“URGENT! Reset your password or your account will be closed”. I'm sure you have received an email with a similar subject title before. But has that sentence ever caused you to panic in that moment, or made you go into autopilot mode, and you end up clicking on it, only realizing after that it was a phishing scam?
We often see headlines of companies experiencing cyberattacks and big losses, some even amounting to millions of dollars in just a single attack. But how about individual users like you and me? We seldom see individual people make headlines, but they are more common than you can imagine. Just take one quick search on Twitter and you will find people sharing their frustrations from having experienced some form of cyberattack or having fallen for a phishing scam. This tells us one thing: even if we don’t often hear it on the news, cyberattacks occur more often to individuals than we might think, and we can fall victim if we are not careful enough.
If you look at your emails, you will see how much cybercriminals try to grab your attention. The first step is awareness and knowing what to look for. This blog article may serve as your guide in keeping yourself protected from online threats. Here are some points to take note of:
-
Ensure the website you visit use HTTPS
HTTPS websites are an indication of an SSL/TLS certificate — which helps ensure the website's authenticity and security. The TLS certificate may also display the organization’s name to ensure legitimacy and trustworthiness.
When web browsers prompt that the website your visiting isn’t secure, leave the site immediately. Major browsers prompt the users that the data they input in a website is safe.
When browsing an unfamiliar site, look for an HTTPS or a padlock symbol in the address bar. This indicates that the website is SSL encrypted and that it provides the encryption necessary to protect your personal information.
Some cybercriminals use a web address like the popular website they are trying to impersonate and may even create an exact copy of the site. Thus, it is important to look carefully and ensure that the web address you are visiting is the legitimate one and not a copy.
-
Create Complex and Unique Passwords on all your accounts
When creating an account online, always use strong and unique passwords as a standard. Following a regular schedule for changing passwords is also strongly advised.
Strong passwords include: • At least 8 characters • A combination of uppercase and lowercase letters • A combination of letters and numbers • At least one special character
-
Digitally sign and encrypt your emails
Secure/Multipurpose Internet Mail Extensions (S/MIME) technology allows users to make email deployment safer and easier by providing an extra layer of security and authenticity through end-to-end encryption.
S/MIME proves that 1) the message came from the sender, 2) it has not been tampered with, and 3) it can only be opened and read by the recipient, even if the message was intercepted by someone else.
-
Evaluate emails carefully
Email phishing scams are on the rise. Beware of attackers who will try to impersonate a trusted person or organization to lure you into opening a malicious link, e-mail, website, or text message.
When receiving an email with attachments from an unfamiliar source, run a background check first, and ensure the email address is legitimate before downloading any attachments. This phishing method is a gateway to security breaches as attachments may contain malicious files such as malware and spyware.
-
Keep your software up to date
Software updates improve your computer’s stability and increase the security of the applications within your PC and devices. Cybercriminals often look for unpatched security flaws within outdated software to exploit.
When you don’t update your software, you leave room for exploits and make yourself an easy prey. This also extends to Operating System (OS) updates, where not updating can make your computer vulnerable to system attacks, and you end up having your data compromised when it could have been avoided with just a simple update.
-
Manage your social media settings
Sometimes, the default setting on social media platforms isn't the best for our security and privacy. Restricting view access of your social media profiles makes it harder for cybercriminals to use social engineering tactics on you.
-
Strengthen your home network
Some VPNs provide additional protection by encrypting your communications. Thus, even if a cybercriminal manages to access your network, they won’t be able to read the data that is passed through a VPN.