Defense Against Crime

12/10/2017

Cyber Security Tips and Tricks

cyber-security-month-oct-2017

Unless you have been living in a cave, you should know by now that the credit reporting firm Equifax was hacked and your personal data may have been stolen.  First, let me rant this.  At no time that I am aware of did I give Equifax, Transunion, or Experian permission, or contract with, to collect or control my credit or personal information. Did you?  Who did? What gave them this ability and why was it never challenged?  I think this in and of itself should be grounds for a law suit. I think that anyone who wants to have credit has to sign a contract to have these services.  Now the really, really sad point, with all these warning that other firms and entities have been hacked in the recent past like Yahoo (more than once),Target, Ashley Madison, Ebay, Home Depot, Sony Pictures and others Equifax should have done its due diligence to make sure they were secure.  They didn’t.  They were also warned months ago that they had a security weakness in their system. Still they did nothing. End of rant.

As hacks, data breaches, and other cyber-enabled crime become increasingly commonplace, this year’s incidents is an important reminder of the need to take steps to protect yourself and your family when using the Internet. When these breaches happen, there is very little you can do once data is breached, there are a few things you can so to limit your access to your personal information. However, companies like Equifax has all the information a person needs to open credit, get a loan, buy a timeshare, etc. using your identities.

Since October is National Cybersecurity Security Awareness Month brings to light what you already know – cruising the internet and filling out web forms can be harmful if you don’t follow best security practices. The good news is you don’t need to be a cybersecurity professional to employ smart online safety habits that can go a long way in guarding against online crime.

Cybersecurity best practices make up an expansive list of things to do, but for the individual user, the few tips below will be the ultimate steps you can take to protect your data.

How can you protect yourself?

  • Limit the amount of real information you have on your social media profile. Do you have your real birth year on your profile? What about the real town where you live? How about all the schools that you went to.  Are you providing all the information for someone to fake, being you?   What will happen when those databases are hacked…the thieves will have this information, and you provided it. Personally, I have two Social Media IDs real one and a fake one.
  • In general, be cautious with social media networking. Don’t post pictures or texts that reveal any personal information like home addresses, phone numbers, birth dates, or places you and your family regularly attend, such as schools or recreational complexes.I saw a demo where a cop was able to track a girl just from her photos. She was a cheerleader, and posted a pic.  So, he knew where she was going to school Other info she posted led him to her front door. Just as a lesson on how much information she was giving away. Someone with ill intent could use that information to harm you or your children. Don’t use the check-in feature on Facebook or the like. You don’t know who is getting that info, or are you really sure their security is working. (So did all those companies that were hacked).  When in doubt, remove it. Never accept connections from people you don’t know, and be sure you have your profile set to private so only those you trust can see your information.  See tip #1
  • Did I mention securing your Social Media, banking and other internet logins with two factor authentications? (There are articles on this blog about how to do this!)
  • Now is the time to purchase Identity theft insurance. Please note I said insurance, not a monitoring service. When South Carolina had a data breach. The state gave the people who filed state income taxes free credit monitoring. All a monitoring service does not prevent identity theft, and can only alert you of suspicious activity. If your identity is stolen, it is up to you to fix it, which can take hours, and hours, and hours.  A good identity theft insurance policy assigns someone to fix the issue for you.  This is the feature you need to shop for.

 

  • Think of download ‘free software’ or ‘free versions of expensive software’ like having sex with a prostitute. You may end up picking up something that can cause your computer great harm. So don’t do it. Even some web videos can contain viruses… you’ve been warned.

 

  • If you happen to find a USB Drive on the ground, DO NOT STICK IT IN your home or work computer. This is a common method that hackers use to upload a virus to systems that either allow them to secretly install spyware, or viruses.

 

  • Consider encrypting your computer. Recent versions of Microsoft Windows provide support for Bitlocker, a program that comes with Windows that will encrypt everything on your hard drive. You could also use third party encryption products. If your computer becomes lost or stolen, encryption can prevent prying eyes from seeing and using your personal data.

