5 Tips for Preventing Online Identity Theft

The holiday season is upon us. The next two months should be a time of fun and good cheer for everyone, but it’s also a time to be very cautious. The reason? Identity thieves are lurking in the dark recesses of the Internet and they’re more active now than ever.

As a technology professional, I’ve seen my share of problems related to hacking. The good news is that it’s very easy to protect yourself and your devices. Don’t let your personal information be stolen or compromised. Here are five tips for safeguarding your identity.

Stay away from phishing emails and websites

This is a website that looks legitimate but isn’t. Often, they’re linked to rogue email messages that appear official but are anything but. On the surface, it looks just like the real deal, but it isn’t. It was cleverly created to persuade you to enter personal information, which can then be used for nefarious purposes.

How do you know it’s fake? Well. you might not, although there are some telltale signs: a word misspelled, the wrong URL (web address),or an email address that was not sent from the official company domain. If any email message or website asks you for your social security, bank, credit card, or driver’s license number, health insurance information or other personal data, visit the company’s actual web page, call their help line and ask about the request before sharing any information.

Use a unique password

Sure, it’s easy to just enter your address, a phone number or someone’s nickname when prompted for a new password. Unfortunately, these might be the first things hackers try when attempting to access someone’s account. Whether you have five or 25 passwords, it will only help you if you make them all completely different. This can’t be overstated. Consider a different combination of letters (upper and lowercase), numbers and punctuation marks for each password, and create a record of each for easy referral. You can also change your passwords regularly to keep the hackers off guard.

Be discreet about personal information

With Facebook and other social platforms becoming a repository for recording daily activities, people often post way too much information on their personal pages. It’s advisable to think twice before putting personal information on public view. Believe it or not, hackers can create a pretty accurate personal profile of you with information they find on your social media pages, then use it against you. Similarly, be cautious about posting messages like, “Well, I’m off for my morning run.” Hackers and thieves perceive such information as “I’m not home for the next hour.”

Only buy from reputable websites

Ecommerce has taken the place of brick-and-mortar stores in large part, and the convenience online shopping websites provide can’t be argued. But the proliferation of such platforms has also created problems. All reputable online shopping sites have (or should have) security measures built in, meaning that your personal information is encrypted and unavailable to the average hacker. This means that entering your credit card number should be a worry-free experience. On the other hand, there are many sites that aren’t as safe. For you, this means thoroughly investigating an unfamiliar shopping site before you make a transaction. You can do this in several ways. One is to look for online reviews by other shoppers. Another is to look for “https” in the website’s URL. which indicates that it’s a secure, encrypted connection.

Be wary of public wi-fi

While it’s tempting and convenient to make purchases online from the comfort of your coffeehouse table while sipping a latte, it’s not necessarily safe. Public wi-fi, while a convenient benefit offered by many gathering places, is susceptible to unexpected hacks. Just to be safe, wait until you get home to make that purchase.

Remember, always be aware of your surroundings. You never know when a hacker is just around the corner ready to confiscate your personal information for malicious use.

Why Updating Your Software is Important for Security

You’re in the middle of doing something important – creating a report the boss needs by the end of the day or composing a detail-filled email to your top client – when it happens: a pop-up box appears on your screen, interrupting your work flow to let you know that an update to one of your computer applications is ready to be downloaded and installed. But you’re busy. This can wait, you think. You set it aside for another time.

Software updates can be time-consuming, but it’s important to take the time and install them in a timely manner.

You might not realize it, but software updates can go a long way toward protecting your computer and personal files. It’s actually pretty routine for software developers to identify security problems in products that are already on the market. In fact, that’s often the primary reason for issuing updates — to address security problems or glitches that have been discovered after the application’s release. In some cases, the revised security measures improve upon those previously provided.

Security problems in applications are known as software vulnerabilities, and the term means exactly what you think it does. A vulnerability provides an open door to savvy hackers, who are experts at exploiting vulnerabilities to achieve their own ends. What this means for you is that they can then create code, package it in malware (malicious software) and share it with you via a rogue email or even through a website that looks innocent enough. The next thing you know, your computer is infected and the malware is grabbing your data.

You do not want this to happen.

Another unfortunate thing that malware often does is it comprises your address book, sending infected messages to everyone in your network. As a result, those unsuspecting contacts –

your family members, friends and others – see a message from you, think you’re sharing something fun or informative with them, then click on a bad link, causing problems to their own computers or devices.

