Held every October, Cybersecurity Awareness Month raises awareness about the importance of cybersecurity across our nation. The Cybersecurity and Infrastructure Security Agency encourages individuals and organizations alike to take proactive steps to enhance cyberscurity and understand the important role of personal accountability.
Here’s how you can do your part to be #CyberSmart:
Understand how cyberattacks occur
Cyberattacks can strike in many forms. Cybercriminals may attack by:
- Accessing your personal computers, mobile phones, gaming systems and other internet and Bluetooth connected devices.
- Damaging your financial security, including identity theft.
- Blocking your access or deleting your personal information and accounts.
- Targeting children and adults.
- Complicating your employment, business services, transportation and power grid.
You can avoid cyber risks by setting up the proper controls. Here are actions you cant take to prevent cyverattacks before they occur:
- Limit the personal information you share online. Change privacy settings and do not use location features.
- Keep software applications and operating systems up-to-date.
- Implement strong and safe passwords by using a password manager, create complex passwords with upper and lowercase letters, numbers and special characters, as well as, two-factor authentication.
- Watch for suspicious activity that asks you to do something right away, offers something that sounds too good to be true or needs your personal information. Think before you click, and when in doubt, do NOT click. Do not provide personal information.
- Use encrypted (secure) Internet communications.
- Protect your home and/or business using a secure Internet connection and Wi-Fi network.
- Check your account statements and credit reports regularly. Do not share personal financial information.
- Only share personal information on secure sites (e.g. “https://”). Do not use sites with invalid certificates. Use a Virtual Private Network (VPN) that creates a more secure connection.
- Use antivirus solutions, malware and firewalls to block threats.
- Regularly back up your files in an encrypted file or encrypted file storage device.
- Protect your home network by changing the administrative and Wi-Fi passwords regularly. When configuring your router, use either the instruction manual or speak to your internet-cable provider, to setup the Wi-Fi Protected Access 2 (WPA2) Advanced Encryption Standard (AES) setting, which is the strongest encryption option.
Practice extra vigilance during COVID-19
Cyber criminals know that people are especially vulnerable during disasters and emergencies, including the COVID-19 pandemic. Take these extra precautions to prevent a cyber attack during the COVID-19 pandemic:
- Do not click on links in texts or emails from people you don’t know. Scammers can create fake links to websites. Visit government websites, like cdc.gov/coronavirus, directly in your internet browser.
- Know that the government will not text or call you about “mandatory online COVID-19 tests,” outbreaks “in your area,” mandatory vaccinations, or to sell you COVID-19 cures.
- Remember that the government will not call or text you about owing money or receiving economic impact payments.
- Be aware that scammers may try to contact you via social media. The government will not contact you through social media about owing money or receiving payments.
- If you have been exposed to COVID-19, a contact tracer from your local health department might call you to let you know and ask you to self-quarantine at home away from others. Discussions with health department staff are confidential. They will not ask for financial information.
- Keep in mind that scammers may try to take advantages of financial fears by calling with work-from-opportunities, debt consolidation offers, and student loan repayment plans.
If you believe you have been a victim of a cyberattack, let the proper federal, state and local authorities know:
- File a report with the Office of the Inspector General (OIG) if you think someone is illegally using your Social Security number.
- File a complaint with the FBI Internet Crime Complaint Center (IC3). They will review the complaint and refer it to the appropriate agency.
- File a report with the local police so there is an official record of the incident.
- Report identity theft to the Federal Trade Commission.
- Contact the Federal Trade Commission (FTC) at ftc.gov/complaint if you receive messages from anyone claiming to be a government agent.
- Contact additional agencies depending on what information was stolen. Examples include contacting:
- the Social Security Administration if your social security number was compromised, or
- the Department of Motor Vehicles if your driver’s license or car registration has been stolen.
- Report online crime or fraud to your local United States Secret Service (USSS) Electronic Crimes Task Force or the Internet Crime Complaint Center.