 

  • Worse than stolen data is unusable data. Aside from data breaches, we have also seen the rapid spread of hi-jacked data through the use of ransom-ware. You are wise to back up your data on a non-networked device. Also know that any data you have on connected cloud drives are also vulnerable. So be sure to discount these when you are not using them
  • Take time to learn about the IC3 (www.ic3.gov)—and use it if you’re ever an id theft or internet crime or internet scam victim. The Internet Crime Complaint Center (IC3) is a reliable and convenient reporting mechanism for citizens to submit complaints about Internet crime and scams to the FBI. The IC3 uses the information from public complaints to refer cases to the appropriate law enforcement agencies and identify trends
    .
  • Practice good cyber hygiene. This is the establishment and maintenance of an individual’s online safety. It encapsulates the daily routines, occasional checks and general behaviors required to maintain a user’s online “health” (security). This task entails A person knowing how select and maintain high quality passwords, install and maintain security software on the digital devices, keep their virus definitions up-to-date, run regular security scans on their digital devices, adhere to cyber security policies, protect their personal data, and avoid potential sources of infection. This is included at work and at home on all your connected devices.
  • Use computer/electronic protection products. A comprehensive host-based security suite provides support for anti-virus, anti-phishing, anti-malware, safe browsing, Host-based Intrusion Prevention System (HIPS), and firewall capabilities. These services provide a layered defense against most common threats, and you can enable the automated updates to keep software up-to-date. Think of it as adding a security guard, guard dogs, and electric fence around your residence.

 

  • Keep ALL application software updated. Since many software programs don’t have an automated update feature, attackers frequently target those programs to gain unauthorized access to a computer. Several software products will let you know what applications installed on your PC are vulnerable to attack and need to be updated. It would be wise to Install an automated software update monitoring manager such as Secunia Personal Software Inspector, FileHippo App Manager, ManageEngine or others.
  • Know the risks of the Internet of Things (IOT). Cyber security goes beyond your computer, digital devices and cell phone. Many homes are now filled with Internet-connected devices, such as home security systems, connected baby monitors, smart appliances, personal assistants (Echo, Google Home, etc) and Internet-connected medical devices. All of these devices present opportunities for hackers to spy on you and get your personal information. Using strong passwords and purchasing IOT devices from companies with a good security track record are just a few of the things you can do to protect your family and home.Keep an inventory of anything in your home that connects to the Internet. This includes video gaming systems, smart televisions, programmable thermostats, tablet, smart appliances and video security cameras, electronic locks. These devices are vulnerable to attack due to their limited ability to update their software. If a vulnerability is found in the software, there could be no way to update it to a safer version. Always change the default passwords for these devices. When possible, segment them from your home and work networks, and unplug them when they aren’t in use. Review and learn their various privacy configurations, and set them to the highest possible privacy setting. After all, do you want to have your home hacked?

 

  • Update your operating system in a timely fashion. This would be within a year of being released. If you are using MS Office, also keep that updated.  If you’re using Windows, bite the bullet and upgrade to the latest edition for the latest security preventions. For example, Windows 10 Home can push to your PC patches immediately upon their release. Microsoft Office 2016 can block macros from loading in certain high-risk scenarios. Macros are a set of commands intended to automate specific functions, and are often used by attackers to run malicious software on a victim’s computer. Make sure you either use auto update, or apply updates on a regular schedule.

 

  • If you are an Apple person, it is wise to create two accounts for your Mac. The first account created when configuring a Mac for the first time is the local administrator account. You should also create a non-privileged “user” account and use it for the majority of activities on your computer. Your administrator account should only be used to install updates or software, or to reconfigure the computer as needed. Browsing the web or reading email as an administrator provides a path for an attacker to gain unauthorized access to your computer.

 

  • Never ever ever ever  tamper with your smartphone base config. This is often referred t to as “jailbreaking” or “rooting” your devices. Those terms refer to hacking the software on your phone or tablet. Users sometimes hack the software on the phone to allow it to do something it was not originally intended by the manufacturer. Hacking the software can cause vulnerabilities and can void the phone warranty and open you up to bigger issues. Word you remove the lock from your house to allow easy access?

