Cybersecurity Latest Tips
What if I am an Identity Fraud Victim?
If you believe that you are an Identity Fraud Victim, file your complaint with the Federal Trade Commission (FTC) here. Find out more information at the FTC’s Identity Theft website: ftc.gov/idtheft . Immediately notify all your banks and credit card companies.
Also, obtain a copy of your credit report:
Equifax
www.equifax.com
To order a report: (800) 685-1111
To report fraud: (800) 525-6285
Experian
www.experian.com
To order a report: (888) 397-3742
To report fraud: (888) 397-3742
Trans Union
www.transunion.com
To order a report: (800) 916-8800
To report fraud: (800) 680-7289
For so many of us, cell phones and computers are embedded in our personal and professional lives. We talk and text, we browse the web, we watch, and we create. Our devices store a lot of personal information, so it’s a good idea to take a few minutes to make sure your computer, phone, and other connected devices are protected.
Browse by topic:
Keeping Safe on Social Media in the Age of AI
Update Your Software
Recent Consumer Alerts
Cybersecurity
Protecting Against Ransomware
Protecting Against Malicious Code
Staying Safe on Social Networking Sites
Using Caution with Email Attachments
Shopping Safely Online
Resources
Authors
Keeping Safe on Social Media in the Age of AI
In today’s interconnected digital landscape, social media has transformed from a platform for connection to a theater of vulnerabilities. As users innocently share slices of their daily lives, they inadvertently lay out a treasure map for cybercriminals, marketers, and manipulators. The peril intensifies with the rise of deepfakes—sophisticated AI-driven forgeries that warp reality to deceive and mislead. Recognizing the dangers of overexposure and the cunning artifice of deepfakes is paramount. This article delves into the risks of oversharing on social media and offers keen insights on how to discern the genuine from the digitally doctored.
Posting too much information on social media carries multiple dangers, especially when viewed through the lens of cybersecurity, AI, and the broader digital environment. Here’s a breakdown of the risks:
- Identity Theft: Personal information can be pieced together by cybercriminals to steal identities. Birthdays, addresses, family member names, and more can aid in this.
- Phishing & Social Engineering Attacks: Details from personal posts can be used to craft believable and targeted scams, convincing users to reveal sensitive information or perform harmful actions.
- Physical Safety: Posting current locations, travel plans, or even home photos can alert potential burglars when you’re away from home or expose you to stalking threats.
- Profiling by AI: AI algorithms can aggregate and analyze vast amounts of posted data, making it easier to profile users for various purposes, both benign (like targeted advertising) and malicious (like identity theft or fraud).
- Job Risks: Current or potential employers might find information that casts a negative impression, potentially leading to employment consequences.
- Misinformation & Deepfakes: Personal photos and videos can be used to create fake content, including deepfakes, which can then be used to mislead or defame.
- Data Harvesting & Privacy Invasion: Personal information can be harvested and sold to third parties, used for targeted advertising, or even exploited for political purposes.
- Location Tracking: Geo-tagging and location-based posts can be used to track user movements, routines, and habits, posing potential physical and digital threats.
- Social Strains: Personal information or opinions can sometimes lead to misunderstandings, conflicts, or harassment online.
Deepfakes refer to hyper-realistic, but entirely fake, content manipulated using artificial intelligence, particularly deep learning. Originally used for face-swapping in videos, the technology has expanded its capabilities to manipulate voice, actions, and even scenes. By training on a vast array of real-life images and sounds, AI systems can generate lifelike yet fabricated content, posing challenges for truth verification in digital media.
How to Spot Deepfakes Online:
- Imperfections in Visuals and Audio:
- Look for inconsistencies in lighting or shadows.
- Watch for flickering or distortion around the edges of faces or objects.
- Observe unnatural blinking or irregular facial movements.
- Listen for mismatched voice tones or inconsistencies in ambient sound.
- Background Anomalies: Deepfake algorithms might not recreate backgrounds perfectly, so look for strange patterns or inconsistencies.
- Inconsistent Reflections: Mirrors, glasses, or any reflective surfaces in a video might not align perfectly with the deepfaked content.
