Cyber Security Lessons
Using The Right Tools
To stop hackers, thieves, and others who’d love to benefit by accessing your personal and financial information, you can establish a line of defense by using tools and best practices of online safety.
First, make sure your devices have up-to-date antivirus software to protect you from malware. (Note: Viruses are actually not the real problem—it’s thieves after your money and your data.) At the very least, make sure that you’ve installed free antivirus protection from a reputable provider, like AVG, and that you run the software’s updates when they are available.
For most people, though, it’s worth the money to subscribe to security software that protects against spyware, which mines your personal information, and ransomware, which encrypts your files so that they’re inaccessible until you pay money to restore your access. You can learn more about the top-rated providers at ConsumerReports.org or PCMag.com.
Virtual Private Networks
You may want to go even further to protect your online activity and download a virtual private network (VPN). If you work from home, you may already be using a corporate VPN that links you to your employer’s server. Provided you’re careful to log out when you’re finished, the connection is secure. When you have a VPN service, your data is encrypted by the software, and then is sent through the VPN server before it goes to your online destination. That means it’s extremely difficult to trace that data back to you.
A VPN may be important if you frequently connect to the internet using public Wi-Fi networks, which are notoriously vulnerable to hackers. It should also provide greater protection against having your data sold to the highest bidder by your internet service provider.
Choosing the right VPN can be a little overwhelming. But there are a few practical guidelines that can help you in your search. Choose a provider that’s been around for a while and has a good track record, and one that offers a money-back guarantee. Most importantly, keep in mind why you want a VPN: to protect your privacy. Choose a VPN that doesn’t track your internet traffic or sell your data to third parties, which many free VPN services do. It also helps to choose a service with a user-friendly, simple interface and that offers good customer service, preferably with a 24/7 live chat option.
Public Wi-Fi networks are notoriously vulnerable to hackers.
Social Media Privacy
The first line of defense against cyber threats is strictly limiting the personal information you share online, whether it’s a credit card or bank account number, or info like your address and phone number. You also want to be cautious about social media comments that reflect your personal thoughts or that go into detail about your private life. Even though you’re entitled to your opinions, your publicly viewable social media posts could hurt your relationships or even your career. If something that you post on social media is misconstrued, it can be difficult to clarify or apologize and could be used as a mark against you with your current or potential employers. The bottom line is that the more information about you that’s out there, the more likely it can be used against you.
If something that you post on social media is misconstrued, it can be difficult to clarify or apologize and could be used as a mark against you with your current or potential employers.
On social media, you can help protect yourself by making full use of the privacy options on Twitter, Facebook, LinkedIn, and the other sites you use, and by always choosing the highest possible privacy settings. Read the descriptions of each option carefully, and turn off access to your identity in as many ways as you can. Here are some more guidelines:
- Restrict who can friend request you on Facebook. This form of caution helps you prevent colleagues and other professional acquaintances from learning too much about your personal life.
- Don’t automatically accept friend requests from people you don’t know. Once you do, your pictures and information that were not public can now be seen by your new friend.
- Protect your tweets and posts from search engines, and only make them visible to your followers. But remember that followers can screenshot what you write, even if they can’t retweet it.
- Don’t link your different social media accounts. When you link accounts, you are sharing your data, especially your personal data, in an exponentially more widespread way. This spread of data makes the job of phishers much easier, as your personal posts may include information about family, pet names that could be used as passwords, data about where you bank and shop, and other seemingly harmless personal facts that could be used to locate you.
- As a rule, never post anything you don’t want the world to read.
You should be using strong, unique passwords for each site you’re registered on, especially for sites that provide access to your personal, financial, or other confidential information. If your password is too obvious, it will provide no protection at all. And don’t make the mistake of using the same password over and over. Once an online thief cracks one account, the next step is to try that password for every single account connected with your email address.
To keep multiple accounts secure, you might want to try a password manager. Password managers create complex passwords for your accounts, encrypt them, store them in a vault, and access the one you need to log in to your account. These managers can also protect other digital information, like credit card numbers and PINs. There may be a small annual fee for the service.
Never post anything you don't want the world to read.
Phishing happens when scammers try to install malware on your device so they can steal your information. This practice is widespread and getting more sophisticated.
During these uncertain times, phishers are taking advantage and developing ways to gain access to your information. See the recent scams related to COVID-19 that phishers have been using, impersonating people's banking institutions, which has been reported by CUNA.
Read more on this in our related article, Fraud Alert Scams, and how to safeguard your information when you receive a perceived fraud notification.
The best protection is to not open any attachments or click on any links that you don’t know for sure are legitimate. In addition to suspicious attachments and links, there are some other telltale signs that an email is a scam:
- Use of incorrect company names or URLs
- Poor spelling and grammar
- A generic greeting rather than your name
- Email contains urgent calls to action, such as:
- a threat that an account will be cancelled
- a bill sent to a collection agency
While it’s completely commonplace to make purchases on your computer or phone, security can still be an issue. You’ll want to look for the security padlock symbol in the URL bar, to the left of the company’s name. To make sure it’s legitimate, click on it to make sure it takes you to a site security certificate. You should also double-check that the URL begins with “HTTPS,” which means the data you send and receive from the site is encrypted.
But what about buying something from a vendor that’s trying to make sales directly on social media? Or a company site that doesn’t seem to have security in place? In that case, if you do decide to go ahead with the purchase, you’re on much safer ground if you’ve established a PayPal account linked to your credit card or bank. The purchase order PayPal sends the seller is encrypted, and the seller has no access to your account number, so it can’t hack your account. Just make sure that when you use PayPal, your security software is up to date, and as always, avoid making financial transactions using public Wi-Fi.
Confirm that you’ve signed up for Debit/Credit Fraud Alerts. You will only ever receive an automated fraud alert from the Credit Union if you have registered for Debit/Credit Fraud Alerts on your device.
To enroll, log in to online banking. Under Profile and Settings, click Debit/Credit Fraud alerts in the left hand menu. Follow the next simple steps to register your device. You’ll receive an automated text which will ask you to confirm your enrollment.
The safety and security of our member data is our number one priority, and we ask that you remain cautious whenever handling your personal information, either over phone, text or email.
If you think you’ve been the victim of a scam, please report it immediately by calling the Credit Union at 1-800-894-1200.
Read 5 Questions the Credit Union Will Never Ask
Neither Banzai nor its sponsoring partners make any warranties or representations as to the accuracy, applicability, completeness, or suitability for any particular purpose of the information contained herein. Banzai and its sponsoring partners expressly disclaim any liability arising from the use or misuse of these materials and, by visiting this site, you agree to release Banzai and its sponsoring partners from any such liability. Do not rely upon the information provided in this content when making decisions regarding financial or legal matters without first consulting with a qualified, licensed professional.