 

  • If you are a regular reader of this blog, you are aware of some of the type of Exercise caution when opening emails. Beware of emails with attachments or links urging immediate action, especially those purportedly from a delivery service or bank. Some malicious emails seem to come from popular businesses, but the attachments or links in them may surreptitiously download malware. When you open any email, even one from a friend, be cautious about clicking on any links or attachments. If your friend’s email account has been hacked, you could easily receive an email that purportedly comes from your friend, when in reality, it comes from the attacker.

 

  • Be careful when using FREE Wi-Fi hotspots. Free public Wi-Fi may cost you. When you connect to Wi-Fi, your communications may not be private unless you’re using a Virtual Private Network. A VPN allows you to send and receive data across a public network as if you were actually on a private network, so anyone intruding on the Wi-Fi connection cannot see or capture your data or login credentials. Attackers often set up “open” Wi-Fi access points with names similar to the name of the establishment. This fools users into using the attackers’ “open” network, allowing them to capture your keystrokes and spy on your communication. For example, at O’Hare Airport, there could be a fake network called Chicago Airport and an authentic network called OHare-Public. If there are no signs telling you the name and password of the authentic network, you won’t know unless you ask.

 

  • Be vigilant regarding common fraud and theft tactics. Look for credit/debit card skimmers at gas pumps and ATM machines. Usually hidden, skimmers are small devices that can scan and store data from the magnetic strips on the back of credit and debit cards. Pull on the card reader to be sure it is part of the permanent fixture. If it is movable, report it to an attendant and don’t use it.Scammers often attach what looks like a genuine piece of the machine over the top of the slot where you insert your card. That piece copies your card number. On ATM machines, in addition to installing skimmers, thieves often install a tiny spy camera that records a digital video of you typing in your PIN. Use a magazine, or at least your hand, to hide your PIN from prying eyes. Jiggle the part of the machine where you insert your card to see if it comes loose. If it does, don’t use the machine.

    Beware that some new cards with RFID can easily be read by someone with an RDIF reader walking next to you.

 

  • Use Bluetooth sparingly. Although Bluetooth is useful for connecting headsets, hands-free speakerphones, and speakers to your cellular phone, it can also be a hidden door for unwanted devices and malware. If possible please, keep your Bluetooth disabled until you need to connect to a device.

 

  • Backup your data. Backup your data regularly with an offline device. If you become a victim of ransomware and you only have a cloud-based backup service, your files in the cloud will also become encrypted. This includes Dropbox, Google Drive, Microsoft One Drive, Apple Drive and many others.

 

  • Oversee your children’s computer usage. Children should use a computer in a common area of the home so parents can ensure their children aren’t communicating with people or sites that could cause harm. Many different devices have internet connectivity, so monitor children using cell phones, tablets, e-readers, gaming devices and laptops. Know all the passwords for your children’s devices in case your child becomes endangered by someone online and authorities need to conduct an investigation into your child’s online communication. Know your children’s social networking connections and the people they play online games with. Keep computer webcams covered with painter’s tape or a sticky note when they aren’t being used to communicate with family members and friends. Attackers who have access to your computer can remotely turn the cameras on without a user’s knowledge. Regularly talk to you children about online safety, but keep the tone informal.

 

 

Internet thieves are becoming more and more clever, and it is difficult to know all the latest and greatest hacks, and trips. But if you just stick with the basics and treat your computer like a living entity you should be relatively safe.
PepperEyes.com Self-Defense Products is dedicated to providing you with the best and most affordable self-defense products, survival and safety products on the market to meet the security needs of you, your family members or your business, by assisting anyone who is unwilling to become a victim of crime.  If you want to take personal responsibility for protection, home security, business security, purchase our high-quality discount self-defense products. Survival kits and arm yourself with the knowledge about self-defense and security products and information of the best way to stay secure in an ever-increasing violent world. In today’s society, being equipped mentally and physically is no longer an option.

 

Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: