SANS Security Awareness Tip of the Day
Security Technology Cannot Stop All Attacks
Jan 10, 2021
Technology alone cannot protect you. Bad guys are constantly developing new ways to get past firewalls, anti-virus and filters. You are the best defense against any attacker.
Protecting Your Social Media Account
Jan 3, 2021
Bad guys are targeting your social media accounts. One of the most effective ways you can protect them is with a unique, strong password called a passphrase. Enabling two-step verification (if your social media site offers it) is even better.
Securely Disposing Mobile Devices
Dec 31, 2020
Do you plan on giving away or selling one of your older mobile devices? Make sure you wipe or reset your device before disposing of it. If you don't, the next person who owns it will have access to all of your accounts and personal information.
Virtual Private Networks
Dec 24, 2020
Virtual Private Networks (VPN) create encrypted tunnels when you connect to the Internet. They are a fantastic way to protect your privacy and data, especially when traveling and connecting to untrusted or unknown networks, such as at hotels or coffee shops. Use a VPN whenever possible, both for work and personal use.
Unique Passwords
Dec 22, 2020
Make sure each of your accounts has a separate, unique password. Can't remember all of your passwords/passphrases? Consider using a password manager to securely store all of them for you.
Two-Step Verification
Dec 14, 2020
Two-step verification (also called two-factor authentication or 2FA) is one of the best steps you can take to secure any account. Two-step verification is when you require both a password and code sent to or generated by your mobile device. At a minimum enable two-step verifcation for your most important accounts such as emai, financial and retirement accounts.
Digital Inheritance
Dec 3, 2020
What happens to our digital presence when we die or become incapacitated? Many of us have or know we should have a will and checklists of what loved ones need to know in the event of our passing. But what about all of our digital data and online accounts? Consider creating some type of digital will, often called a "Digital Inheritance" plan.
CEO Fraud
Nov 30, 2020
CEO Fraud / BEC is a type of targeted attack. It commonly involves a cyber criminally pretending to be your boss, then tricking or fooling you into sending the criminal highly sensitive information or initiating a wire transfer. Be highly suspicious of any emails demanding immediate action and/or asking you to bypass any security procedures.
Updating Plugins
Nov 25, 2020
Every plugin or add-on you install in your browser can expose you to more danger. Only install the plugins you need and make sure they are always current. If you no longer need a plugin, disable or remove it from your browser via your browser's plugin preferences.
Personalized Scams
Nov 23, 2020
Cyber criminals now have a wealth of information on almost all of us. With so many hacked organizations now a days, cyber criminals simply purchase databases with personal information on millions of people, then use that information to customize their attacks, making them far more realistic. Just because an urgent email has your home address, phone number or birth date in it does not mean it is legitimate.
You Are a Target
Nov 22, 2020
You may not realize it, but you are a target. Your computer, your work and personal accounts and your information are all highly valuable to cyber criminals. Be mindful that bad guys are out to get you.
Privacy
Nov 17, 2020
Privacy is more than just settings in your Social Media account or using the Tor Browser. Your data and actions are collected in a variety of ways. The more aware you are of just how much of your data is collected, the better you can protect it.
Careers in Cybersecurity
Nov 15, 2020
Have you considered a career in Cybersecurity? It is a fast-paced, highly dynamic field with a huge number of specialties to choose from, including forensics, endpoint security, critical infrastructure, incident response, secure coding, and awareness and training. In addition, a career in cybersecurity allows you to work almost anywhere in the world, with amazing benefits and an opportunity to make a real difference. However, the most exciting thing is you do NOT need a technical background, anyone can get started.
Use Caution Opening Links Email Messages
Nov 9, 2020
A common method cyber criminals use to hack into people's computers is to send them emails with malicious links. People are tricked into opening these links because they appear to come from someone or something they know and trust. If you click on a link, you may be taken to a site that attempts to harvest your information or tries to hack into your computer. Only click on links that you were expecting. Not sure about an email? Call the person to confirm they sent it.
Secure Your Home Wi-Fi Router
Nov 4, 2020
The most effective steps you can take to secure your wireless network at home is to change the default admin password, enable encryption and use a strong password for your wireless network.
Email Auto-Complete
Oct 28, 2020
Be careful with email auto-complete. This is an email feature that automatically completes a name for you when you begin typing it in the TO field. However, your email client can easily complete the wrong name for you. If you are emailing anything sensitive, always be sure to check the TO field a second time before hitting the send button.
Attending a Video Conference
Oct 15, 2020
When attending a video conference, make sure you are using the latest version of the conferencing software. In addition, if you are using the video option make sure there is nothing sensitive behind you that others would see.
Clues You Have Been Hacked
Oct 13, 2020
Some of the most common indicators that you may have been include the following. Your friends tell you that they have received odd emails or messages from you, messages you know you did not send. Your password no longer works for one of your accounts, even though you know you never changed the password. Your anti-virus informs you that one of your files or computer is infected. You receive a pop-up message informing you that the files on your computer have been encrypted and you must pay a ransom to recover them.
Never Give Your Password Over the Phone
Oct 12, 2020
Never give your password to someone over the phone. If someone calls you and asks for your password while saying they are from the Help Desk or Tech Support team, it is an attacker attempting to gain access to your account.
Got Backups?
Oct 11, 2020
Eventually, we all have an accident or get hacked. And when we do, backups are often the only way to recover. Backups are cheap and easy; make sure you are backing up all of your personal information at home (such as family photos) on a regular basis.