Phishing

‘Phishing’ is when criminals use emails, text messages or phone calls to scam their victims. It’s estimated that 90% of cyber attacks come in the form of phishing. Criminals are ruthless and have been known to prey upon our impulses to protect our loved ones – remain vigilant!

-Do not click on links in emails that appear suspicious or received from an unknown party

-Do not provide sensitive / confidential information to an unknown caller

-Do not act on a text message from an unknown sender

Multi Factor Authentication (“MFA”)

In addition to having a complex password, utilize MFA when available. MFA involves additional verification information (factors) to complete a login or access an account. One of the most common MFA tools which users encounter are one-time passcodes. OTPs are those 4-8 digit codes that you often receive via email, text or mobile app which must also be entered to authenticate your login. Never provide these codes to an unknown caller. Consider whether a Security Key (a physical MFA fob) is right for you.

Public Wi-Fi

Be mindful while connected to untrusted networks (e.g., airport, hotel, coffee shop). If you must access sensitive accounts (e.g. bank, investments etc.) or perform software updates, use a Virtual Private Network connection to a trusted network.

“Patch Everything …”

Patches are software and operating system updates that typically address security vulnerabilities within a program or product. Enable “automatic” software updates when possible. Make sure that you only download software updates from trusted vendor websites. Do not trust a link in an email message—attackers have used email messages to direct users to websites hosting malicious files.

This is a non-exhaustive list of steps you may consider in reinforcing your own personal cyber security. Stay alert and aware as the technology landscape becomes ever more sophisticated.