SANS Tip Of The Day
The most recent SANS Institute Security Awareness Tips
Updated: 12 min 26 sec ago
Ransomware is a special type of malware. Once it infected your computer, it encrypts all of your files and demands you pay a ransome if you want your files back. Be suspicious of any emails trying to trick you into opening infected attachments or click on malicious links, common sense is your best defense. In addition. backups are often the only way you can recover from ransomware.
The number one step for protecting your mobile device is making sure it has a strong passcode or password lock on it so only you can access it.
Never send an email when you are angry; you will most likely regret it later. Instead, when you are emotional and want to reply to someone, open up an email and write everything you feel, but do not send it. (Be sure there is no name in the TO field so that you do not accidently send it.) After you have vented, save the email and come back an hour later. You only want to reply to any type of emotional situation after you have had time to cool down.
Bad guys are targeting your social media accounts. One of the most effective ways you can protect them is with a unique, strong password called a passphrase. Enabling two-step verification (if your social media site offers it) is even better.
Make sure each of your accounts has a separate, unique password. Can't remember all of your passwords/passphrases? Consider using a password manager to securely store all of them for you.
Report any identity theft immediately by following these steps:Contact the three major credit bureaus and have them place a fraud alert on your credit report.If a credit card was involved, contact the credit card company and have a new credit card with a new number issued.Contact your local law enforcement agency and file a report.File a complaint with the Federal Trade Commission.Document all conversations so you know whom you spoke to and when.
Technology alone cannot protect you. Bad guys are constantly developing new ways to get past firewalls, anti-virus and filters. You are the best defense against any attacker.
Keep in mind that digital data is not the only thing that needs to be protected. Paper documents also need to be protected. When disposing of any confidential documents, make sure they are shredded first or disposed of in bins for shredding. Also, be sure to lock up any sensitive documents before you go home at the end of the day.
Never share your passwords with others, including your supervisor or coworkers. Your password is a secret; it only works if only you know it. If anyone else knows your password, you may be responsible for their actions.
When traveling, it is very easy to forget where you are when discussing business with colleagues. That airport, taxi, restaurant or hotel lobby may have individuals nearby eavesdropping on your conversation. When discussing confidential information, agree to hold off on the conversation until you can be assured of privacy. Also, be careful not to share sensitive information with strangers you meet.
If possible, have two computers at home -- one for parents and one for kids. If you are sharing a computer, make sure you have separate accounts for everyone and that kids do not have privileged access.
Phishing is when an attacker attempts to fool you into clicking on a malicious link or opening an attachment in an email. Be suspicious of any email or online message that creates a sense of urgency, has bad spelling or addresses you as "Dear Customer."