When it comes to cybersecurity, now is the time to evaluate

Could someone be stealing your personal information without your knowledge? How vulnerable are you based on the information you’ve shared online?

Gone are the days when a person had to physically enter someone’s home or mug them on the street in order to steal their money. Now, with a few simple clicks or keystrokes, a hacker can gain access to valuable personal information such as credit card information, or even pose as their target online, all without ever leaving the comfort of home.

October is National Cybersecurity Awareness Month, which is as good a time as any to consider one’s own cybersecurity and make changes if necessary. I have several tips to share, but first, a short anecdote. My mom recently ordered a package off of Amazon. On the day the package was due to arrive, she got a text stating the shipping fee ended up being more than expected and her package was being held at a post office in a neighboring town until she paid the extra shipping charge – something minimal like a dollar or two, but of course they wanted her credit card information. Well, wisely, she did nothing and did not click on the link in the text. Surprise, surprise ... her package still showed up later that day.

It’s just a reminder that scammers are always coming up with new ways to try and take advantage of you, which is why it’s important to be vigilant. More than 100,000 identity theft and personal data breaches occur every year, according to the FBI. Here are some tips to prevent yourself from becoming the next victim.

I reached out to my good friend Jesse Heslip for some cybersecurity tips. Jesse owns 906TechExpress, a computer and cell phone repair and IT services company. Here’s what he had to say.

“The first point I would send home is that the end user is the weakest link,” Heslip wrote. “The enemy preys on the emotion of the target. You may receive a message like, ‘Your card has been charged $558.83. Your subscription is now active. Click here to view account details.’ If you click that link, you can do some real damage. Hackers don’t hack devices. They hack people.”

He also said to beware of social media question-and-answer posts that seem like an innocent get-to-know-you game, but are actually giving away valuable information that could be used to hack into your online accounts.

“‘What would your last name be if your parents never married? What was your first car?’ etc. I still see people posting these and sharing them. The bad ones are asking twofactor authentication questions. Not all of them are that bad. All of them are a risk to your digital security,” Heslip stated.

“Use one device/browser and email for sensitive information,” he continued. “Use an encrypted password, change it often and don’t save it in your browser.

“Use another email, device/browser for non-secure things. The fun stuff you can live without, should it be compromised, should not be saved and stored all willy-nilly with the secure stuff. Keep a barrier between the two as much as you can.

“Practice a bit of stoicism when it comes to your digital security. Ask yourself and imagine the different scenarios: ‘What would happen if my social media was hacked? What would happen if all my business accounts were stolen via a ransomware attack? How would I recover? Could I recover?’ If at any point during this practice you don’t have answers to these questions or the answers are ones that you don’t like, then make today the day you fix them.

“When people call me it’s typically after the attack. I can salvage most devices and prepare you so that it never happens again, but your money is gone. It is not recoverable when it gets sent to some Third World country. I hear stories a couple times a month of tens of thousands of dollars being emptied out of lifetime savings accounts.

“Even something as simple as your email (could be compromised). You should check haveibeenpwned.com. Enter your email and look at what account compromises that email has been involved in and make changes as soon as possible! Do not use the same password for anything if an account has shown to be compromised on this site! Change it immediately.”

NationalToday.com and Cipher.com offered a few additional tips for National Cybersecurity Awareness Month. One is to consider using multi-factor authentication for your most important accounts. As the name implies, multi-factor authenticaion requires multiple steps to access a device or infomation, such as password and a code sent to one’s email, or a password and a security question.

Also, on the topic of passwords, choose a complex password with a combination of letters, numbers and symbols. A phrase or song lyric may be a good option, as the more characters long the password is, the harder it is to crack.

Remember that there is no delete button – whatever information you put online remains out there, accessible by someone.

Be leary of email scams. In a phishing scheme, the attacker poses as someone or something the sender is not to trick the recipient into divulging credentials or clicking on a malicious link, Scammers are often very sophisticated. Even emails that have legitimate-looking logos and letterheads can be fake — check the sender’s email address, and look for typos and poor grammar, or any message claiming a sense of urgency. When in doubt, don’t open it and don’t give away any personal information. Also be aware that scammers often pose as a friend or family member in need of help, by hacking their account and using their email address.

Consider using a virtual privatized network (VPN) to anonymize your data. Employ anti-virus software and make sure it’s kept up-to-date.

Unfortunately, it’s a crazy online world with plenty of criminals lurking out there with malicious intentions. However, there are steps you can take to minimize your likelihood of becoming a victim.

Stay safe out there and have a very good week.

Striking a

Chord...