As a regular reader of Tripwire, you are aware that October is National Cyber Security Awareness Month.  Way back in 2015, when the world was an entirely different place, I contributed an article that offered some tips for protecting yourself.

Those tips are still relevant:

  • Password management. This should be very old news, but the majority of the population still does not use a password manager.
  • Multi-factor authentication. Fortunately, many online institutions (mostly financial) now force multi-factor in order to transact any business.
  • How do you connect? Similar to password management, many folks still do not hesitate to connect to any open Wi-Fi connection. This is still a bad idea.
  • Remember the basics. The simple lesson here is to learn to recognize a scam early.

Since that article, other scams have taken a front seat towards compromising our security. They are not new, but they seem to be the new “flavor of the day.”

Some of the more prevalent scams include credential theft. This is the one where you are taken to a fraudulent login O365 or similar page, and if you fill in your username and password, that information is then sent to a scammer. The risk here is that if you use that same username and password anywhere else on the internet, your accounts can be taken over by the scammers.

Ransomware – the current scourge of the internet. Again, this is not new, but the social engineering tactics are becoming much craftier, tricking people into clicking a malicious link or navigating to a compromised site.

How can you protect yourself from these top threats? If you are following the five steps described earlier, you are in better shape than most, and I applaud you. Here are a couple of other tips.

If you use a (Read more...)