Security & Safety Resource Center

Your mobile devices probably contain more private data than you’d like to admit: pictures, emails, phone numbers. All of this can be stolen and copied by hackers. One of the first and most important steps to keeping your phone safe is setting up a lock screen. Also, don’t house ultra-sensitive files like documents with your Social Security number on them in your phone. Instead, back those items up elsewhere. Finally, don’t install any unknown apps. If an app looks interesting but you’ve never heard of it before, do a quick search and learn about it before downloading it.

Cybercriminals can use the internet to gain access to your computer. For this reason, use only Wi-Fi networks with WPA2 or higher security, a cellular network, or a virtual private network when possible. Always try to avoid using public Wi-Fi.

Also see our article: How to protect your privacy on public Wi-Fi

Spam campaigns are one of the most popular methods of attack among cybercriminals. The process involves sending out thousands of emails, usually from a phony source, with a fake promotion or offer in the subject line and body. The goal is to trick you into opening the spam email and clicking through to the alleged offer. When you get an email that looks spammy, just delete it. If you do happen to open it, make sure you don’t click on any links or download any attachments. It’s likely that these files include malware that will infect your computer.

How many emails do you send per day? Have you ever emailed a picture of your passport or social security card? If a hacker gets access to your email account, they can find and take advantage of private data by looking through your inbox and sent messages. One good way to tighten up your email security is by deleting messages that you don’t need anymore, especially ones with sensitive information. You should also change your password every 90 days.

Cybercriminals will often send emails posing as representatives of trusted entities, such as insurance companies and banks, with the intention of retrieving your private information. If a hacker finds out which car insurance company you use, they might send you an email from an address that appears to be from that company. The message could say something like “your account has been suspended and in order to continue service, fill out this form” (that’s where they’ll try to collect your private data). If you receive an email like this, ignore it.

Also see our article: A guide to defending yourself from advanced phishing attacks

Whenever you open an email, first look at the source. Who’s sending it? Do you know them? If the source looks at all unfamiliar, proceed with caution. In the body of the email, there might be links or attachments with a message prompting you to click or download them. These files might contain malware. Some malware emails are advanced enough to not be detected by antivirus software.

Ensure that the only person who has access to your account is you. Use it for email, banking, social media, and any other service that requires logging in. If MFA is an option, enable it by using a trusted mobile device, such as your smartphone, an authenticator app, or a secure token—a small physical device that can hook onto your key ring.

Cyber criminals use phishing tactics, hoping to fool their victims. If you’re unsure who an email is from—even if the details appear accurate—or if the email looks “phishy,” do not respond and do not click on any links or attachments found in that email. When available use the “junk” or “block” option to no longer receive messages from a particular sender.

Also see our article: A guide to defending yourself from advanced phishing attacks

By searching Google and scanning social media sites, cybercriminals can gather information about your partners and vendors, as well as human resources and financial departments. Employees should avoid oversharing on social media and should not conduct official business, exchange payment, or share personally identifiable information (PII) on social media platforms.

Once a hacker gets access to your computer, they can look at your personal files and copy them onto their own computer. Most hackers are thieves, so if you’ve got a folder on your desktop with all of your passwords, bank routing numbers and credit card details, you’ve made it easier for them to steal from you. To protect yourself in the event of a security breach, make sure you don’t store vital information all in one place on your computer. Instead, put sensitive files on an external hard drive or in the cloud.

Also see our article: How to protect your new laptop in 2020

If you never check your bank statements, you might not know you’re a victim of identity theft until it’s too late. Consistently reviewing your bank statements is a simple way to ensure your credit or debit card details have not been leaked. Set a weekly reminder to visit your bank statements online, look over your past week of expenses, and make sure there isn’t anything out of the ordinary.

Keep your software updated to the latest version available. Maintain your security settings to keeping your information safe by turning on automatic updates so you don’t have to think about it, and set your internet security software to run regular scans.

3.48 billion people worldwide now use social media worldwide. That’s an increase of 9% from 2018. While some social networks might seem safer for connecting to many people because of the limited personal information shared through them, keep your connections to people you know and trust.

Creating a strong password is can be easier than you think. Substitute letters with numbers and punctuation marks or symbols. For example, @ can replace the letter “A” and an exclamation point (!) can replace the letters “I” or “L.” Or use phonetic replacements, such as “PH” instead of “F”. Or make deliberate, but obvious misspellings, such as “enjin” instead of “engine.”

If you really want to protect your computer from malware, consider shopping around for antivirus software. These products are designed to stop, detect, and eliminate malware infections on your computer. Standard antivirus software solutions protect you from threats such as phishing attacks, spyware, viruses, and spam.

This is a simple way to improve your personal cybersecurity. When creating a password for a new online account, the more unique it is, the better. Don’t simply use “password” or spell out your name. Passwords like that put your accounts at risk of being hacked. There are tools online to help you come up with efficient passwords. As a starting point, make sure all of your passwords include at least one lowercase letter, one uppercase letter, one number, and one symbol.

Lock your device when you are not using it. Even if you only step away for a few minutes, that is enough time for someone to steal or misuse your information. Set your devices to lock after a short time and use strong PINs and passwords. In a world where we are constantly connected, cybersecurity cannot be limited to the home or office.

For more information see our article: How to protect your identity when traveling

Cybercriminals will often create fake profiles on social media sites like Facebook and Linkedin, with the objective of gathering sensitive information about you. By looking at your social media page, they can use your personal information to develop a phishing scam. To do this, they might create an alias or impersonate somebody you know before sending the friend request. If you don’t know the person, simply reject their request. If it looks like someone you know, but you’re still not sure, reach out to that person externally to confirm it’s really them.

Anytime you enter payment information on a website, you should be extra careful, since that data could potentially be tracked and harvested by hackers. Before purchasing anything, make sure you’re on a safe network, as in a network that you own, not a public Wi-Fi server. As a rule of thumb, don’t buy anything online unless it’s from a well-known, trusted entity like Amazon. If you don’t recognize the name of the website, don’t enter your credit card info. Also, if the website prompts you to save your credit card info for later purchases, don’t do it!