Security Basics

Security Basics3 min read

We all hear about cyber-security attacks in the news with major companies getting hacked, data breaches, etc.  Attackers will continue to attack the major companies in various ways that are out of our control, but there are several security practices that we can do to prevent attackers from getting to our personal information for their personal gain. A few things we can do are to protect ourselves from phishing attacks (scammers using false identity to get personal information or money), protect sensitive information, and to secure our passwords.

Phishing

You get a call from someone claiming they are from your electric company and state that you have not paid your bill for the last 3 months. If you do not pay over the phone RIGHT NOW, THIS MINUTE with your credit card, your electric will be shut off immediately. You know you have paid your bill in a timely manner, but the caller creates an uncertainty and you provide the card information as requested. Later you find out this was a call from a scammer.

This is a type of phishing that has been around for a long time, and no utility ever operates this way. Instead, they still send out delinquency notices the old fashioned way – through the mail. These same attempts at theft happen through other methods where a scammer will attempt to get personal information. They will use email, social media, texts, and any method of communication that will get your attention.

The best defense on phishing is to question the source. If it sounds “too good to be true”, “this is urgent and you must act now”, “the URL link looks suspicious”, or a suspicious sender, then do not provide any details until you can validate the source. Do not depend on anti-phishing protection from your browser, spam filters, and anti-phishing apps. These only protect what they know and can not prevent attackers they do not know.

Sensitive Information

Going along with phishing is protecting your sensitive information by not providing this information through unsecure methods of communication. Sending sensitive information through email, texting, or other social media chatting apps is not a secure means to provide sensitive information unless those means are specifically designed to send sensitive information.

Passwords
Password protection is a very important part of security. Passwords are used to protect us with much of our sensitive information. Our online banking, shopping, and other sites that contain sensitive information require a password. Many sites will require what they call “hard password” requirements which require uses of mixed case, numbers, and other symbols with a minimum length.

Here are few methods to secure your passwords:

  • Use hard-to-guess passwords
  • Do not use the same password with multiple sites, especially sites that contain sensitive information. If someone gets your password from one site, that person can gain access to other sites.
  • Use a password manager to help manage passwords of multiple sites. There are several password managers that will work with many different devices, making it easy to maintain.
  • Change passwords on a regular basis
  • Keep passwords private (do not send passwords through any communication means)

Criminals are always trying to get your information, so it’s important for you to do everything possible to protect yourself from them.