SANS Tip of the Day

Subscribe to SANS Tip of the Day feed
The most recent SANS Institute Security Awareness Tips
Updated: 22 min 27 sec ago

Hosting a Video Conference

21 hours 37 min ago
When hosting a video conference, make sure you password protect the conference so only authorized individuals can join. If there are any strangers or people who you do not recognize on the call, remove them.

Patch and Update

Mon, 07/26/2021 - 01:00
One of the most effective ways you can protect your computers and devices at home is to make sure both the operating system and your applications are patched and updated. Enable automatic updating whenever possible.

CEO Fraud

Fri, 07/23/2021 - 01:00
CEO Fraud / BEC is a type of targeted email attack. It commonly involves a cyber criminal pretending to be your boss or a senior leader and then tricking you into sending the criminal highly sensitive information, buying gift cards or initiating a wire transfer. Be highly suspicious of any emails demanding immediate action and/or asking you to bypass any security procedures.

Digital Inheritance

Wed, 07/21/2021 - 01:00
What happens to our digital presence when we die or become incapacitated? Many of us have or know we should have a will and checklists of what loved ones need to know in the event of our passing. But what about all of our digital data and online accounts? Consider creating some type of digital will, often called a "Digital Inheritance" plan.

Messaging / Smishing Attacks

Tue, 07/20/2021 - 01:00
Cyber attackers can just as easily trick or fool you in messaging apps as they can in email. Be on the look-out for scams or attacks via apps such as Slack, Skype, WhatsApp or event simple text messaging. The most common clues are tremendous sense of urgency or curiosity.

Smart Home Devices

Mon, 07/12/2021 - 01:00
Now adays most of us have numerous devices in our homes connect to the Internet. From thermostats and gaming consoles to baby monitors, door locks or even your car. Ensure you change the default passwords on these devices and enable automatic updating.

What is Malware

Fri, 07/09/2021 - 01:00
Malware is software--a computer program--used to perform malicious actions. In fact, the term malware is a combination of the words malicious and software. Cyber criminals install malware on your computers or devices to gain control over them or gain access to what they contain. Once installed, these attackers can use malware to spy on your online activities, steal your passwords and files, or use your system to attack others.

Reporting an Incident

Thu, 07/08/2021 - 01:00
Bad guys are very persistent, eventually anyone can make a mistake. If a phone call from the "Help Desk" doesn't sound quite right, if an email seems suspicious or if a program you installed starts acting funny, ask for help! In addition, perhaps you lost a work laptop or a USB drive. The sooner you report an incident, the sooner we can help resolve the problem.

Personalized Scams

Wed, 07/07/2021 - 01:00
Cyber criminals now have a wealth of information on almost all of us. With so many organizations getting hacked, cyber criminals simply purchase databases with personal information on millions of people, then use that information to customize their attacks, making them far more realistic. Just because an urgent email has your home address, phone number, or birth date in it does not mean it is legitimate.

You Are a Target

Mon, 07/05/2021 - 01:00
You may not realize it, but you are a target. Your computer, work, personal accounts, and your information are all highly valuable to cyber criminals. Be mindful that bad guys are out to get you.

Identity Theft

Mon, 06/28/2021 - 01:00
Identity theft is when someone steals information about you and then uses that information to pretend to be you and commit crimes, such as credit card fraud. One of the key steps to protecting yourself is monitoring your financial, credit score and credit card accounts. The sooner you detect fraud in any of these accounts, the sooner you can minimize the damage.

Go with Passphrases

Fri, 06/25/2021 - 01:00
Passphrases are one of the strongest type of passwords you can use and often the easiest to remember and type. Simply use random words or an entire sentence for your password, such as "Honey rain beach lost" The longer your passphrase, the stronger it is.

Privacy

Thu, 06/24/2021 - 01:00
Privacy is more than just settings in your social media account or using the Tor Browser. Your data and actions are collected in a variety of ways. The more aware you are of just how much of your data is collected, the better you can protect it.

Careers in Cybersecurity

Tue, 06/22/2021 - 01:00
Have you considered a career in cybersecurity? It is a fast-paced, highly dynamic field with a huge number of specialties to choose from, including forensics, endpoint security, critical infrastructure, incident response, secure coding, and awareness and training. In addition, a career in cybersecurity allows you to work almost anywhere in the world, with amazing benefits and an opportunity to make a real difference. However, the most exciting thing is you do NOT need a technical background, anyone can get started.

Installing Mobile Apps

Mon, 06/21/2021 - 01:00
Only install mobile apps from trusted places, and always double-check the privacy settings to ensure you are not giving away too much information. Does that mobile app really need access to contacts or need to know your location at all times?

Dark Web

Fri, 06/18/2021 - 01:00
The Dark Web is a network of systems connected to the Internet designed to share information securely and anonymously. These capabilities are abused by cyber criminals to enable their activities, for example selling hacking tools or purchasing stolen information such as credit card data. Be aware that your information could be floating around the Dark Web, making it easier for cyber criminals to create custom attacks targeting you..

Phone Call Attacks

Wed, 06/16/2021 - 01:00
More and more scams and attacks are happening over the phone. Whenever you get an urgent phone call pressuring you to do something (such as a caller pretending to be the tax department or Microsoft Tech Support), be very suspicious. It's most likely a scammer trying to trick you out of money or pressure you into making a mistake. Protect yourself, simply hang up the phone or tell the person you can't help them. You are not being rude, the person on the other line is trying to take advantage of you.

Ransomware

Mon, 06/14/2021 - 01:00
Ransomware is a special type of malware. Once it infected your computer, it encrypts all of your files and demands you pay a ransom if you want your files back. Be suspicious of any emails trying to trick you into opening infected attachments or click on malicious links, common sense is your best defense. In addition. backups are often the only way you can recover from ransomware.

Email Auto-Complete

Thu, 06/10/2021 - 01:00
Be careful with email auto-complete. This is an email feature that automatically completes a name and email address for you when you begin typing it in the TO field. However, your email client can easily complete the wrong name for you. If you are emailing anything sensitive, always be sure to check the TO field a second time before hitting the send button.

Got Backups?

Wed, 06/09/2021 - 01:00
Eventually, we all have an accident or get hacked. And when we do, backups are often the only way to recover. Backups are cheap and easy; make sure you are backing up all of your personal information at home (such as family photos) on a regular basis.