- Verify Sources: Always consider the origin of the media. Trusted news outlets and official channels are less likely (though not immune) to spread deepfakes.
- Look for Other Sources: If a video or image seems suspicious, cross-reference it with other reputable sources or look for alternative versions of the same event.
- Check Metadata: The metadata of an image or video can sometimes give clues about its authenticity, revealing information about the device where the file was created or modified.
- Stay Updated: As deepfake technology evolves, so do detection methods. Stay updated on the latest in both deepfake creation and detection.
Awareness and skepticism are crucial in the age of deepfakes. While technology offers tools for detection, human intuition and critical thinking remain invaluable assets in discerning the real from the fake.
It is paramount to remember that the digital realm, for all its advantages, also demands our vigilance. By being judicious with what we share and sharpening our ability to distinguish fact from digital forgery, we arm ourselves against the evolving challenges of the online world. The path forward is one of informed caution, where knowledge becomes our shield and skepticism our trusted ally.
Update your software
Software developers release updates — to software, operating systems, and internet browsers — to patch vulnerabilities before attackers can exploit them. Some programs are pre-set to update automatically.
Check your settings and turn on automatic updates to keep up with the latest protections against security threats.
If your software is not set to update automatically, you’ll have to update it manually.
The same principles apply for your phone: set it to update automatically. Otherwise, keep an eye out for updates, and don’t delay in running them.
Update your apps, too.
Protect your accounts
Besides securing your devices, protect your accounts. Start with strong passwords and enable multi-factor authentication.
When it comes to passwords, longer is stronger: at least 12 characters. You could use a passphrase of random words to help you remember it — but avoid common words or phrases. If your username and password are leaked in a breach, having multi-factor authentication enabled will make it harder for a scammer to get into your account. For more, check out this password checklist.
Back up important data
As an extra precaution, back up your important data. Save your files to an external storage device, like a USB flash drive or an external hard drive. Also, save your information with an online cloud storage service.
Get more advice about protecting your devices and your accounts.Search Terms cyber securityTopics Identity Theft and Online SecurityOnline Privacy and SecurityRelated ItemsProtect Your Personal Information and Data
Recent Consumer Alerts
Cybersecurity advice to protect your connected devices and accounts March 23, 2022
FTC says credit repair operation fleeced its clients March 21, 2022
HomeAdvisor’s home improvement leads needed work March 17, 2022
Cybersecurity
Cybersecurity is the art of protecting networks, devices, and data from unauthorized access or criminal use and the practice of ensuring confidentiality, integrity, and availability of information. It seems that everything relies on computers and the internet now—communication (e.g., email, smartphones, tablets), entertainment (e.g., interactive video games, social media, apps ), transportation (e.g., navigation systems), shopping (e.g., online shopping, credit cards), medicine (e.g., medical equipment, medical records), and the list goes on. How much of your daily life relies on technology? How much of your personal information is stored either on your own computer, smartphone, tablet or on someone else’s system?
What are the risks to having poor cybersecurity?
There are many risks, some more serious than others. Among these dangers are malware erasing your entire system, an attacker breaking into your system and altering files, an attacker using your computer to attack others, or an attacker stealing your credit card information and making unauthorized purchases. There is no guarantee that even with the best precautions some of these things won’t happen to you, but there are steps you can take to minimize the chances.
What can you do to improve your cybersecurity?
The first step in protecting yourself is to recognize the risks. Familiarize yourself with the following terms to better understand the risks:
- Hacker, attacker, or intruder – These terms are applied to the people who seek to exploit weaknesses in software and computer systems for their own gain. Although their intentions are sometimes benign and motivated by curiosity, their actions are typically in violation of the intended use of the systems they are exploiting. The results can range from mere mischief (creating a virus with no intentionally negative impact) to malicious activity (stealing or altering information).
- Malicious code – Malicious code (also called malware) is unwanted files or programs that can cause harm to a computer or compromise data stored on a computer. Various classifications of malicious code include viruses, worms, and Trojan horses. (See Protecting Against Malicious Code for more information.) Malicious code may have the following characteristics:
- It might require you to actually do something before it infects your computer. This action could be opening an email attachment or going to a particular webpage.
