Daily tips to create awareness of cyber threats and empower Total Defense users to be safer and more secure online.
If your business or organization is extorted by a ransomware attack, the hackers will threaten to release “sensitive information” they obtain from your network. In most cases, however, hackers are actually lying — they don’t have any sensitive information at all. Keep this in mind before your company agrees to payment. Not only can you squash a would-be attack, you may save your organization millions of dollars in ransom pay.
Protect your emails from phishing scams, malware and other attacks by using a Sender Policy Framework (SPF) and a DomainKeys Identified Mail (DKIM) system. In essence, SPF allows you to define exactly which IP addresses are allowed to send mail from a specific domain. If a bad actor attempts to spoof an email from a legitimate source, the SPF can flag the email because it didn’t originate from the correct domain. On the other hand, DKIM uses an encryption key and digital signature to verify an email’s authenticity.
The best way to stay protected online is to reduce the surface area for bad actors to attack. For every account, there’s a doorway into your private data. For every device, there may be a dozen different accounts. Risk, as a result, increases exponentially as this process goes on. Rather than spread yourself thin across too many surfaces, keeping your online presence within arm’s reach helps you stay vigilant and protected.
If you use an online dating service, whether it be an app or a website, be wary of how much information you share publicly. Avoid including any personal information that can identify your residential address or place of employment. Likewise, be mindful of which details you include in your profile. Some details may help bad actors guess your password and compromise your information. Before physically meeting someone you’ve contacted online, be sure they are who they say they are. Catfishing isn’t just embarrassing, it can be a threat to your well-being.
Password-protected PCs, Macs, tablets and smartphones all have limit points at which they lock their screens, requiring re-entry of the passcode or PIN. The time frame for relocking is changeable, but the safest option is to force anyone attempting to log in to re-enter the device password immediately. That way, you don’t have to worry about someone picking up your phone or laptop and being able to access its contents.
Businesses collect large amounts of data. This makes them susceptible to cyberattack, especially from hackers aiming to hold a company ransom. The best way for an organization to protect its data is to automate security protocols with cloud technology. Artificial intelligence and machine learning can patrol your network end-to-end so that suspicious activity won’t go unnoticed. When threats are identified, they can be quickly eliminated.
A popular trend in phishing scams is the unsolicited gift card prize offer. Malicious scammers pose as legitimate companies, like Amazon or Apple, and send convincing offers to their targets. They claim the target has the chance to win a valuable gift card, but they’ll need to act now if they want to win. Clicking their link will direct the target to their malicious website, where malware is surely waiting to strike. Take these steps if you receive a suspicious offer:
When viewing your online bank balance or making a purchase, it’s best to avoid networks you don’t normally use, especially public Wi-Fi hotspots that might reveal your activity to unwanted cybercriminals. Handle important transactions on your password-protected home network or with the help of a virtual private network (VPN) service.
Scammers often time their cyberattacks around the holidays. With many consumers increasingly choosing to make their holiday purchases online, rather than in person, is an especially risky time for digital shoppers. Cybercriminals create false websites with spectacular deals to lure unsuspecting consumers into entering their payment information. Others send direct messages to consumers to entice them into making a false purchase. If a deal seems too good to be true, be sure to scan the link or website in question.
With so many devices at your disposal, some might go unused for weeks, if not months, at a time. Unused IoT devices, sensors and modulators still pose a threat to your cybersecurity. As long as they remain connected to your network, hackers may still be able to use them in accessing your information. Keep an inventory of your IoT devices so that you’ll never let one slip through the cracks. Seeking them out, disconnecting them from the network and disabling them is the safest way to close any doors left unattended.
Review your banking, credit card, or payment service statements regularly to ensure there are no unauthorized charges or withdrawals. Be sure to shred bank and credit card statements before throwing them in the trash. Recent events have seen a increase in the use of online shopping, mobile payments and online banking, it’s more important than ever to watch your financial accounts for possible fraud.
Halloween may be long over, but scammers are always up to their old tricks. Scareware, as the name might suggest, is designed to scare users into navigating to malicious websites. Scareware convinces you to download software that you don’t need, promising that it’ll fix a virus you don’t have. Some scams even say your job, marriage or life are at risk. If you get annoying pop-ups that contain similar warnings, you’ve obtained scareware. Here’s how to remove it in three ways:
Credit cards are one the safest ways to make online purchases because you can dispute the charges if you never get the goods or services or if the offer was misrepresented. Federal law limits your liability to $50 if someone makes unauthorized charges to your account, and most credit card issuers will remove them entirely if you report the problem quickly.
Consumer routers should hold no more than 50 connections. The more devices, the greater the security risk. If one device is compromised, all other devices on the network could be, too. A good rule of thumb is to connect your most used devices — those with the most personal data — to a second home network.
The United States Computer Emergency Readiness Team (US-CERT) advises locking your device when you are not currently using it. You might only step away for a couple of minutes, but that’s enough time for someone to steal or destroy your information. Use strong PINs, passwords and biometric (fingerprints, facial recognition) to prevent others from opening your device.
The IoT (Internet of Things) is always increasing. Smart devices can range from your home refrigerator to your doorbell. For every device, however, there is an entry point into your home and your network. Check the reviews of IoT products before you buy and be on the lookout for any security complaints. The more confident you are in the product before it’s connected to your network, the better.
Adware is often used to collect information on us. It does this so it can decide which ads are most relevant to us as consumers. While helpful in theory, sometimes adware can interrupt the browsing experience with pop-ups and irritating displays. Ad blockers are usually free browser extensions that stop adware from being a nuisance.
Most web browsers feature private browsing mode. While not the most protected way of browsing, this quick solution does prevent other users on your device from accessing certain information. Any searches performed or cookies obtained during private sessions are deleted once the browser is closed. For safer browsing overall, try a Virtual Private Network or VPN.
The best way to beat a ransomware strike is to prepare for one. Most organizations are unprepared for a breach, which is why they often pay the ransom. Know the best practices of ransomware attacks, the types of scams that are out there and the tricks malicious actors like to pull. If your business notices strange behavior on its network, like unusual metric performance or a repeated failure to access files, you may be under surveillance by ransomware extortionists.
We strive to make this policy simple to read and understand. Please read and review the policy here: https://www.totaldefense.com/privacy
Please confirm you have reviewed the policy and provide consent to Total Defense to use your personal data as detailed in our policy.