Phishing emails are one of the most common online threats, so it is important to be aware of the telltale signs and know what to do when you encounter them. Click below to learn about five ways to spot phishing emails.
Scammers use email or text messages to trick you into giving them your personal information. They may try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could gain access to your email, bank, or other accounts. Scammers launch thousands of phishing attacks like these every day — and they’re often successful. The FBI’s Internet Crime Complaint Center reported that people lost $30 million to phishing schemes in one year. But there are several things you can do to protect yourself.
- Use the latest version of your virus/spyware software.
- Update your virus/spyware software regularly.
- Scan your computers for virus/spyware on a regular basis.
- Think before clicking.
- Use extreme caution before you take action.
- Verify links that may be included in an email.
- Don't open emails from unknown sources.
1. Password protect your laptop/desktop.
2. Encrypt your laptops/desktops.
3. Place your laptop/desktop in a secure area when not in use.
4. Backup your data often.
Wireless Internet Connections
With accessible wireless Internet, it's important to use caution when choosing to join a network. In some cases, unless proper safeguards are taken, users may find their wireless access account breached by hackers using your Internet connection to conduct illegal activities, which may include the theft of your sensitive personal and financial information.
According to www.staysafe.org, there are some simple precautions you can take to increase your level of wireless Internet security. If you're not sure how to implement them, ask someone, such as the person who installed your wireless network, to help you.
- Place the wireless router in a central location in your office. Avoid placing it near exterior walls and windows to help decrease the signal strength outside of the intended coverage area.
- Install anti-virus software and anti-spyware on your computers and keep it up to date. Stay current with the security programs and alerts by visiting trusted computer security companies and websites. If your current operating system does not have one, add a firewall to each computer in your office. Use automatic updates to ensure that your operating system and related security tools are up to date.
- Require authentication for any computer that logs on to your wireless network and change the default authentication password once every three months. Set up your wireless router to accept information from only the computers in your office by using Media Access Control (MAC) addresses.
- Avoid storing sensitive materials on your computer including credit card numbers, social security numbers, or other personal information.
- Encrypt all information transmitted over your wireless network. If you cannot enable encryption, connect to the Internet with a network cable when sending financial or other critical information over the Internet.
When accessing websites online or using various online services, you are often asked to create a unique user name and password. A password is a unique identifier of letters and/or numbers which allow a computer user to gain access to a computer and all of its files. In addition, most online activity (such as shopping, participating in an online discussion, or simply signing up to receive a coupon or an electronic newsletter) now requires the selection of a user name and a password.
Ideally, a secure password is one which no one else can guess and which is resistant to being hacked. Hacking occurs when one's online information is breached. This leads to the danger of having one's identity, credit card information, and/or money stolen. In order to make your passwords less susceptible to compromise, you should seek to create passwords that avoid dictionary words and use six or more characters with a mix of letters and numbers and uppercase and lowercase letters to create the strongest password possible. You should also create a new password for each site on which you engage in online commerce. Avoid using the same password for all of your online accounts - and never share these passwords with anyone.
Since users are being asked more and more to think of unique user names and/or passwords, many are resorting to less than creative solutions. For example, many users will choose easy to remember passwords (such as admin, 12345, their own first name or year of birth, or even the word "password") to make this process more manageable. Unfortunately, these solutions are risky as they make one much more susceptible to a computer hacker. Avoid the use of obvious passwords such as your birthday, nickname, mother's maiden name, phone number, or the name of your pet.
Many Internet service providers now offer guidance on strategies to select a password which is less likely to be hacked. These strategies include:
- Choose a long password (12 or more characters) rather than a short one.
- Instead of a single word, use a combination of uppercase and lowercase letters, numbers, and/or symbols.
- Avoid using dictionary words.
- Use a phrase for a password such as "mydogsnameisfluffy."
- Create a password which is actually an acronym for a phrase that only you would know, such as: "My favorite food is the Chicago style pizza they have at 19 Main Street," which becomes the password: MffitCspth@19MS.
- Take advantage of free password selecting software located via any Internet search engine.
Some websites provide the user with an option to allow the computer to remember usernames and/or passwords. Although this is a convenient feature, in general, it is more prudent not to rely on these options. It is recommended that you use the "Delete stored passwords" feature (typically found under "tools" and then "Internet options"), available through most Internet browsers, to increase your password security.
- Avoid opening emails and clicking on links in email messages.
- Don't buy anything from a spammer.
- Don't be tempted to reply.
- Avoid 'unsubscribe' options on spam emails.
- Keep your firewall turned on.
- Install or update your antivirus/spyware software.
- Keep your operating system up to date.
- Be careful what you download.
- Turn off your computer at the end of the day.
What is it?
