SANS Security Awareness Tip of the Day
Privacy
Oct 20, 2021
Privacy is more than just settings in your social media account or using the Tor Browser. Your data and actions are collected in a variety of ways. The more aware you are of just how much of your data is collected, the better you can protect it.
Unique Passwords
Oct 19, 2021
Make sure each of your accounts has a separate, unique password. Can't remember all of your passwords/passphrases? Consider using a password manager to securely store all of them for you.
Forwarding Emails
Oct 17, 2021
When you forward an email to others or copy new people to an email thread, review all the content in the entire email and make sure the information contained in it is suitable for everyone. It is very easy to forward emails to others, not realizing there is highly sensitive information in the bottom of the email that people should not have access to.
You Are a Target
Oct 13, 2021
You may not realize it, but you are a target. Your computer, work, personal accounts, and your information are all highly valuable to cyber criminals. Be mindful that bad guys are out to get you.
CEO Fraud
Oct 12, 2021
CEO Fraud / BEC is a type of targeted email attack. It commonly involves a cyber criminal pretending to be your boss or a senior leader and then tricking you into sending the criminal highly sensitive information, buying gift cards or initiating a wire transfer. Be highly suspicious of any emails demanding immediate action and/or asking you to bypass any security procedures.
Older Generation
Oct 11, 2021
Using technology securely can be overwhelming or confusing, especially for those who did not grow up with it. When helping secure those who are uncomfortable with technology focus on just the basics - 1) be aware of social engineering attacks 2) secure your home network 3) keep your systems updated 4) use strong, unique passwords 5) backup your key personal data
Finding a USB Drive
Oct 10, 2021
Be very careful of any lost USB drives you may find (such as in the parking lot or local coffee shop) or USB drives you are given at public events, like conferences. It is very easy for these devices to be infected with malware. Never use such devices for work, use only authorized devices issued to you by work.
Scamming You Through Social Media
Oct 7, 2021
You may be aware that cyber attacks will try to trick you over the phone or through email using phishing attacks, but do you realize they may try to attack you also over social media channels, such as Snapchat, Twitter, Facebook, or LinkedIn? Just like in email, if you get any social media messages that are highly urgent or too good to be true, it may be an attack.
Digital Inheritance
Oct 3, 2021
What happens to our digital presence when we die or become incapacitated? Many of us have or know we should have a will and checklists of what loved ones need to know in the event of our passing. But what about all of our digital data and online accounts? Consider creating some type of digital will, often called a "Digital Inheritance" plan.
Personalized Scams
Sep 28, 2021
Cyber criminals now have a wealth of information on almost all of us. With so many organizations getting hacked, cyber criminals simply purchase databases with personal information on millions of people, then use that information to customize their attacks, making them far more realistic. Just because an urgent email has your home address, phone number, or birth date in it does not mean it is legitimate.
Fake News
Sep 26, 2021
Fake news is a false narrative that is published and promoted as if it were true. People (and organizations) create fake news to control and manipulate your thoughts and actions. Be skeptical of what you read on the Internet, use trusted sources that are vetted, check their motivations and funding.
Careers in Cybersecurity
Sep 21, 2021
Have you considered a career in cybersecurity? It is a fast-paced, highly dynamic field with a huge number of specialties to choose from, including forensics, endpoint security, critical infrastructure, incident response, secure coding, and awareness and training. In addition, a career in cybersecurity allows you to work almost anywhere in the world, with amazing benefits and an opportunity to make a real difference. However, the most exciting thing is you do NOT need a technical background, anyone can get started.
Messaging / Smishing Attacks
Sep 20, 2021
Cyber attackers can just as easily trick or fool you in messaging apps as they can in email. Be on the look-out for scams or attacks via apps such as Slack, Skype, WhatsApp or event simple text messaging. The most common clues are tremendous sense of urgency or curiosity.
Securely Disposing Mobile Devices
Sep 19, 2021
Do you plan on giving away or selling one of your older mobile devices? Make sure you wipe or reset your device before disposing of it. If you don't, the next person who owns it will have access to all of your accounts and personal information.
Virtual Private Networks
Sep 16, 2021
Virtual Private Networks (VPN) create encrypted tunnels when you connect to the Internet. They are a fantastic way to protect your privacy and data, especially when traveling and connecting to untrusted or unknown networks, such as at hotels or coffee shops. Use a VPN whenever possible, both for work and personal use.
Search Yourself Online
Sep 14, 2021
Ever wonder just how much information is publicly available about you? Ever wonder how cyber criminals harvest information and customize attacks for their victims? The technique is called Open Source Intelligence (OSINT) and it is far simpler and more powerful than you think.
Social Media Privacy Settings
Sep 9, 2021
Privacy settings on social networks can be confusing to configure and change often. Ultimately, if you do not want your parents or boss reading one of your posts, do not post the message or photo.
Phone Call Attacks
Sep 6, 2021
More and more scams and attacks are happening over the phone. Whenever you get an urgent phone call pressuring you to do something (such as a caller pretending to be the tax department or Microsoft Tech Support), be very suspicious. It's most likely a scammer trying to trick you out of money or pressure you into making a mistake. Protect yourself, simply hang up the phone or tell the person you can't help them. You are not being rude, the person on the other line is trying to take advantage of you.
Bluetooth
Aug 30, 2021
Turn off Bluetooth if you are not using it on your computer or mobile device. Not only does this make it more secure, but it also saves battery life.
Shopping Online
Aug 24, 2021
When shopping online, always use your credit cards instead of a debit card. If any fraud happens, it is far easier to recover your money from a credit card transaction. Gift cards and one-time-use credit card numbers are even more secure.
