Introduction to National Cyber Security Awareness Month
Today (October 1st) marks the first day of the National Cyber Security Awareness Month (NCSAM). It is very important to not get caught up in NCSAM and then forget about Cyber Security the rest of the year. Safe computing habits take time and practice to involve in your everyday life; but the result is well worth it.
Stop. Think. Connect.
The motto of NCSAM is “Stop. Think. Connect.” I think this is a perfect motto; since it forms the basis of identifying threats to your online safety. One of the tactics an attacker will use is to try and make you feel rushed. The more time you have to think about what they are trying to tell you, the more time you have to realize it isn’t legitimate. There are very few instances where time is truly of the essence when it comes to your computer. Stop. Slow down. Think. Is this too good to be true? Does this seem like something that this person would actually be saying? What could happen if I do what this is asking?
One of the more common attacks that we see people falling victim to these days is fake tech support scams. These generally consist of a person accidently browsing to a malicious page that tells them that there is a problem with their computer, and asks them to call a phone number for assistance. In many cases, it may be difficult to close out of the web page. These pages can be very convincing and may look similar to legitimate messages that the person has seen before on their computer. Once the user calls the phone number, they are connected to a scammer who takes control of their computer (with the person’s help), and can do anything from trying to use scare tactics to sell expensive and unnecessary services, to stealing sensitive information, or attempting to cause damage to the computer. In many cases, after I’ve talked with a user who has fallen victim to this scam, they tell me that they had eventually figured out that it was a scam, but it was too late. If they had just waited a few minutes and calmed themselves down, they would have been much less likely to fall victim to this type of scam.
Tech support scams are just one example of where Stop. Think. Connect. can help. Another instance is phishing attempts. No legitimate company should ever be asking you for your password. In fact, there should be no instance where anyone at the company should be able to read your password – your password should never be stored in plain text to begin with (instead it should be stored as a “salted one-way hash” – which is a fancy/technical way of saying gibberish that neither a computer or person can translate into your password).
For more online safety basics, take a look at the National Cyber Security Alliance’s website at: https://staysafeonline.org/stay-safe-online/online-safety-basics/
For more information about becoming a National Cyber Security Awareness Month Champion, visit the NCSAM website at: https://staysafeonline.org/ncsam/ncsam-champion/