Cybersecurity Tips to Avoid Spooky Surprises
Follow these rules to keep the monsters at bay.
October is Cybersecurity Month, and as it draws to a close, we want to make sure that our readers are prepared to handle the spookiest cyber threats before they happen. Here is a quick breakdown of our best practices at Compass Digital Labs:
Keep Your Passwords Unique and Complex
If you’ve ever tried to win a costume contest, now is the time to channel that energy into creating your passwords. As the first line of defense against cyberattacks, it’s key that you make your password really, really difficult to crack — meaning it’s at least eight characters long, alphanumeric with special characters, changed with relative frequency, and isn’t used anywhere else.
An even better idea though is using a passphrase. In combination with the above recommendations, you’re theoretically requiring a hacker to spend years of their time to reach their goal.
Unless, of course, you simply give them your password! This leads us to…
If It Looks Suspicious, Don’t Click On It
Phishing is a cybersecurity threat that banks on your trust, usually by pretending to be from a legitimate source, like — insert your favorite identity-stealing horror movie villain here — with the intent of getting you to enter your credentials. According to TJ Smith, CDL’s Director of Security Transformation Team, the request in and of itself is a big red flag: “You should never, ever put your credit card information in an email.”
But what if you’re not totally certain that an email is legit? TJ mentions that, while scams are certainly getting really tricky, you can use his trick to test out a questionable email:
“If you’re concerned, copy and paste the entire email into a word document or notepad to see if any words are different. Suddenly, what looked like a lowercase ‘L’ in the address is actually an uppercase ‘I’. Also, keep an eye on the domain name — something like ‘Google.net’ should sound an alarm.”
He also reminds us that keeping your antivirus software up-to-date is a must, as it’s an additional, and crucial, piece of prevention. Ultimately, phishing is super slimy, and the best thing you can do when you spot a phishing attempt in your inbox is to report it to your IT department before you delete it.
Beyond scammy emails, it’s important to be mindful of links that seem off (which is why it can’t hurt to hover over them to see where they’re leading to) and to protect yourself when you’re on unsecured wi-fi connections.
It’s unfortunate that we have to err on the side of caution, but the thing is…
You’ve Got to Remember that You’re Human
Did you know that 95% of breaches are due to human error? While we may enjoy dressing up as our favorite superheroes, the reality is that a hacking attempt happens every 39 seconds, and that’s a lot for a mere mortal to take upon themselves.
Putting safeguards in place, like multi-factor authentication, can help take on some of the burdens. Along with what we suggested above, it’s also a good idea to not write your passwords down — password managers are a great help — and make sure you’re using encryption when entering sensitive information.
Safety is a Team Effort
We don’t mean to lecture you, dear reader, but ultimately cybersecurity is everyone’s responsibility. (Though, speaking of lectures, here is a great and very relevant Ted Talk!) There are lots of things that we can do to keep ourselves and our organizations safe, there’s strength in numbers, and, hey, knowledge is power!
On that note, if you’d like a deeper dive into cybersecurity from our archives, you can check that out here. We hope you have a great remainder of Cybersecurity Month and have a safe & happy Halloween!