- Some forms of malware propagate without user intervention and typically start by exploiting a software vulnerability. Once the victim computer has been infected, the malware will attempt to find and infect other computers. This malware can also propagate via email, websites, or network-based software.
- Some malware claims to be one thing, while in fact doing something different behind the scenes. For example, a program that claims it will speed up your computer may actually be sending confidential information to a remote intruder.
- Vulnerabilities – Vulnerabilities are flaws in software, firmware, or hardware that can be exploited by an attacker to perform unauthorized actions in a system. They can be caused by software programming errors. Attackers take advantage of these errors to infect computers with malware or perform other malicious activity.
To minimize the risks of cyberattacks, follow basic cybersecurity best practices:
- Keep software up to date. Install software patches so that attackers cannot take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it. (see Understanding Patches and Software Updates for more information.)
- Run up-to-date antivirus software. A reputable antivirus software application is an important protective measure against known malicious threats. It can automatically detect, quarantine, and remove various types of malware. Be sure to enable automatic virus definition updates to ensure maximum protection against the latest threats. Note: Because detection relies on signatures—known patterns that can identify code as malware—even the best antivirus will not provide adequate protections against new and advanced threats, such as zero-day exploits and polymorphic viruses.
- Use strong passwords. Select passwords that will be difficult for attackers to guess, and use different passwords for different programs and devices. It is best to use long, strong passphrases or passwords that consist of at least 16 characters. (See Choosing and Protecting Passwords.)
- Change default usernames and passwords. Default usernames and passwords are readily available to malicious actors. Change default passwords, as soon as possible, to a sufficiently strong and unique password.
- Implement multi-factor authentication (MFA). Authentication is a process used to validate a user’s identity. Attackers commonly exploit weak authentication processes. MFA uses at least two identity components to authenticate a user’s identity, minimizing the risk of a cyberattacker gaining access to an account if they know the username and password. (See Supplementing Passwords.)
- Install a firewall. Firewalls may be able to prevent some types of attack vectors by blocking malicious traffic before it can enter a computer system, and by restricting unnecessary outbound communications. Some device operating systems include a firewall. Enable and properly configure the firewall as specified in the device or system owner’s manual. (See Understanding Firewalls for Home and Small Office Use.)
- Be suspicious of unexpected emails. Phishing emails are currently one of the most prevalent risks to the average user. The goal of a phishing email is to gain information about you, steal money from you, or install malware on your device. Be suspicious of all unexpected emails. (See Avoiding Social Engineering and Phishing Attacks.)
Refer to cybersecurity Tips and Cyber Essentials for more information from the Cybersecurity and Infrastructure Security Agency (CISA) on how to improve your cybersecurity posture and protect yourself and from cyberattacks.
Ransomware
Ransomware is a type of malware threat actors use to infect computers and encrypt computer files until a ransom is paid. (See Protecting Against Malicious Code for more information on malware.) After the initial infection, ransomware will attempt to spread to connected systems, including shared storage drives and other accessible computers.
If the threat actor’s ransom demands are not met (i.e., if the victim does not pay the ransom), the files or encrypted data will usually remain encrypted and unavailable to the victim. Even after a ransom has been paid to unlock encrypted files, threat actors will sometimes demand additional payments, delete a victim’s data, refuse to decrypt the data, or decline to provide a working decryption key to restore the victim’s access. The Federal Government does not support paying ransomware demands. (See the FBI’s ransomware article.)
How does ransomware work?
Ransomware identifies the drives on an infected system and begins to encrypt the files within each drive. Ransomware generally adds an extension to the encrypted files, such as .aaa
, .micro
, .encrypted
, .ttt
, .xyz
, .zzz
, .locky
, .crypt
, .cryptolocker
, .vault
, or .petya
, to show that the files have been encrypted—the file extension used is unique to the ransomware type.
Once the ransomware has completed file encryption, it creates and displays a file or files containing instructions on how the victim can pay the ransom. If the victim pays the ransom, the threat actor may provide a cryptographic key that the victim can use to unlock the files, making them accessible.
How is ransomware delivered?
