October is the official cyber security awareness month, and I thought it’s a great time to share a few simple tips that can go a long way to help you keep yourself safe online. As the tech landscape fast evolves, so does the security.However, it’s a bit challenging for security solutions to keep up with the evolution since most technologies aren’t made with security in mind. It’s a fact that many tech professionals have grappled with. As the good guys take steps to close the gaps that could increase vulnerability online, the bad guys, on the other hand, are spending sleepless nights trying to find ways to get around these security measures. According to the FBI’s annual internet crime report, cyber related crimes resulted in a loss of between $10 and $12 billion dollars in 2023. What a staggering amount. These were as a result of investment frauds and hacked business emails. They include instances where fraudsters use stolen personal information for identity theft by forging things like bank and credit card details. The underlying truth is that no one is immune from these crimes, but there are some simple but effective practices that could go a long way in keeping you safe.
- Turn on your multifactor authentication.
You may not believe it, but this is one of those magic tools that can absolutely make you secure. MFA, as it’s popularly known, is a security measure that puts an extra layer of security by requiring users to provide two or more different proofs of identity before granting access. This ensures that even if someone can breach the first layer of security, they can’t have access until they breach the other layers, making the system more secure. MFA requires a combination of:
–something the user knows, such as a pin, password, passphrase, or security question.
-something the user has, e.g., a token or a card.
or
–something the user is, which includes physical features such as biometrics (fingerprints, face ID, etc.). Taking your time to turn on your MFA can be extremely consequential, and whether you are a business or an individual, you are encouraged to do this whenever possible.
2. Keeping devices and software’s UpToDate.
I know it’s usually annoying when those notifications to perform an update pop up, especially when we are busy trying to get stuff done. We might be tempted to ignore or even turn off the notifications. I am guilty as charged, so I am not judging, so please hold on a minute. Am not trying to victim shame here, so here me out. What if a simple update might be the saving grace from you losing your valuable data or hard-earned money? There is a reason why developers constantly develop these updates. There are bugs and gaps that are constantly realized, which, if not addressed, can be exploited by the bad guys to cause harm to the users. So, whenever you see that update notification popup, don’t just brush it off; it might be that extra layer that you require to be safe.
3. Unique passwords.
Yes, it’s 2024, but I can’t stress enough how important the issue of passwords is. I know it’s natural to want to use common and simple passwords, such as our names, DOBs, etc. We have so many other things to worry about than having to memorize a bunch of complex passwords. As tech expands, we tend to have many access accounts, meaning passwords. What users tend to do to get past this is to use a single password for the many accounts. The danger with this is that if you have a breach for one account, it makes all your accounts venerable, and you have a very slim chance of coming back.
4. Recognizing and reporting phishing.
Phishing is the most rampant cybercrime currently. It’s a social engineering cybercrime where scammers try to trick potential victims to reveal sensitive information through emails or text messages. Am sure you have received an email or a text message alerting you that you have “won” some prize in some competition that you have never participated in or some email purporting to be from your bank warning that you will lose your money if you don’t click on some link or send some information to have them resolve your issue. They then use the information to either access your bank account or credit cards. They can also use the information for impersonation and access financial services on your behalf. How do you detect phishing emails and messages?
Check for typos—most of these are done in a rush, and they will often contain typing errors. So be on the lookout.
Twisted domain names: the email header looks like it’s from a legit domain, but when you check out the domain name, then you get the trick run; it’s a scam 😬 Most of these phishing emails are too good to be true, so beware of ‘too good’ deals.
Do not open attachments and links from suspicious emails unless you are doing it in a sandbox (special environment).
Do not fall for urgency—most phishing messages are presented with an urgent call to action. Before jumping into doing anything, just hold back and investigate.
It’s almost impossible to exhaust this list, but most, if not all, phishing messages have these
