Cybersecurity Awareness Month – Downeast Credit Union
Loader

Cybersecurity Awareness Month

Posted on September 30, 2024 | Fraud Defense

October is Cybersecurity Awareness Month—a time to raise awareness about online threats and the steps people can take to better protect themselves when using the internet.

#1 – Enable Multi-Factor Authentication

Multi-factor authentication is an extra security step in the process of logging into an account. As usual, people enter either their username or email address––followed by their password. However, instead of being granted access to their account after successfully entering the password, the user needs to confirm their identity via another specified method. For example, the user may receive a text message or an email with a one-time code that must be entered in order to complete the login process. Other two-factor authentication methods include biometric information, such as fingerprint or facial recognition scanning.

Also, growing in popularity are authentication apps. The apps generate short codes that change on a regular basis. If the app is someone’s method of multi-factor authentication, they will need to copy the code from the app in order to log in. This makes it much more difficult for fraudsters to gain access to accounts. Even if a fraudster was able to get their hands on someone’s password, they still wouldn’t be able to access their account without the user’s personal device. With facial recognition or fingerprint scanning, they still wouldn’t be able to access the account even if they had the password and device. If you don’t already have multi-factor authentication enabled on your accounts, now is the time!

#2 – Use Strong Passwords

It’s a good idea to regularly change your password and create unique, strong passwords for all of your online accounts. If you reuse a password, data breaches can give fraudsters access to all the sites you use that password on. For example, if your password is “WickedG00dLobstah1” on both Amazon and Netflix, and Netflix.com experiences a data breach, the fraudster may take your username and password and plug it in to other sites. This is called “credential stuffing.” If they eventually try your credentials on Amazon, you will now have two compromised accounts instead of one. Use different passwords for all of your online accounts. Also, avoid including personal information in your passwords. Names, birthdays, anniversaries, and other easily guessable information should never be used. The strongest passwords should have a minimum of 12 characters and include upper and lowercase letters, numbers, and special characters.

#3 – Recognize and Report Phishing

Scammers use email, fake social media accounts, and other forms of online communication tools to try and steal your passwords, account numbers, Social Security numbers, and more. With that information, they can gain access to your accounts and even sell your information to other scammers. To protect yourself, enable email spam filters, ignore friend or follow requests from users you aren’t familiar with, and keep an eye out for anything that looks suspicious. Don’t click on suspicious-looking links or open any unexpected attachments. Poor spelling and grammar is also a red flag. Further, if you receive an email that threatens a consequence or opportunity loss unless urgent action is taken, it’s likely a scam. This approach is used to rush you into action before you have an opportunity to study the email for potential flaws or inconsistencies. Lastly, if you see an individual or group trying to solicit passwords, Social Security numbers, credit card numbers, or other sensitive information from you or someone else, report it at www.cisa.gov/report.Phishing Graphic

#4 – Update Your Software

Fraudsters are always looking to exploit flaws in your system. Network defenders work hard to protect your system, but their efforts depend on you consistently updating your software with the latest fixes. Update the operating system on your mobile phones, tablets, and laptops regularly. These personal devices often hold your emails and your financial and tax documents––often including your Social Security number. Fraudsters who gain access to this valuable information can commit identity theft, put harmful software on your devices, or both. Turn on automatic updates for all devices, applications, and operating systems to limit exploitation opportunities for fraud.