SANS Tip of the Day
The most recent SANS Institute Security Awareness Tips
Updated: 7 hours 56 min ago
Review your bank, credit card and financial statements regularly to identify unauthorized activity. This is one of the most effective ways to quickly detect if your bank account, credit card or identity has been compromised.
When browsing online, encrypting your online activities is one of the best ways to protect yourself. Make sure your online connection is encrypted by making sure HTTPS is in the website address and/or that there is a lock next to it.
One of the most effective steps you can take to protect your cloud account is to make sure you are using two-step verification. In addition, always be sure you know exactly whom you are sharing files with. It is very easy to accidently share your files with the entire Internet when you think you are only sharing them with specific individuals.
The most effective steps you can take to secure your wireless network at home is to change the default admin password, enable WPA2 encryption and use a strong password for your wireless network.
When you delete a file, that file is actually still on your computer. The only way you can truly and securely remove a file is by wiping it or using some type of secure deletion.
Ransomware is a special type of malware. Once it infected your computer, it encrypts all of your files and demands you pay a ransome if you want your files back. Be suspicious of any emails trying to trick you into opening infected attachments or click on malicious links, common sense is your best defense. In addition. backups are often the only way you can recover from ransomware.
If you have kids with mobile devices, create a central home charging station in your bedroom. Before the kids go to bed at night, have them put their mobile devices there so they are not tempted to play with them when they should be sleeping.
Ultimately, common sense is your best protection. If an email, phone call or online message seems odd, suspicious or too good to be true, it may be an attack.
Malware is software--a computer program--used to perform malicious actions. In fact, the term malware is a combination of the words malicious and software. Cyber criminals install malware on your computers or devices to gain control over them or gain access to what they contain. Once installed, these attackers can use malware to spy on your online activities, steal your passwords and files, or use your system to attack others.
Never share your passwords with others, including your supervisor or coworkers. Your password is a secret; it only works if only you know it. If anyone else knows your password, you may be responsible for their actions.
Privacy settings on social networks have limited value. They are confusing to configure and change often. Ultimately, if you do not want your parents or boss reading it, do not post it.
A common method cyber criminals use to hack into people's computers is to send them emails with malicious links. People are tricked into opening these links because they appear to come from someone or something they know and trust. If you click on a link, you may be taken to a site that attempts to harvest your information or tries to hack into your computer. Only click on links that you were expecting. Not sure about an email? Call the person to confirm they sent it.
One of the most effective ways you can protect your computer at home is to make sure both the operating system and your applications are patched and updated. Enable automatic updating whenever possible.
Only install mobile apps from trusted places, and always double-check the privacy settings to ensure you are not giving away too much information.
When shopping online, always use your credit cards instead of a debit card. If any fraud happens, it is far easier to recover your money from a credit card transaction. Gift cards and one-time-use credit card numbers are even more secure.
Make sure each of your accounts has a separate, unique password. Can't remember all of your passwords/passphrases? Consider using a password manager to securely store all of them for you.
Two-step verification is one of the best steps you can take to secure any account. Two-step verification is when you require both a password and code sent to or generated by your mobile device. Examples of services that support two-step verification include Gmail, Dropbox and Twitter.
Be careful with email auto-complete. This is an email feature that automatically completes a name for you when you begin typing it in the TO field. However, your email client can easily complete the wrong name for you. If you are emailing anything sensitive, always be sure to check the TO field a second time before hitting the send button.