Software updates are issued for a reason.

Computer and online security should be a priority for everyone. You can never be too cautious, especially when hackers can be extremely resourceful. For companies networks that become infected or compromised, downtime and repairs can be both time-consuming and expensive. Updates, when you receive them, will offer you the highest functionality available, along with the most peace-of-mind that you’re protecting your hardware and your data.

Finally, look into antivirus and security software to learn what’s offered and how you can benefit from installing it on your computer. Read online reviews, then do what works most effectively for your situation.

Online Security: 3 Easy Ways to Protect your Identity

In today’s world, internet hackers are smarter and savvier than ever before. You may not realize the dangers they can impose until your private email or online accounts are compromised. The good news is, there are things you can do to prevent these types of intrusions from occurring.

Here are 3 easy steps you can implement today to protect your security online.

Select a strong password

The first line of defense against a hacker is setting up a strong password for each of your online accounts.

Although it may be convenient to use a familiar word or numerical sequence that you can easily remember, such as an address, zip code, favorite car, or pet’s name, it’s far more effective to create a password that no one can crack. If you use a common password, it’s possible that a hacker could access your account, click on the “Forgot password” link and use information about you to guess your password.

Instead, create a strong password that includes a random combination of uppercase and lowercase letters, numbers, punctuation marks, and symbols. Write your password down and keep it in a safe place so that you can easily access it. The more complex your password, the less likely a hacker will be able to gain access to your accounts.

Beware of spam

One of the tricky ways hackers can infiltrate your accounts is by using spam or phishing tactics. When this occurs, your contacts will receive an email from the hacker (posing as you) asking them to click on an untrusted link. This, in turn, allows a hacker to access your personal information.

While it can be difficult to tell if your email account was abused in this way, a quick check of your sent email will help identify anyone who was targeted from your contacts list. If you do find someone contacted by the hacker, let them know immediately that you didn’t send the email to them and to NOT click on the link.

Two-factor authentication

In addition to passwords, a different type of security mechanism called two-factor authentication is becoming increasingly available. Using two-factor authentication ensures that even if someone has your password, they still need something else before they can get into your account. That can range from a fingerprint to a pin number. Two factor authentication simply allows you to protect your account with an added layer of security.

In the age of the internet, it’s unfortunate that users have to be concerned about the security of their private accounts, but taking a few extra precautions will go a long way toward maintaining peace of mind.

 

Law Firms and Others Facing Increasing Cybercrime

In the past few years there have been myriad news stories about cybersecurity threats at law firms and other companies around the world. Hackers just love a challenge, but more than that, they love overcoming one. And their motivations run the gamut, but when they’re successful, they create lots of problems that can be extremely costly for the targeted organization.

To be sure, law firms aren’t alone. Cybercrime is a major concern today for just about every industry you can name, and it doesn’t seem to be slowing down. In fact, many sources say that it continues to rise. CNBC has reported that the overall cost of cybercrime has exceeded $600 billion.

Why is this happening? For one thing, most professional offices today depend heavily on technology to conduct their daily business, so the same widespread connectivity that helps us do our jobs is also making us vulnerable to cyber attacks.

Law firms are rightfully concerned about cybercrime because of the immense volume of confidential data — legal, financial and personal — that they maintain and transfer online. And law firms specializing in corporate or property law are at even greater risk because of the potential for financial gain by hackers.

Additionally, there have been many news reports in recent years about hackers employing cybercrime to satisfy political, economic or ideological motivations. The truth is that cybercriminals can range from computer buffs looking to have fun to business competitors and even spies or terrorists trying to topple governments.

In any business or legal environment, cybercrime is a threat that must be addressed. Smaller office networks are considered easier to break into since they may have fewer security resources and a smaller IT team than larger ones. All companies need to be aware of what’s happening out in the ether and the consequences that can follow a cyber crimes, and be prepared in the event such an incident does occur.

Email, where cyber criminals are most active, can be extremely vulnerable to phishing attacks. According to Verizon, email is responsible for 92.4 percent of malware. These attacks can take various forms including cleverly disguised messages that appear to be from a familiar source. Another common form of phishing can arrive via attachments that, if opened, can cause major problems. These and other ruses are developed to motivate recipients into divulging confidential information, providing users’ credentials or downloading viruses and other malware.

