During Cybersecurity Awareness Month, we checked in with Senior Cybersecurity Experts at the Catalyst, Lester Chng and Randy Purse, to find out what practices and actions you can take to stay cyber-safe. Read on to get the most out of their three main takeaways.
What is Phishing/Vishing/Smishing?
Often used in social engineering, these tactics utilize emotion to get you to click on a link, go to a webpage, or respond to an email, phone call, or text message.
The intent is to get you to click. When you do, what happens?
- The link will install malware on your computer, which gives access to all your information, OR
- It will ask you for personal information, information about your accounts, or information about your workplace accounts. This will then be used for financial gain or to extort you or others.
What can you do to avoid it?
It may sound simple, but remain suspicious about unsolicited emails, texts, or phone calls. This can be easier said than done because they can often seem like they’re coming from a legitimate source. Here’s your best bet: take down the details and call the organization directly. It’s important to source the organization through its official website rather than calling back the number that they give you.
What is a weak password?
A weak password is easy to guess for a human or a computer. Some examples of weak passwords include dictionary words, usernames, sports teams, dates, or patterns.
Passwords can complicate daily life. With enough to manage and remember, individuals may try to streamline the process by using a simple password across all platforms. This might span their inbox to their streaming subscription, work accounts, and bank accounts. The challenge is significant. If they are simple, they can be easily cracked. And if a cybercriminal gains access to your computer where you store your passwords, everything is compromised.
What can you do about it?
Use complex passwords or passphrases. It may help to use a password manager. This will make it easy to access passwords across accounts. Finally, don’t save your passwords on your computer, even if it’s tempting.
What is a Simswap?
A ‘Simswap’ occurs when a cybercriminal contacts your mobile phone provider and deceives them into activating a new SIM card and transferring your number to that new SIM card.
With this first key step, they control your cell phone. Next, they may scan social media, collecting information to determine your birthday, address, and other information so that they can respond to authentication questions. In other words, they effectively assume your identity and can use your phone to gain access to your accounts, open new accounts, or obtain credit cards in your name. Unfortunately, even two-factor authentication won’t keep you safe since they have access to your number, and you are no longer protected.
How might you notice this?
You may get odd notifications, find your cell service spotty, or notice unexpected transactions. Additionally, you may be locked out of your accounts.
What can you do about it?
To start, limit your online footprint. Be cautious of social engineering and phishing, vishing, or smishing and using strong passwords. You can also set up PINs and other authentication forms across all your important accounts. As for your financial accounts, you can potentially request call-backs for transactions. Finally, you can set up alerts on your accounts to notify you of unusual transactions.
10 Simple Cybersecure Takeaways
- Reduce your social media footprint
- Limit the amount of personal information you provide online
- Never give out your personal information to sources that you don’t trust
- Don’t give out information to an email, call, or text you don’t recognize
- Use complex passwords
- Don’t save passwords to your computer
- For greater ease, use a password manager
- Set up a PIN for important accounts
- Set up alerts to notify you of unusual transactions
- Opt out of unnecessary digital services
Stay tuned for more expert cyber tips from the Catalyst, and stay safe during Cybersecurity Awareness Month — and far beyond.
