Discussing Cyber Threats and Fraud:
Cyber threats are not typically discussed until a friend or family member is impacted.
Consider discussing cyber threats and fraud with friends and family members. This is one of the most cost effective methods to reduce your cyber risk and prevent fraud. There are also a number of events discussing cybersecurity; contact your Banker, Chamber of Commerce or Rotary Leader.
Below are resources to learn more about cyber security, cyber threats and fraud.
Avoiding Shared User Accounts and Weak Passwords
You wouldn’t share your toothbrush; avoid sharing user accounts and passwords.
Consider creating unique user accounts for each employee. In addition, remember not to assign more access to business applications than needed.
Consider migrating from passwords to passphrases (Ilovekearnybank2020!@). This can be facilitated via a password vault such as LastPass. In addition, apply multi-factor authentication to your email accounts, social media, business applications and network devices (e.g., firewalls).
Watching Out For Suspicious Emails
I won the lottery! I inherited $2 million dollars! There’s a pending bank transfer! My account is frozen!
Cyber criminals often send malicious emails to phish for information, install malware or both. Be vigilant – watch for warning signs.
Installing Anti-Malware and Applying Software Updates
Companies often forget to install or renew their anti-malware service. This is discovered once computers are infected with malware, information is stolen or both.
Consider installing anti-malware on your computers and phones. This protects your employees from compromised websites as well as malicious email attachments and weblinks. If possible, purchase software developed by U.S. based companies (e.g., Sophos and Malwarebytes). The software chosen should also automatically apply updates to your computers’ operating systems to fix vulnerabilities.
Preparing for and Responding to Ransomware Attacks
Ransomware attacks are increasing and everyone is potentially a target. Given the significance, the U.S. Government launched a new website to help defend against ransomware. StopRansomware.gov is a central location for ransomware resources and alerts. We suggest visiting this website to understand the threat of ransomware, how to mitigate risk, and in the event of an attack, know what steps to take next. Refer to StopRansomware.gov for additional information.
Backing Up Your Data
Companies often forget how valuable their information is until it’s lost. Once lost, panic and sadness quickly follows.
Consider backing up your information to 3 different sources. For example, saving data to the cloud, an external hard drive well as another location (e.g., safe deposit box, safe or vault). Also, don’t forget to test if you can restore your backups!
Did someone reset my password? Why is my account locked? Who made that transfer?
Staying alert to critical events allows business owners to detect suspicious activity. Consider applying SecureAlerts to your online and mobile banking accounts.
Reviewing Mobile Apps
Do you know how many Apps are on your devices? When was the last time you checked the App permissions? Do those Apps really need to read text messages?
Consider downloading mobile apps from only authorized play stores. Before downloading Apps check the permissions and reviews. Also, if you don’t need the Apps consider deleting them.
Freezing Your Credit
I didn’t purchase a new car. When did I take out a loan? When did I apply for those credit cards?
A credit freeze suspends anyone from accessing your credit report, which means neither you nor identity thieves can open new lines or credit or loans in your name. Request Experian, Transunion and Equifax freeze your credit.
Securing Your Wireless Network
Set it and forget it?
The importance of your wireless router is often overlooked. This device is the central hub connecting your wireless devices to the internet. Consider, at minimum, all using the strongest encryption available, changing the router’s default administrator password, disabling remote management, and creating guest networks for visitors and employees.