By Kris McDowell
Cybercrime is a broad term that encompasses any type of criminal activity that involves computers or the internet. Often committed by cybercriminals or hackers who are seeking to make a profit and directed at an individual, malicious activities can also be directed against a computer network or a networked device.
“With everything from phones, cars, drones and home systems connected on the web, cybercrime is only going to keep growing—it is not going away,” said Damien Laviolette, Chief Information Security Officer, OnPoint Community Credit Union. “As cybercriminals evolve their modes of attack, we’ll continue to share best practices and resources so people can stay on top of trends and understand how to protect their identities and their bank accounts.”
One-time theft can be damaging enough for individuals or businesses who may lose hundreds or thousands of dollars to a scam. Perhaps worse yet is when identity theft, the fraudulent acquisition and use of a person’s private identifying information, occurs. Unfortunately as our lives have become more connected, the risk of identity theft has increased.
Protecting oneself against fraud and identity theft is something to be vigilant about, even for the most careful consumers. To help protect yourself and recover from fraud, OnPoint has released the latest version of their annually updated, “The OnPoint Guide to Personal Cybersecurity” eBook, available at bit.ly/OnPointGuide.
The 30-page guide covers securing accounts; protecting data online; how to spot and avoid common internet and online scams; the signs of identity theft; what to do if you’ve been scammed; tips for talking to children about online safety; small business cybersecurity; and a digital protection list. OnPoint’s Laviolette said, “Financial security and personal data security go hand in hand, and both require a commitment to ongoing learning and education.”
As a start, read on for OnPoint’s top five tips for cybersecurity to help keep your information more secure.
Forget the password, remember the passphrase.
A password typically contains about 10 characters, blending letters, numbers and symbols. However, passwords are relatively easy to crack by hackers. That’s why passphrases are becoming the new industry standard. A passphrase is longer than a password, can contain spaces between words and should be easy for you to remember but hard for a computer to crack.
Consider song lyrics, a quotation or anything memorable to you like “My favorite food is Hawaiian p1zz@,” mixing in symbols and numbers in place of some letters. Even the most proficient password cracking tools break down at about 10 characters, so remember the longer your passphrase is, the harder it will be for fraudsters to hack.
Back up your data.
Backing up data is an absolute must for small business owners. A ransomware attack will seize up your system and lock you out until you pay the hackers. The average length of business downtime due to ransomware attacks is 20 days. That’s enough time to shut down a small business. In addition to security protocols and threat detection, make sure you have a consistent and reliable way to back up your files with encryption in a system separate from your day-to-day operations.
Verify sender before clicking any link.
Double check the sender’s address and domain name, and don’t simply rely on the display name. You can hover over a link to see if the URL looks legitimate or has common tricks like a zero in place of the letter “o” or an “s” added to the end of a word like Onpoints.com. Be extra wary of any offer or notification that has poor grammar or typos, comes out of the blue or sounds too good to be true.
Stop and ask for help.
So, you’ve clicked the link. What now? First, stop using the device and disconnect from the internet to stop the spread of malware. If your device is related to your job, reach out to your IT department by phone. If you’ve entered sensitive information, call your financial institution’s hotline (on the back of your credit or debit card) to report the incident, consider putting a lock on your credit records and set up a fraud alert. For breaches on your personal device, back up your data using an external device like a USB drive and then scan your device for malware. Lastly, change your passwords across all your accounts. When in doubt, seek out a professional IT expert for help.
Teach your kids.
You might be aware of smishing (a type of social engineering attack that uses SMS texting to read like a formal notification from a business), but are your kids? Laviolette says smishing attacks can be successful when you let a kid borrow your phone to play a game. When the text comes through, they may start tapping the screen to remove the distraction and unknowingly compromise the system. If your kids are using electronic devices of any kind, even for limited periods of time, make sure you’ve educated them about the risks.
By taking a proactive approach to cybersecurity, and acting quickly if your information is stolen, you will reduce your chances of being one of the thousands of cybercrime victims in Oregon each year.