Ransomware is commonly delivered through phishing emails or via “drive-by downloads.” Phishing emails often appear as though they have been sent from a legitimate organization or someone known to the victim and entice the user to click on a malicious link or open a malicious attachment. A “drive-by download” is a program that is automatically downloaded from the internet without the user’s consent or often without their knowledge. It is possible the malicious code may run after download, without user interaction. After the malicious code has been run, the computer becomes infected with ransomware.
What can I do to protect my data and networks?
- Back up your computer. Perform frequent backups of your system and other important files, and verify your backups regularly. If your computer becomes infected with ransomware, you can restore your system to its previous state using your backups.
- Store your backups separately. Best practice is to store your backups on a separate device that cannot be accessed from a network, such as on an external hard drive. Once the backup is completed, make sure to disconnect the external hard drive, or separate device from the network or computer. (See the Software Engineering Institute’s page on Ransomware).
- Train your organization. Organizations should ensure that they provide cybersecurity awareness training to their personnel. Ideally, organizations will have regular, mandatory cybersecurity awareness training sessions to ensure their personnel are informed about current cybersecurity threats and threat actor techniques. To improve workforce awareness, organizations can test their personnel with phishing assessments that simulate real-world phishing emails.
What can I do to prevent ransomware infections?
- Update and patch your computer. Ensure your applications and operating systems (OSs) have been updated with the latest patches. Vulnerable applications and OSs are the target of most ransomware attacks. (See Understanding Patches and Software Updates.)
- Use caution with links and when entering website addresses. Be careful when clicking directly on links in emails, even if the sender appears to be someone you know. Attempt to independently verify website addresses (e.g., contact your organization’s helpdesk, search the internet for the sender organization’s website or the topic mentioned in the email). Pay attention to the website addresses you click on, as well as those you enter yourself. Malicious website addresses often appear almost identical to legitimate sites, often using a slight variation in spelling or a different domain (e.g.,
.com
instead of.net
). (See Using Caution with Email Attachments.) - Open email attachments with caution. Be wary of opening email attachments, even from senders you think you know, particularly when attachments are compressed files or ZIP files.
- Keep your personal information safe. Check a website’s security to ensure the information you submit is encrypted before you provide it. (See Protecting Your Privacy.)
- Verify email senders. If you are unsure whether or not an email is legitimate, try to verify the email’s legitimacy by contacting the sender directly. Do not click on any links in the email. If possible, use a previous (legitimate) email to ensure the contact information you have for the sender is authentic before you contact them.
- Inform yourself. Keep yourself informed about recent cybersecurity threats and up to date on ransomware techniques. You can find information about known phishing attacks on the Anti-Phishing Working Group website. You may also want to sign up for CISA product notifications, which will alert you when a new Alert, Analysis Report, Bulletin, Current Activity, or Tip has been published.
- Use and maintain preventative software programs. Install antivirus software, firewalls, and email filters—and keep them updated—to reduce malicious network traffic. (See Understanding Firewalls for Home and Small Office Use.)
How do I respond to a ransomware infection?
- Follow the Ransomware Response Checklist on p. 11 of the CISA-MS-ISAC Joint Ransomware Guide.
- Scan your backups. If possible, scan your backup data with an antivirus program to check that it is free of malware.
What do I do if my computer is infected with ransomware?
- Home users: immediately contact your local FBI office or local U.S. Secret Service office to request assistance.
- Organizations: immediately report ransomware incidents to your IT helpdesk or security office.
- All users: change all system passwords once the ransomware has been removed. You can submit ransomware files to CISA for analysis via https://www.malware.us-cert.gov/MalwareSubmission/pages/submission.jsf. (See Choosing and Protecting and Passwords and Supplementing Passwords.)
Malicious Code
Malicious code is unwanted files or programs that can cause harm to a computer or compromise data stored on a computer. Various classifications of malicious code include viruses, worms, and Trojan horses.
- Viruses have the ability to damage or destroy files on a computer system and are spread by sharing an already infected removable media, opening malicious email attachments, and visiting malicious web pages.
- Worms are a type of virus that self-propagates from computer to computer. Its functionality is to use all of your computer’s resources, which can cause your computer to stop responding.
- Trojan Horses are computer programs that are hiding a virus or a potentially damaging program. It is not uncommon that free software contains a Trojan horse making a user think they are using legitimate software, instead the program is performing malicious actions on your computer.
- Malicious data files are non-executable files—such as a Microsoft Word document, an Adobe PDF, a ZIP file, or an image file—that exploits weaknesses in the software program used to open it. Attackers frequently use malicious data files to install malware on a victim’s system, commonly distributing the files via email, social media, and websites.
How can you protect yourself against malicious code?
Following these security practices can help you reduce the risks associated with malicious code:
- Install and maintain antivirus software. Antivirus software recognizes malware and protects your computer against it. Installing antivirus software from a reputable vendor is an important step in preventing and detecting infections. Always visit vendor sites directly rather than clicking on advertisements or email links. Because attackers are continually creating new viruses and other forms of malicious code, it is important to keep your antivirus software up-to-date.
- Use caution with links and attachments. Take appropriate precautions when using email and web browsers to reduce the risk of an infection. Be wary of unsolicited email attachments and use caution when clicking on email links, even if they seem to come from people you know. (See Using Caution with Email Attachments for more information.)
- Block pop-up advertisements. Pop-up blockers disable windows that could potentially contain malicious code. Most browsers have a free feature that can be enabled to block pop-up advertisements.
- Use an account with limited permissions. When navigating the web, it’s a good security practice to use an account with limited permissions. If you do become infected, restricted permissions keep the malicious code from spreading and escalating to an administrative account.
- Disable external media AutoRun and AutoPlay features. Disabling AutoRun and AutoPlay features prevents external media infected with malicious code from automatically running on your computer.
- Change your passwords. If you believe your computer is infected, change your passwords. This includes any passwords for websites that may have been cached in your web browser. Create and use strong passwords, making them difficult for attackers to guess. (See Choosing and Protecting Passwords and Supplementing Passwords for more information.)
- Keep software updated. Install software patches on your computer so attackers do not take advantage of known vulnerabilities. Consider enabling automatic updates, when available. (See Understanding Patches and Software Updates for more information.)
- Back up data. Regularly back up your documents, photos, and important email messages to the cloud or to an external hard drive. In the event of an infection, your information will not be lost.
- Install or enable a firewall. Firewalls can prevent some types of infection by blocking malicious traffic before it enters your computer. Some operating systems include a firewall; if the operating system you are using includes one, enable it. (See Understanding Firewalls for Home and Small Office Use for more information.)
- Use anti-spyware tools. Spyware is a common virus source, but you can minimize infections by using a program that identifies and removes spyware. Most antivirus software includes an anti-spyware option; ensure you enable it.
- Monitor accounts. Look for any unauthorized use of, or unusual activity on, your accounts—especially banking accounts. If you identify unauthorized or unusual activity, contact your account provider immediately.
- Avoid using public Wi-Fi. Unsecured public Wi-Fi may allow an attacker to intercept your device’s network traffic and gain access to your personal information.
What do you need to know about antivirus software?
Antivirus software scans computer files and memory for patterns that indicate the possible presence of malicious code. You can perform antivirus scans automatically or manually.
- Automatic scans – Most antivirus software can scan specific files or directories automatically. New virus information is added frequently, so it is a good idea to take advantage of this option.
- Manual scans – If your antivirus software does not automatically scan new files, you should manually scan files and media you receive from an outside source before opening them, including email attachments, web downloads, CDs, DVDs, and USBs.
Although anti-virus software can be a powerful tool in helping protect your computer, it can sometimes induce problems by interfering with the performance of your computer. Too much antivirus software can affect your computer’s performance and the software’s effectiveness.
- Investigate your options in advance. Research available antivirus and anti-spyware software to determine the best choice for you. Consider the amount of malicious code the software recognizes and how frequently the virus definitions are updated. Also, check for known compatibility issues with other software you may be running on your computer.
- Limit the number of programs you install. Packages that incorporate both antivirus and anti-spyware capabilities together are now available. If you decide to choose separate programs, you only need one antivirus program and one anti-spyware program. Installing more programs increases your risk for problems.
There are many antivirus software program vendors, and deciding which one to choose can be confusing. Antivirus software programs all typically perform the same type of functions, so your decision may be based on recommendations, features, availability, or price. Regardless of which package you choose, installing any antivirus software will increase your level of protection.
