October is National Cyber Security Awareness Month. What is cyber security, though?
According to Merriam-Webster, cyber security is, “measures taken to protect a computer or computer system (as on the Internet) against unauthorized access or attack”. Essentially, it is taking measures so that people don’t steal yours or someone else’s personal information via the internet.
Being National Cyber Security Awareness Month, we wanted to present you with ideas on how to protect yourself, in particular, against online identity theft. Identity Theft is the acquisition of another person’s personal information in an effort to commit fraud. This information can include social security numbers, addresses, credit card numbers, etc. If someone should get a hold of this information, they would be able to access bank accounts and your money, which could potentially allow them to make large purchases on cars, electronics, etc., or take out large loans, which you could potentially be responsible for repaying.
There are several ways for hackers to get at your personal information. One such way is via “friendly” WiFi access points, which is when you connect to public or unsecured WiFi access points and enter passwords or other personal information. This makes it incredibly easy for thieves to steal your information. Another way is though phishing. Phishing is when you receive an email from someone claiming to be a legitimate organization, such as a bank or credit card company, and they, the scammers, try to get you to give them your private information.
These are just two of many ways in which someone can steal your identity. And, we want to assist you in learning how to protect yourselves against these thieves. It is National Cyber Security Awareness Month, so we will be strictly focusing on how you can enhance your cyber security and protect yourself. However, if you would like to learn more about identity theft, please visit our website.
- Probably one of the easiest ways to enhance your cyber security is simply by changing your passwords. According to Gizmodo the top 5 passwords of 2014 were “123456”, “password”, “12345”, “12345678”, and “qwerty”. If any of these are your current passwords for any login, please change them as soon as possible. Ideally, you should have a different password for everything you use and every online account you made. However, keeping track of all of those passwords can be incredible difficult. LastPass is an immensely useful tool for keeping your passwords safe and secure. The program remembers all of your passwords and even suggests new ones if you have repeating passwords. However, we recommend keeping your financial institutions (banks) passwords with you and you alone. It is extremely important that you keep this information safe and secure from everyone!
- Though changing your password increases your security, you can still do more. You should “Lock Down Your Login”. One way to do so is by using a security key, which is usually a small device, one that plugs into your USB port, that you should have in your possession when logging in. Learn more at stopthinkconnect.org.
- You can also use a one-time code, which is a unique code that you enter into a website or application sent to you as a text message or provided by an app.
- On your cellphone, use as many numbers as you can when creating a passcode for your lock screen. For instance, on iPhones with iOS 9, you can now use 6 digits instead of 4. According to intego.com, “a six digit passcode has one million combinations instead of 10,000.” That’s a HUGE difference! By doing so, you will be protecting personal information on your phone and even possibly your money, since mobile banking apps are so popular.
- Especially on mobile devices, you can use Biometric readers, such as fingerprint readers or cameras, to verify that it’s you logging in and to Lock Down Your Login. Learn more at stopthinkconnect.org.
- As mentioned before, when using a public WiFi network, it is very easy for hackers and thieves to steal your personal information. Thus, if you are connected to a public WiFi, you should not be logging into any online account at all. By doing so, you are subjecting your password and potentially your personal information to all those who are also connected to the WiFi network. In addition, make sure to look for the “lock” icon or the “https” in the URL for secure websites. These are not fail-safes, but they do provide you with a little more protection.
- A VPN is a Virtual Private Network. According to LifeHacker, “a…VPN is a group of computers (or discrete networks) networked together over a public network – namely, the internet…It secures your computer’s internet connection to guarantee that all of the data you’re sending and receiving is encrypted and secured from prying eyes.” According to the LifeHacker article, there are both free options and options you pay for. Check out their article as well as others in order to get an idea of which VPN service is correct for you. Again, VPNs are not fail-safes, but they provide an extra layer of online protection.
- Make sure that you are using anti-virus, anti-spyware, and firewalls to protect your computer. If you are a Stony Brook student, you are given free access to Symantec EndPoint Protection. Make sure to get this anti-virus software if you are a Stony Brook student because you could be held accountable if your computer got a virus and then the Stony Brook network subsequently got a virus as well. If you are not a Stony Brook student, there are free alternatives, one of which being Avast anti-virus.
- Simply don’t give out your personal information unless you know exactly who you are speaking or emailing with. This goes with Phishing. People or websites are going to pretend to be your financial institutions and ask you for your personal information or for you to verify certain information. But, real financial institutions are almost never going to contact you AND ask you for your financial/personal information or ask you to verify the information. There have even been instances where fake websites popped up, and the only way you knew that it was fake was because of the URL *see picture below*. Double check everything when you are about to make a financial transaction or enter/give out personal information via the internet or over the phone.
There are many more ways in which to protect yourself over the internet, and we implore to explore what else is out there. If you do not feel comfortable in a situation giving out your personal information, we believe it is best to simply go with your gut and verify everything. Every two seconds, there is another victim of identity fraud, and we don’t want you to be the next one. If you would like to read more about identity theft and how to protect yourself, please visit our website or the Cyber Security page of the Stony Brook DoIT team. There is plenty of information out there and plenty of things to learn. Yes, it may take a while to learn about these new concepts and practices, but it is worth it. And, as always, stay SAVVY!