This is why it behooves all companies to be on guard. You never know when something malicious might arrive in your inbox, and clicking on an errant link could easily start a chain reaction that’s capable of shutting down your company network for hours, even days, at a time.

So what’s the solution? Well, hackers are nothing if not smart, even brilliant. And they’re also devious. The good news is that companies of all types are becoming more and more alert to this growing trend and are actively exploring ways to address it. Head the hackers off at the pass, so to speak.

If you own a company or business that has an in-house network, do everything you can to keep them as safe and worry-fee as possible. This means installing prevention technology that detects problematic emails and cyber attacks before they have an opportunity to enter and infect your system. This way, your network does all the heavy lifting, preventing you and your company from experiencing costly downtime.

Also, teach all the members of your team what to look for, should a malicious email appear in their inbox. This can range from checking the footer of a suspicious-looking message with professionally designed graphics to ensure that it’s really from the sender it claims to be from, to being aware of warnings noted by the system that it might be a malicious email to being very careful about opening attachments that haven’t been scanned by your company’s email system to determine safety.

It’s an old adage that still holds true today: An ounce of prevention is worth a pound of cure.

The Growing Problem With E-Mail Security

E-mail security has been a huge issue since the technology’s emergence in the mid-1990s, and for all of our tech sophistication and heightened awareness of the problem, it’s only gotten worse.

Cybersecurity specialist Kazpersky Labs, for example, reports that while the volume of spam dropped last year, the firm’s tracking showed a 59 percent jump in phishing attacks. But the bad actors are a creative lot – just when you think you have a handle on one e-mail scam, they change tactics and you have to adjust your defenses.

Throughout most of 2017, for example, the types of e-mail to look out for contained malicious URLs, linking back to sites hosting malware. Proofpoint found the volume of these e-mails jumped by 600 percent in the third quarter – a 2,200 percent from the same 2016 quarter. But by the fourth quarter, cybercriminals switched their preferred scamming methods from malicious URL use to messages carrying malicious attachments. The volume of these messages jumped by 300 percent during the fourth quarter from the third.

Keeping up is almost like trying to win at the whack-a-mole game.

It’s fascinating (in a train wreck kind of way) to look at the ebbs and flows of the scams that the bad guys use to convince people to act, and how adept they are at seizing on major events and issues to get past their guard.

Last year’s big opportunities?

The FIFA 2018 world cup preparation, giving rise to fraudulent, if official-looking messages about lottery wins and promising free tickets. And the cryptocurrency craze has provided a rich vein of blockchain-themed tricks, like malware-laden websites disguised as cryptocurrency exchanges. Another trick is malware in spam emails, billed to be utilities for earning Bitcoins.

There is a cost to all this. Phishing scams alone cost American businesses about $500 million a year. But there are a lot of impacts of cyber attacks – obvious and those beneath the surface – to think about, as a study by Deloitte showed.

The firm identified 14 cyberattack impact factors with direct and/or intangible costs that will add to the pain of a major cyber incident. The direct costs ranged from attorney fees and litigation to customer notification, and technical investigation to cybersecurity improvements. Beneath the surface? Operational disruption, for one. Then there are increases in your insurance premiums and the lost value of customer relations and contract revenue. It’s not a pretty picture for potential damage, Deloitte’s modeling showed.

Any number of solutions will help mitigate the risks that come with our increasing dependence on e-mail as a fast, efficient and inexpensive way to communicate with each other.

The best place to start is to make people aware and equip them to be on guard against malicious e-mails that might make their way into e-mail boxes. The tips bear repeating: Never click on a link or an attachment on an unsolicited e-mail. Always check the sender. Bad actors can be quite skilled at replicating logos to look like the real deal, but your bank is not going to ask you to share sensitive information like your social or account number or bank account password through this channel. And common sense applies. Offers that seem too good to be true usually are, especially if the outreach is out of the blue.

But e-mail security issues have a broad scope, and are an enterprise-wide concern. It makes a holistic, enterprise wide approach to secure messaging the imperative for any organization that exchanges sensitive information with customers.

The way of the future? Increasingly, it’s moving toward integrative solutions that enable users to control, track, share and protect sensitive business information as a means of heading problems off at the pass.