There is no doubt that in today’s world, there is a need for seasoned cybersecurity engineers and programmers to protect critical systems. With the recent spike in phishing, malware, and ransomware, every user, including anyone who uses a computer, is in danger. Hackers are tricky, and they can be relentless in pursuing your personal information. Follow the seven steps described here to make sure you avoid being scammed.
Let’s start with the first step: be vigilant when using social media. We all see those questions from our friends and family about our favorite pastime, our animals, our family members, our school, when we graduated, date-of-birth unique names based upon month, and even graduation information and/or photos. Hackers can use any of this information to answer your secret questions if they are trying to reset your password. Be careful with the information you share online using social media. You may also want to check your social media logins/location from the history. You may be surprised to see that someone in a different state has logged into your account. If you see this type of activity, immediately force them to log out, and change your password and security questions if necessary.
The second step is to check websites you log into. Make sure you see the LOCK icon near the address, then click on it to make sure the domain name is in fact where you are going. Without this lock, you could be connecting to a completely different server that may resemble the page where you intended to go. If you don’t see the security LOCK icon for a website that handles personal information and/or credit cards, DO NOT enter your information here.
The third step is to handle with caution certain emails that ask you to update your account, or check status of a “claim.” Scammers may entice you to click on unauthorized email links. DO NOT use the email web links, unless you absolutely trust them (i.e. you just made a password reset and you get confirmation to click there). If you know you have business with that particular company, go to the authorized website directly and log into the portal you are familiar with. You may also find (like myself) that you get emails saying that your shipment got stuck and needs more attention, and you know you didn’t ship anything, nor are you expecting to receive anything.
The fourth step is to make sure your home router has a unique password and is not using the “default” password. Most network switches and routers come with a default login. Always change these logins; if you don’t, you open up your risk of being targeted. Most ISPs are sending the routers out with unique passcodes to access the web interface, which is great for security.
The fifth step is to check your mobile phone. Make sure you verify all Apps usage of your onboard cameras and sensors. Some of these are required (like the Camera app requires the camera), but if you have an app that does not need that component, make sure it is disabled. If an app has control of your device’s camera or sensors, it could optionally run those at any time (which a lot of them do) even though you would like to believe they are only used when you use them. Having more control of what those Apps access is important. The majority of apps are properly using these features, but you always want to be safe.
The sixth thing to do is when you get those messages in your social media account that are from friends and family, to always ask them first about any links they send. I can’t tell you how many times my friends’ accounts have been hacked and I get a message asking to click a link to see them doing something, or to check out this story. I usually find out that their accounts have been hacked and now their friends are being targeted. Use critical thinking when checking these messages out: make sure a message applies to the person and story.
The seventh step is to use a notable anti-virus/anti-malware program on your computer. This will protect against the majority of the attacks, including sending of personal information (if the program supports it). Along with making sure you have these programs in place, back up any sensitive document to an external storage device or the cloud, creating a second copy in case of a ransomware attack.
Following these seven steps can help you chip away at the tip of the iceberg of cybersecurity for end users. There are plenty of other steps that you can take to make sure your online activity is safe, including making sure you have a good password policy and running a notable anti-virus/anti-ransomware program. If you apply these rules and steps in your online activity, you will be way better off than if you didn’t, and there is nothing worse than being hacked or having a malware situation.
About the Author
Garrett Swindell has 20+ years’ experience programming, implementing server to client communications, and designing intricate control system. As a product engineer, his primary focus is developing connections between users and computers/servers though the use of hardware and software. Garrett assist local and international projects from start to finish with compliance regulations and performing product compliance testing with recognized test houses.