How do you recover if you become a victim of malicious code?
Using antivirus software is the best way to defend your computer against malicious code. If you think your computer is infected, run your antivirus software program. Ideally, your antivirus program will identify any malicious code on your computer and quarantine them so they no longer affect your system. You should also consider these additional steps:
- Minimize the damage. If you are at work and have access to an information technology (IT) department, contact them immediately. The sooner they can investigate and “clean” your computer, the less likely it is to cause additional damage to your computer—and other computers on the network. If you are on a home computer or laptop, disconnect your computer from the internet; this will prevent the attacker from accessing your system.
- Remove the malicious code. If you have antivirus software installed on your computer, update the software and perform a manual scan of your entire system. If you do not have antivirus software, you can purchase it online or in a computer store. If the software cannot locate and remove the infection, you may need to reinstall your operating system, usually with a system restore disk. Note that reinstalling or restoring the operating system typically erases all of your files and any additional software that you have installed on your computer. After reinstalling the operating system and any other software, install all of the appropriate patches to fix known vulnerabilities.
Threats to your computer will continue to evolve. Although you cannot eliminate every hazard, by using caution, installing and using antivirus software, and following other simple security practices, you can significantly reduce your risk and strengthen your protection against malicious code.
Social Networking Sites
Social networking sites, sometimes referred to as “friend-of-a-friend” sites, build upon the concept of traditional social networks where you are connected to new people through people you already know. The purpose of some networking sites may be purely social, allowing users to establish friendships or romantic relationships, while others may focus on establishing business connections.
Although the features of social networking sites differ, they all allow you to provide information about yourself and offer some type of communication mechanism (forums, chat rooms, email, instant messages) that enables you to connect with other users. On some sites, you can browse for people based on certain criteria, while other sites require that you be “introduced” to new people through a connection you share. Many of the sites have communities or subgroups that may be based on a particular interest.
What security implications do these sites present?
Social networking sites rely on connections and communication, so they encourage you to provide a certain amount of personal information. When deciding how much information to reveal, people may not exercise the same amount of caution as they would when meeting someone in person because
- the internet provides a sense of anonymity
- the lack of physical interaction provides a false sense of security
- they tailor the information for their friends to read, forgetting that others may see it
- they want to offer insights to impress potential friends or associates
While the majority of people using these sites do not pose a threat, malicious people may be drawn to them because of the accessibility and amount of personal information that’s available. The more information malicious people have about you, the easier it is for them to take advantage of you. Predators may form relationships online and then convince unsuspecting individuals to meet them in person. That could lead to a dangerous situation. The personal information can also be used to conduct a social engineering attack. (See Avoiding Social Engineering and Phishing Attacks for more information.) Using information that you provide about your location, hobbies, interests, and friends, a malicious person could impersonate a trusted friend or convince you that they have the authority to access other personal or financial data.
Additionally, because of the popularity of these sites, attackers may use them to distribute malicious code. Sites that offer applications developed by third parties are particularly susceptible. Attackers may be able to create customized applications that appear to be innocent while infecting your computer or sharing your information without your knowledge.
How can you protect yourself?
- Limit the amount of personal information you post – Do not post information that would make you vulnerable, such as your address or information about your schedule or routine. If your connections post information about you, make sure the combined information is not more than you would be comfortable with strangers knowing. Also be considerate when posting information, including photos, about your connections.
- Remember that the internet is a public resource – Only post information you are comfortable with anyone seeing. This includes information and photos in your profile and in blogs and other forums. Also, once you post information online, you can’t retract it. Even if you remove the information from a site, saved or cached versions may still exist on other people’s machines. (See Guidelines for Publishing Information Online.)
- Be wary of strangers – The internet makes it easy for people to misrepresent their identities and motives. (See Using Instant Messaging and Chat Rooms Safely.) Consider limiting the people who are allowed to contact you on these sites. If you interact with people you do not know, be cautious about the amount of information you reveal or agreeing to meet them in person.
- Be skeptical – Don’t believe everything you read online. People may post false or misleading information about various topics, including their own identities. This is not necessarily done with malicious intent; it could be unintentional, an exaggeration, or a joke. Take appropriate precautions, though, and try to verify the authenticity of any information before taking any action.
- Evaluate your settings – Take advantage of a site’s privacy settings. The default settings for some sites may allow anyone to see your profile, but you can customize your settings to restrict access to only certain people. There is still a risk that private information could be exposed despite these restrictions, so don’t post anything that you wouldn’t want the public to see. Sites may change their options periodically, so review your security and privacy settings regularly to make sure that your choices are still appropriate.
- Be wary of third-party applications – Third-party applications may provide entertainment or functionality, but use caution when deciding which applications to enable. Avoid applications that seem suspicious, and modify your settings to limit the amount of information the applications can access.
- Use strong passwords – Protect your account with passwords that cannot easily be guessed. (See Choosing and Protecting Passwords.) If your password is compromised, someone else may be able to access your account and pretend to be you.
- Check privacy policies – Some sites may share information such as email addresses or user preferences with other companies. This may lead to an increase in spam. (See Reducing Spam.) Also, try to locate the policy for handling referrals to make sure that you do not unintentionally sign your friends up for spam. Some sites will continue to send email messages to anyone you refer until they join.
- Keep software, particularly your web browser, up to date – Install software updates so that attackers cannot take advantage of known problems or vulnerabilities. (See Understanding Patches.) Many operating systems offer automatic updates. If this option is available, you should enable it.
- Use and maintain anti-virus software – Anti-virus software helps protect your computer against known viruses, so you may be able to detect and remove the virus before it can do any damage. (See Understanding Anti-Virus Software.) Because attackers are continually writing new viruses, it is important to keep your definitions up to date.
Children are especially susceptible to the threats that social networking sites present. Although many of these sites have age restrictions, children may misrepresent their ages so that they can join. By teaching children about Internet safety, being aware of their online habits, and guiding them to appropriate sites, parents can make sure that the children become safe and responsible users. (See Keeping Children Safe Online.)
Email Attachments
Some characteristics that make email attachments convenient and popular also make them a common tool for attackers:
- Email is easily circulated – Forwarding email is so simple that viruses can quickly infect many machines. Most viruses do not even require users to forward the email—they scan a users’ mailbox for email addresses and automatically send the infected message to all of the addresses they find. Attackers take advantage of the reality that most users will automatically trust and open a message that comes from someone they know.
- Email programs try to address all users’ needs – Almost any type of file can be attached to an email message, so attackers have more freedom with the types of viruses they can send.
- Email programs offer many “user-friendly” features – Some email programs have the option to automatically download email attachments, which immediately exposes your computer to viruses within the attachments.
What steps can you take to protect yourself and others in your address book?
- Be wary of unsolicited attachments, even from people you know. Just because an email message looks like it came from someone you know does not mean that it did. Many viruses can “spoof” the return address, making it look like the message came from someone else. If you can, check with the person who supposedly sent the message to make sure it’s legitimate before opening any attachments. This includes email messages that appear to be from your internet service provider (ISP) or software vendor and claim to include patches or antivirus software. ISPs and software vendors do not send patches or software in email.
- Keep software up to date. Install software patches so that attackers can’t take advantage of known problems or vulnerabilities . Many operating systems offer automatic updates. If this option is available, you should enable it. (see Understanding Patches and Software Updates for more information)
- Trust your instincts. If an email or email attachment seems suspicious, don’t open it, even if your antivirus software indicates that the message is clean. Attackers are constantly releasing new viruses, and the antivirus software might not have the signature. At the very least, contact the person who supposedly sent the message to make sure it’s legitimate before you open the attachment. However, especially in the case of forwards, even messages sent by a legitimate sender might contain a virus. If something about the email or the attachment makes you uncomfortable, there may be a good reason. Don’t let your curiosity put your computer at risk.
- Save and scan any attachments before opening them. If you have to open an attachment before you can verify the source, take the following steps:
- Be sure the signatures in your antivirus software are up to date.
- Save the file to your computer or a disk.
- Manually scan the file using your antivirus software.
- If the file is clean and doesn’t seem suspicious, go ahead and open it.
