How to protect yourself from Cybercrime

Four ways to protect yourself

There are four main ways to protect yourself.

1: Use multifactor Authentication

Multifactor authentication means using an extra step to verify your identity. There are three ways this can be done. They can ask for something you know, something you have, or something you are. Something you know might include a PIN or security question. Something you have would be something like receiving an email or a text. Something you are includes facial ID or a fingerprint. One of the most common forms is being emailed a code after logging in to your account in order to verify your identity. Other common examples include being sent a code, an automated phone call, or using a separate app on your phone to verify.  

2: Keep your software updated

Keep your programs, computer, phones, etc. updated. Professionals are working hard everyday to patch up exploits and stay ahead of hackers by implementing better security. If you don’t update your software, there’s no way for you to take advantage of that improved security, so make sure to keep your software updated. Use automatic updates if possible. 

3: Be careful what you click

According to the Cybersecurity and Infrastructure Security Agency, more than 90% of successful cyber attacks begin with a phishing email. Always be vigilant in what you receive and ensure that it’s legitimate. Click here to learn more about phishing (This would link to the below section written about phishing). 

4: Use strong passwords

A strong password is one of the best ways you can secure your accounts. According to security.org the password “janey1963” would take a computer 42 minutes to crack. The same password with just some simple modifications, “jAN3y196three” would take 100,000 years to crack. Password length and complexity are extremely important. The longer and more complex, the better. 


Phishing

People are the first line of defense in cybersecurity. The majority of cybersecurity incidents are actually due to human error. The most common way is through a phishing scam. 

The National Institute of Standards and Technology (NIST) defines phishing as “A technique for attempting to acquire sensitive data, such as bank account numbers, through a fraudulent solicitation in email or on a web site, in which the perpetrator masquerades as a legitimate business or reputable person.” 

A common way scammers will attempt to attain personal information is by asking for it via email or text. Most legitimate institutions will not ask for your information over email, they will instead direct you to access your account on their website and update it there. Anytime you receive something that looks suspicious, always double check. If you receive an invoice you don’t recognize, make sure to check with the institution first to verify whether it’s legitimate. 

An example would be that you receive an email from a scammer posing as Netflix saying that your payment didn’t go through and your information needs to be updated. In the email a link is provided to your account page. Most institutions will not provide a link to your account page, instead they will provide written instructions on how to login and view your account information. A scammer may provide you a false link that will instead give them your information once you log in. 

Other things to check are the greeting used in the email. Most institutions will not use a generic greeting and will instead address you by the name on your account. A legitimate institution will not use threatening language or try to scare you into action, they will instead use professional and factual language. When in doubt, trust your gut. If something doesn’t feel right it usually is not. 



For more information about strong passwords: https://www.cisa.gov/secure-our-world/use-strong-passwords 


For more information about multifactor authentication: https://support.microsoft.com/en-us/topic/what-is-multifactor-authentication-e5e39437-121c-be60-d123-eda06bddf661 


For more information about software updates: https://www.nist.gov/blogs/cybersecurity-insights/cybersecurity-awareness-month-2022-updating-software 


For more information about phishing: https://consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams