.  

• Beware of emails, text messages and phone calls that aim to scare, seem too good to be true, or impersonate. Cyber attackers seek to use psychological tricks to manipulate people into providing access to information, systems, or networks. For example, phishing emails, text messages, and phone calls are among the most common entry points used by criminals. With urgent or act-fast messages (“Your account has been compromised!” or “You’ve won a prize!”), they try to entice others to reveal personal data or pay a fee to receive a fake award. Spoofing is another means of gaining similar access in which criminals impersonate a trusted source, e.g., an email address, logo, etc. may be imitated to appear that it’s from an employer, a familiar company, or colleague.  
• Always verify first. Look for signs an imposter is lurking when you receive an email from an unknown source. Common tip-offs include links or language with misspellings, poor grammar, etc.—and even if it appears trustworthy, contact the sender through a known, separate channel as a double-check.  
• Don’t click on links from strangers! You could be unknowingly downloading malware (malicious software) that permits thieves to access your banks, credit cards, etc. to make purchases or withdraw funds in your name.
• Do your part to keep the online community safe. Don’t just delete or unsubscribe when you receive suspicious emails. Merely unsubscribing lets criminals know your email is active; instead, note them as spam to let alert your email provider; then, forward or report it to the FTC at ReportFraud.ftc.gov. 

Exercise cyber controls to police your turf.  

• Update your software, operating systems, and browsers. Software companies continuously include security fixes with every upgrade they release. To keep your devices and data safe, install updates as soon as they are available to “patch” software vulnerabilities. Better still: Sign up for automatic updates where possible, or use a reputable, third-party patch management tool. Be sure to keep your applications, web browsers, and routers updated as well.
• Install antivirus software and firewalls. These serve as an internal security guard of sorts that can scan, detect, and protect against malware that may allow criminals to corrupt your devices and copy or remove sensitive data.
• Don’t use public Wi-Fi hotspots. Often located in coffee shops, hotels, or airports, their unsecured internet connections can make your devices susceptible to criminals. If Wi-Fi is critical when you’re on the go, create a virtual private network (VPN) or personal Wi-Fi hotspot with your phone. And avoid public charging ports or cords, where laptops or phones can be intercepted and contaminated.  
• Limit what you share digitally. Applications will seek access to your contacts, photo library, location, etc., which provides more information than they really need. Only grant essential permissions and access. Also, be mindful of what you share on social media. The more strangers know, the more vulnerable you may be to those with bad intentions who are watching. Making those private can help make the account safer.

Finally, by proactively checking financial statements and periodically reviewing your credit reports, you can stay aware of any fraudulent charges, in addition to unauthorized credit lines or inquiries. You’re entitled to yearly free credit reports—as well as complimentary weekly access—from the three major credit bureaus at AnnualCreditReport.com, the only federally authorized website. 

We’re here to help. If you believe that you have been a victim of fraud or a cybersecurity breach, call us at 1-800-724-2440 (24 hours a day, 7 days a week).