Focus on Phishing: Take these quizzes to see if you are smarter than the criminals


illustration of emails for a post on preventing phishing

October is National Cybersecurity Awareness Month, the time of year when cybersecurity experts from government, academia and industry remind us of the importance of safeguarding our digital information and reviewing our online safety practices.

One of the most common ways that crooks and criminals get your personal financial data is through phishing. Phishing is using email spoofing and other tricks to get you to give up personal info or click to a dangerous website that might expose you to a virus or a computer hijack. Never ever click on links or download things from a stranger!

But don’t just worry about bad emails from strangers – worry about bad emails from people and brands you trust. Many of the big brands we use everyday – Microsoft, Netflix, PayPal, Amazon, Apple – are regularly spoofed and we are tricked into clicking when we see messages like “your account is being disabled” or “thanks for your recent purchase” when you hadn’t made one. Or from a friend or family member, emails saying “this is a riot – click here” or a boss saying “We need your bank credentials for direct deposit.” If something seems off or strange or odd, it probably is. It’s better to be safe and not sorry so double check if you have doubt. Phishers are good at gaining our trust or exploiting our fears.

It’s vital to learn about how to avoid being caught by a phisher. We’ve assembled some quizzes to give you practice. But be warned, these are pretty difficult. If you take the time, however, even wrong answers will teach you something about what to look for and how to spot a fake.

Our top tips for avoiding phishing scams

  • Don’t click any links or download anything from a sender you don’t know or trust. It’s always worth double-checking. If it’s a web link from your bank, instead of clicking, go to your bank website directly by typing in the Web address in your browser. If it’s a phone call, hang up and call your bank.
  • Get in the habit of hovering over links to see who the email is really coming from and where a link is actually sending you. Learn how. On a mobile device? It’s a little trickier but you can and should still learn the source of a link from someone you don’t know. Here’s how: How to Check Embedded Links on Your Mobile Device
  • Phishing emails often have poor grammar or spelling mistakes. That’s a big clue that it’s a fake.
  • Be suspicious of any email or phone calls that demand you take action right away or that threaten you. The IRS and Medicare don’t call or email to threaten you or demand money. Urgency and threats are hallmarks of fraud.
  • Avoid filling out forms in email messages that ask for personal financial information. You should only communicate information such as credit card numbers or account information via a secure website or the telephone.
  • Always ensure that you’re using a secure website when submitting credit card or other sensitive information via your Web browser. Look for “https” in the URL. How Can I Tell If a Website Is Safe? Look For These 5 Signs
  • Consider installing a Web browser tool bar to help protect you from known fraudulent websites
  • Regularly log into your online accounts to ensure that all transactions are legitimate
  • Ensure that your browser is up to date and security patches applied
  • Always report “phishing” or “spoofed” e-mails to the following groups: forward the email to reportphishing@antiphishing.org; forward the email to the Federal Trade Commission at spam@uce.gov; when forwarding spoofed messages, always include the entire original email with its original header information intact
  • Take extra precaution when traveling. Don’t login to financial sites when on a free, public Wi-Fi..

 

Infographic and expert tips for Cyber Security Month


October is National Cyber Security Month – an annual reminder to safeguard your digital information and review your online safety practices. It’s a good time to ensure your software is up-to-date and take a few moments to review expert advise to ensure you have maximum protection against emerging threats.

National Cybersecurity Awareness Month is a collaboration between the U.S. Department of Homeland Security the National Cyber Security Alliance, a private consortium. Whether you are an individual, a family or a business, each of these links offer tips, tools and resources to help you stay safe online. We’ve included an infographic below.

Here are some other tips from cyber security experts

Infographic with syber security tips

Take these quizzes to see how safe you are online


octoberThink you’re safe online? October is Cyber Security Awareness month – a good time to put things to the test.Take these two quizzes to see how you fare.

Phishing Quiz – Think you can Outsmart Internet Scammers?
Ever wonder how good you are at telling the difference between a legitimate website and one that’s a phishing attempt? Take this quiz to find out.

How cyber-savvy are you?
Test your knowledge about the cyber security risks you face every day. Take the 11-question quiz to find out how cyber-savvy you are!

Whether on a desktop, laptop or mobile device, your password is often your greatest point of vulnerability. Is your password on the list of the Top 500 Worst Passwords of All Time? If so, change it now!

Staying Cyber Safe During Your Vacations


beach-surfing.jpg
June is Online Safety Awareness Month – good timing since we are approaching peak vacation season, it’s worth setting aside a few minutes to take stock of your mobile computing safety. As you travel, every place from coffee shops to hotels will compete for your business by touting the availability of free WiFi and high-speed internet access – a benefit that is great anywhere, but that is particularly valuable when you leave the country. But when using those networks, have you ever stopped to think about how secure those connections are? And even if you are on a secure network — one that requires a log in — you may still be exposed to others who are using that same network. Could that teen sitting near you be practicing hacking skills? Could the surfer at the corner table be looking to steal your identity? Others on the same network can access readily available tools to intercept unencrypted data that is passing over networks. Your session could even be hijacked. On a public network, you must use precautions when transmitting any information that is personal, financial, or confidential in nature.
Even people who take every precaution on home and work computers can be fairly cavalier when it comes to mobile devices – it’s easy to forget that our phones and tablets are really computers and subject to the same security risks. Lifehacker has a good article on how to stay safe on public wi-fi networks – explaining how to turn off Sharing and enable your firewall on various devices, and how to automate your public WiFi security settings. It also suggests using SSL whenever possible and explains what this means and how to do it. Another suggestion is to set up a Virtual Private Network (VPN). ArsTechnica talks more about VPNs and other security issues at public WiFi hotspot.
Here are more tips from experts:
Tips for Using Public Wi-Fi Networks – from On Guard Online
Four safety tips for using Wi-Fi from Microsoft
Security Using High-Speed Internet at Hotels
Identity Protection Tips for the Summer Traveler