- Turn off the option to automatically download attachments. To simplify the process of reading email, many email programs offer the feature to automatically download attachments. Check your settings to see if your software offers the option, and make sure to disable it.
- Consider creating separate accounts on your computer. Most operating systems give you the option of creating multiple user accounts with different privileges. Consider reading your email on an account with restricted privileges. Some viruses need “administrator” privileges to infect a computer.
- Apply additional security practices. You may be able to filter certain types of attachments through your email software (see Reducing Spam) or a firewall (see Understanding Firewalls).
Online Shopping
The internet offers convenience not available from other shopping outlets. You can search for items from multiple vendors, compare prices with a few mouse clicks, and make purchases from your home. However, the internet is also convenient for attackers, giving them multiple ways to access the personal and financial information of unsuspecting shoppers. Attackers who are able to obtain this information may use it for their own financial gain, either by making purchases themselves or by selling the information to someone else.
How do attackers target online shoppers?
There are three common ways that attackers can take advantage of online shoppers:
- Creating fraudulent sites and email messages – Unlike traditional shopping, where you know that a store is actually the store it claims to be, attackers can create malicious websites or email messages that appear to be legitimate. Attackers may also misrepresent themselves as charities, especially after natural disasters or during holiday seasons. Attackers create these malicious sites and email messages to try to convince you to supply personal and financial information.
- Intercepting insecure transactions – If a vendor does not use encryption, an attacker may be able to intercept your information as it is transmitted.
- Targeting vulnerable computers – If you do not take steps to protect your computer from viruses or other malicious code, an attacker may be able to gain access to your computer and all of the information on it. It is also important for vendors to protect their computers to prevent attackers from accessing customer databases.
How can you protect yourself?
- Do business with reputable vendors – Before providing any personal or financial information, make sure that you are interacting with a reputable, established vendor. Some attackers may try to trick you by creating malicious websites that appear to be legitimate, so you should verify the legitimacy before supplying any information. (See Avoiding Social Engineering and Phishing Attacks and Understanding Web Site Certificates for more information.) Attackers may obtain a site certificate for a malicious website to appear more authentic, so review the certificate information, particularly the “issued to” information. Locate and note phone numbers and physical addresses of vendors in case there is a problem with your transaction or your bill.
- Make sure your information is being encrypted – Many sites use secure sockets layer to encrypt information. Indications that your information will be encrypted include a Uniform Resource Locator (URL) that begins with “https:” instead of “http:” and a padlock icon. If the padlock is closed, the information is encrypted. The location of the icon varies by browser; for example, it may be to the right of the address bar or at the bottom of the window. Some attackers try to trick users by adding a fake padlock icon, so make sure that the icon is in the appropriate location for your browser.
- Be wary of emails requesting information – Attackers may attempt to gather information by sending emails requesting that you confirm purchase or account information. (See Avoiding Social Engineering and Phishing Attacks.) Legitimate businesses will not solicit this type of information through email. Do not provide sensitive information through email. If you receive an unsolicited email from a business, instead of clicking on the provided link, directly log on to the authentic website by typing the address yourself.
- Use a credit card – There are laws to limit your liability for fraudulent credit card charges, but you may not have the same level of protection for your debit cards. Additionally, debit cards draw money directly from bank accounts, unauthorized charges could leave you with insufficient funds to pay other bills. You can minimize potential damage by using a single, low-limit credit card to make all of your online purchases. Also, use a credit card when using a payment gateway such as PayPal, Google Wallet, or Apple Pay.
- Check your shopping app settings – Look for apps that tell you what they do with your data and how they keep it secure. Keep in mind that there is no legal limit on your liability with money stored in a shopping app (or on a gift card). Unless otherwise stated under the terms of service, you are responsible for all charges made through your shopping app.
- Check your statements – Keep a record of your purchases and copies of confirmation pages, and compare them to your bank statements. If there is a discrepancy, report it immediately. (See Preventing and Responding to Identity Theft.)
- Check privacy policies – Before providing personal or financial information, check the website’s privacy policy. Make sure you understand how your information will be stored and used. (See Protecting Your Privacy.)
Resources
https://www.us-cert.gov/ncas/tips
Authors
CISA
FTC