SANS Tip Of The Day
The most recent SANS Institute Security Awareness Tips
Updated: 21 min 27 sec ago
When traveling, it is very easy to forget where you are when discussing business with colleagues. That airport, taxi, restaurant or hotel lobby may have individuals nearby eavesdropping on your conversation. When discussing confidential information, agree to hold off on the conversation until you can be assured of privacy. Also, be careful not to share sensitive information with strangers you meet.
A common method cyber criminals use to hack into people's computers is to send them emails with malicious links. People are tricked into opening these links because they appear to come from someone or something they know and trust. If you click on a link, you may be taken to a site that attempts to harvest your information or tries to hack into your computer. Only click on links that you were expecting. Not sure about an email? Call the person to confirm they sent it.
When shopping online, always use your credit cards instead of a debit card. If any fraud happens, it is far easier to recover your money from a credit card transaction. Gift cards and one-time-use credit card numbers are even more secure.
Every plugin or add-on you install in your browser can expose you to more danger. Only install the plugins you need and make sure they are always current. If you no longer need a plugin, disable or remove it from your browser via your browser's plugin preferences.
Turn off Bluetooth if you are not using it on your computer or device. Not only does this make it more secure, but it also saves battery life.
Technology alone cannot protect you. Bad guys are constantly developing new ways to get past firewalls, anti-virus and filters. You are the best defense against any attacker.
Two-step verification is one of the best steps you can take to secure any account. Two-step verification is when you require both a password and code sent to or generated by your mobile device. Examples of services that support two-step verification include Gmail, Dropbox and Twitter.
If you have kids with mobile devices, create a central home charging station in a place like your bedroom. Before the kids go to bed at night, have them put their mobile devices there so they are not tempted to play with them when they should be sleeping.
CEO Fraud is a type of targeted attack. It commonly involves a cyber criminally pretending to be your boss, then tricking or fooling you into sending the criminal highly sensitive information or initiating a wire transfer. Be highly suspicious of any emails demanding immediate action and/or asking you to bypass any security procedures.
One of the most effective ways you can protect your computer at home is to make sure both the operating system and your applications are patched and updated. Enable automatic updating whenever possible.
When you forward an email to others or copy new people to an email thread, review all the content in the entire email and make sure the information contained in it is suitable for everyone. It is very easy to forward emails to others, not realizing there is highly sensitive information in the bottom of the email that people should not have access to.
Review your bank, credit card and financial statements regularly to identify unauthorized activity. This is one of the most effective ways to quickly detect if your bank account, credit card or identity has been compromised.