Disaster recovery plans (DRP) seek to quickly redirect available resources into restoring data and information systems following a disaster. A disaster can be classified as a sudden event, including an accident or natural disaster, that creates wide scoping, detrimental damage. In information management, DRPs are considered a critical subset of an entity's larger business continuity plan (BCP), which seeks to prepare for, prevent, and recover from potential threats affecting an organization. While BCPs address all facets of an organization, DRPs specifically focus on technology. DRPs provide instructions to follow when responding to various disasters, including both cyber and environment-related events. DRPs differ from incident response plans that focus on information gathering and coordinated decision making to understand and address a specific event.
Why does it matter?
When DRPs are properly designed and executed, they enable the efficient recovery of critical systems and help an organization avoid further damage to mission-critical operations. Benefits include minimizing recovery time and possible delays, preventing potential legal liability, improving security, and avoiding potentially damaging last minute decision making during a disaster.
Apart from their specific focus on technology, DRPs and the process for developing them are no different than the range of emergency response protocols and backup plans developed to address potential issues or disruptions. The lessons learned from those exercises are often valuable to DRP development. You develop these plans due to the potential risk impacts during key operational periods.
What you can do?
You should have a comprehensive DRP in place and regularly exercise it to ensure effectiveness. In order to create an effective DRP, we recommend the following:
- Include relevant stakeholders from the various business units that may be impacted in the planning process.
- Conduct a business impact analysis (BIA) to identify and prioritize critical systems.
- Test your DRP.
- Conduct after action reviews to identify what went right, what went wrong, and make improvements.
- Regularly review the DRP to ensure contacts are up to date and procedures are still effective and relevant.
What are they?
A backup is a copy of the system or network’s data for file restoration or archival purposes. Backups are an essential part of a continuity of operations plan as they allow for data protection and recovery.
To successfully backup data, administrators use one of the three backup types: full, differential, and incremental, or a combination of the types. A full backup copies the whole system, or all of the network’s data, every time a backup is completed. A differential backup copies anything that has changed since the previous full backup was completed. Lastly, an incremental backup is a backup of any changes since the last backup, whether that happened to be a full or differential backup.
Full backups are the most complete, allowing for a faster restore process, but are also slower and more expensive to implement. Incremental backups are the fastest and most cost effective to implement because they only include changed information, but restoring the system is slow because it requires reinstalling from many backups to ensure all information is retrieved. For this reason, many administrators perform a combination of backups, creating weekly full backups, supplemented by differential and incremental backups.
Why do they matter?
Backups are necessary due to the constant threat of modification or erasure of data due to accidental deletions; malware and ransomware; natural disasters; or other events. CIS Control 10 advises the creation of processes and tools to properly back-up critical information with a proven methodology for timely recovery of it. Backups also play a crucial role in expediting the recovery from malicious cyber activity; allowing the restoration of a system to a reliable state that is free of malware infections and retains the original data. Rebuilding or reimaging an infected system from a known good backup or fresh operating system installation is a common best practice in incident response.
What can you do?
An effective backup strategy consists of six components: data classification, frequency, encrypted, offline, offsite, and tested. In addition, best practices dictate that any time major system upgrades or changes occur, technical staff should re-evaluate and test the backups.
1. Data Classification – Classifying data by its importance and sensitivity is part of the risk management process and will help you determine what, and how frequently, that data should be backed up.
2. Frequency – Utilize a risk management process to identify the frequency in which the data should be backed up, based on how much data loss would be acceptable in the event of a catastrophic failure. The amount of data that can be lost (e.g. 24 hours’ worth) should then be used to determine how often data should be backed up. When making this decision, look back to your data classification. Data that is classified as essential should be backed up more often than less important data. Additionally, examine whether you will back up everything every time, or only the newer data that has been added to the system.
3. Encrypted– To ensure data integrity, backups should be encrypted. Having the backup encrypted will safeguard it if someone unauthorized tries to access it.
4. Offline – Storing backups offline is an industry best practice that reduces the risk of malware infecting the copies. Some malware, such as ransomware, will specifically look for backups that are available on the network to hinder the recovery process.
5. Offsite – Decide where and how often the backups will be stored offsite. Industry best practice dictates that backups should be stored offsite to ensure recovery is possible in the event of disasters, such as fire or flooding. Offsite backups could be physical copies or cloud based. The backup location is vital to the recovery process and must be a place where the backups will be secure and quickly accessible. The backup’s accessibility is directly tied to your recovery objective (how fast you need the data restored), which should be taken into consideration.
6. Tested– Testing the backup’s integrity and the ability to successfully restore a system from the backup is essential to a successful restoration. This ensures that, if needed, the backups will be able to restore what has been corrupted or destroyed.