When you are in the information technology (IT) industry, you live and breathe security; but even given your best efforts to protect yourself from being attacked by cybercriminals, it’s not easy. Just as you think you have taken all preventative measures, a criminal finds another way to access information.
According to the 2017 “Identity Fraud Study” released by Javelin Strategy & Research, the “identity fraud incidence rate increased by 16%, a record high since Javelin Strategy & Research began tracking identity fraud in 2003.”
This means that 2 million more victims have been affected by identity fraud, and totaling nearly $16 billion. Here are some simple security measures to take to be more proactive.
Avoid Public Wi-Fi
Free public Wi-Fi in coffee shops, libraries, airports or hotels is very appealing, since there’s no cost to the user, in money and data usage. However, when you log on to public Wi-Fi, your computer and data become very vulnerable to others on that public Wi-Fi. This means cybercriminals can, unbeknownst to you, remotely connect to your laptop, phone or tablet and access information on your computer.
They also can monitor the websites you visit, including your email, financial accounts, social media sites, etc. If they are clever enough (which they usually are), they can even put “keylogger” software onto your machine to gather your login credentials.
They may not use them right away. In fact, they may just study your incoming and outgoing emails for days, weeks or even months. Criminals do this to study your communication — who you talk to, your language, common greetings, nicknames, patterns.
Eventually, they use this to either imitate you to your contacts or learn how and what you respond to. It is common for users to fall victim to this type of phishing attack. It’s careful, meticulous, and leaves you very vulnerable.
Change Passwords Often
Keeping the same password for an extended amount of time makes it very easy for criminals to gain access to your information and identity. While it is not convenient to change your passwords regularly, it is one of the safest precautions you can take. You should at least consider changing the passwords of your most valuable accounts. These include the following.
• Email accounts (yes, all of them)
• Bank accounts
• Credit card accounts
• Other financial institutions
• Social media accounts are especially important if you are very active, share identifying information like your location, etc.
• Any accounts that store financial information, such as online payments.
If you’re worried you won’t remember them, there are secure password management tools where you can store your passwords, such as LastPass or PassPortal.
Block IP Addresses
Microsoft does offer basic firewall functionality to block certain IP addresses. It is recommended to have an IT professional help set up these policies. However, there are solutions available for home users, including blocking visitors with IP addresses from specific countries, with advanced routers. An advanced feature in NetGear offers the ability to do this.
Avoid Pop-Up Ads
Those pesky pop up ads are not only annoying, but could potentially have malware embedded in them. Sometimes criminals are even smart enough to have the malware download without you even clicking on them.
That’s why it is highly recommended to use a pop-up ad blocker, such as uBlock Origin. Essentially, pop-up ad blocker software can detect when a site has pop-ups and will stop ads from loading. If there are certain sites you know are safe, like sites that have a pop-up to sign on, you can alter your settings to allow those to appear.
If these tools and tips are too intimidating, start with these.
Read your emails a little more slowly and carefully. Do you know the sender? Have you verified the entire email address? Is the email in the right context? Is the sender spelling or grammatical errors? Is the sender asking for an immediate response?
If so, call the sender first before replying, and do the following.
• Avoid clicking any link in any email from anyone, ever. So many phishing attacks begin with a simple click and quickly turn into a complex problem.
• Don’t use a single password for all of your accounts.
• Find your balance of security and convenience.
• Determine what layers of security you are most comfortable with implementing.
There are full-time cybercriminals that are paying for their mortgage, children’s college tuition and their parents to live in a nice, comfortable nursing home with your money. Their life, children’s life and parents’ life depends on this.
That means they’re relentless. Slow down, be mindful, and be intentional with your actions online.
Ananta Hejeebu is founder and a partner of Howard Tech Advisors. He can be reached at 410-997-2500 or [email protected].