Be Cyber Smart: A guide to help you do your part

August 23, 2021

In the past year and a half, we all got a refresher on the importance of hygiene to stay safe from germs. Now let's brush up on cyber hygiene — basic steps we can take to stay safe in a connected world. 

October is the 18th annual Cybersecurity Awareness Month (formerly known as National Cybersecurity Awareness Month or NCSAM), a series of events that remind us to be cybersmart all year long. Cybersecurity Awareness Month is brought to you by the U.S. Cybersecurity & Infrastructure Security Agency (CISA) and the National Cyber Security Alliance (NCSA).

The 2021 theme: “Do Your Part. #BeCyberSmart.” Want to join in? Use the #BeCyberSmart hashtag on social media to raise awareness and show your friends and followers that you're cyber smart.

Practice cyber hygiene

Getting cyber smart starts with cyber hygiene. What is cyber hygiene? Think of it as the cybersecurity version of washing your hands well with soap for 20 seconds after you come home from a trip to the store. 

Cyber hygiene is a set of basic habits that can help to keep you and your family protected from identity theft, scams, and other online dangers.

Examples of practicing good cyber hygiene include: using strong passwords, setting up multi-factor authentication on your accounts, and regularly updating software on your devices. 

The National Cybersecurity Alliance offers a short list of cyber hygiene tips that will help you get familiar with cyber hygiene best practices.

Fight the phish 

Cybercriminals often go "phishing" for private information, and the COVID-19 pandemic has made this digital plague even worse, according to the NCSA. That's why it's important to know how to spot phishing attempts and report them to authorities. There are three main steps to follow:

Step 1: Spot phishing 

Start by keeping an eye out for odd or unexpected messages via chat, email, text, or other channels of communication.

Any time you get a message from an unknown sender that asks you to take an action, consider it a red flag. Even if the message seems to come from a trusted sender, stop and look more closely.

Some phishing messages are disguised to look like they come from a real company, like PayPal or Netflix. So, according to the Federal Trade Commission (FTC), here are a few things to watch out for.       

• Generic greetings like "Hello dear" or "Hi friend."       
• Reports of a "problem with your account" that require action.     
• A request to click on a link or attachment.

Step 2: Stop and look 

Don't click any links in these messages, and don't open or download any file attachments.

These links or attachments may contain adware, malware or spyware that can infect your device and even allow hackers to gain access to your account passwords and other private information.

Or a link may lead you to a page where a scammer is trying to grab your private information or "sell" you something to get your credit card number.

Step 3: Report phishing

Take a few minutes to alert businesses and government agencies to any phishing attempt you experience.

Reporting phishing can help officials learn about new scams and pursue cybercriminals to stop them from victimizing others in the future. The FTC recommends that you report phishing attempts to these places.       

• The Anti-Phishing Working Group. Forward phishing emails to the group at reportphishing@apwg.org and forward phishing texts to SPAM (7726).       
• The FTC. Also report phishing and other fraud to the FTC using the FTC fraud report page.       
• The company. If a phishing email is disguised to look like it came from a real business, alert that business. Most large companies have a dedicated email you can use to report phishing scams. If you can't find the information on their website, contact customer service to ask how to report phishing. 

Following these three steps can keep you safe from many phishing attacks and can help you "do your part" to put a stop to phishing.

Put cybersecurity first

Once you've learned the basics of cybersecurity and how to #BeCyberSmart, there's one important step left: Put cybersecurity first. That's the focus of the final week of Cybersecurity Awareness Month.

What does it mean to put cybersecurity first? For individuals and families, it means making cybersecurity a priority in your daily life. Just like learning to wash your hands the right way — think singing the happy birthday song while you suds up — cybersecurity may require some practice. 

What does putting cybersecurity first look like in daily life? It means you think about cybersecurity all the time and make it a major part of your life. 

If you prioritize cybersecurity, it's likely you will remember to do these things.  

• Avoid using public Wi-Fi.       
• Back up your devices regularly.       
• Consider security and privacy when posting on social media.       
• Protect your devices and connected objects in multiple ways.        
• Research new apps and software before downloading.       
• Shop securely online and avoid shady sites.       
• Never click links that don't come from a trusted source.       
• Teach your kids, if you have them, about cybersecurity.

Just like when you're working to build other habits, it may be helpful to use tools and reminders to help you put cybersecurity first. For example, think of using a screensaver that reminds you to #BeCyberSmart every time you look at your device. 

As the NCSA reminds us: "Cybersecurity should not be an afterthought."

6 cybersecurity tips

Ready to do your part? Here are some Cybersecurity Awareness Month tips to help you take further steps to protect yourself and your family. 

1. Get trusted security software 

Make sure you have trusted security software installed on all your devices. At its most basic, a security suite should include antivirus and other types of protection to help protect against adware, malware, spyware, and other security threats. 

2. Do regular updates 

It's important to perform updates on your security software as well as all other apps and software on your devices. Frequent software updates fix cybersecurity "loopholes" attackers can exploit. When possible, set up automatic updates on your device. 

3. Consider the IoT

You may think of your smartphone and your computer when you think about protecting your devices. But as our lives become more connected, the list of "devices" we have around us grows. So walk around your home and make a list of connected devices you need to protect, from your baby monitor to your smart doorbell to that doggie cam you bought to see what Barkley does while you're out. 

4. Get a password manager

It's hard to overstate the importance of using strong, long, difficult-to-crack passwords and passphrases. Many people have 100 or more passwords, so this can be difficult to do. That’s a reason to consider using a reputable password manager application that can generate, store, and automatically fill strong passwords when you go to log into an account.

5. Use a virtual private network (VPN) 

A VPN can be a useful tool to help you stay cybersecure, especially if you travel or work remotely from airports, coffee shops, or other public spaces. A VPN creates an encrypted "tunnel" that encrypts the data you send and receive. It helps protect your internet activity even when you're using public Wi-Fi. Some security suites come with a VPN included in the package.

6. Stay on top of scams 

Cybercriminals and ID thieves exploit big events and disasters, such as the pandemic, and are always coming up with new ways to steal information and money. Keeping on top of scams can help you spot phishing attempts and other suspicious activity.

By being in the know, you may be able to alert your family and friends about new scams and avoid becoming a victim. One way to track scams: follow the FTC scam alerts page, which offers information on common scams and updates on current scams. 

Follow these cybersecurity tips in October and all year long to help keep you, your family, and your community safer. And don't forget to use the #BeCyberSmart hashtag to raise awareness and get your community onboard.

Just like with public health, when each person does their part, it helps to keep everyone safe.