There’s Still Time to See Yourself in Cyber


(From the Financial Literacy Blog) – October is Cybersecurity Awareness Month—a time to raise awareness about online threats and the steps people can take to better protect themselves when using the internet. This year’s theme is See Yourself in Cyber. While cybersecurity may seem like a complex subject, the theme draws attention to the need for individuals to do their part. By viewing your actions through a cyber lens, you’re more aware of what you are and aren’t doing while online. The Cybersecurity & Infrastructure Security Agency (CISA) promotes Cybersecurity Awareness Month each October and their campaign goal in 2022 is to have everyone implement the following four actions into their day-to-day lives to increase online security:

#1 – Enable Multi-Factor Authentication

Multi-factor authentication is an extra security step in the process of logging into an account. As usual, people enter either their username or email address––followed by their password. However, instead of being granted access to their account after successfully entering the password, the user needs to confirm their identity via another specified method. For example, the user may receive a text message or an email with a one-time code that must be entered in order to complete the login process. Other two-factor authentication methods include biometric information, such as fingerprint or facial recognition scanning.

Also, growing in popularity are authentication apps. The apps generate short codes that change on a regular basis. If the app is someone’s method of multi-factor authentication, they will need to copy the code from the app in order to log in. This makes it much more difficult for fraudsters to gain access to accounts. Even if a fraudster was able to get their hands on someone’s password, they still wouldn’t be able to access their account without the user’s personal device. With facial recognition or fingerprint scanning, they still wouldn’t be able to access the account even if they had the password and device. If you don’t already have multi-factor authentication enabled on your accounts, now is the time!

#2 – Use Strong Passwords

It’s a good idea to regularly change your password and create unique, strong passwords for all of your online accounts. If you reuse a password, data breaches can give fraudsters access to all the sites you use that password on. For example, if your password is “WickedG00dLobstah1” on both Amazon and Netflix, and Netflix.com experiences a data breach, the fraudster may take your username and password and plug it in to other sites. This is called “credential stuffing.” If they eventually try your credentials on Amazon, you will now have two compromised accounts instead of one. Use different passwords for all of your online accounts. Also, avoid including personal information in your passwords. Names, birthdays, anniversaries, and other easily guessable information should never be used. The strongest passwords should have a minimum of 12 characters and include upper and lowercase letters, numbers, and special characters.

#3 – Recognize and Report Phishing

Scammers use email, fake social media accounts, and other forms of online communication tools to try and steal your passwords, account numbers, Social Security numbers, and more. With that information, they can gain access to your accounts and even sell your information to other scammers. To protect yourself, enable email spam filters, ignore friend or follow requests from users you aren’t familiar with, and keep an eye out for anything that looks suspicious. Don’t click on suspicious-looking links or open any unexpected attachments. Poor spelling and grammar is also a red flag. Further, if you receive an email that threatens a consequence or opportunity loss unless urgent action is taken, it’s likely a scam. This approach is used to rush you into action before you have an opportunity to study the email for potential flaws or inconsistencies. Lastly, if you see an individual or group trying to solicit passwords, Social Security numbers, credit card numbers, or other sensitive information from you or someone else, report it at www.cisa.gov/report.

#4 – Update Your Software

Fraudsters are always looking to exploit flaws in your system. Network defenders work hard to protect your system, but their efforts depend on you consistently updating your software with the latest fixes. Update the operating system on your mobile phones, tablets, and laptops regularly. These personal devices often hold your emails and your financial and tax documents—often including your Social Security number. Fraudsters who gain access to this valuable information can commit identity theft, put harmful software on your devices, or both. Turn on automatic updates for all devices, applications, and operating systems to limit exploitation opportunities for fraud.

If you’re looking for tips on keeping your accounts safe, contact your local credit union. They may have fraud detection services available, along with helpful information on safeguarding yourself against cyber criminals.

Do your part. Be cyber smart!