I’ve found that users are more engaged in cybersecurity training when you can offer them some cybersecurity safety tips that apply in their personal lives as well as at work. Let’s start with a few of those tips.
E-Commerce Cybersecurity Safety Tips
Let’s start with an easy one: https:// The key here is the s. It means secure. Any website you visit that is asking for money—say, a site for donations or a shopping site—should be using https. Look for it at the beginning of the URL in your browser’s address bar. If you see http:// instead (no “s”) consider taking your business elsewhere.
And you probably know this, but think about your use of credit vs. debit cards. Credit card companies have a longstanding practice of suspending charges that are in dispute. You can get disputed debit card charges reversed, but sometimes it takes longer.
Think twice about storing your payment card information with an online retailer. Yes, it’s much more convenient to store your payment information. But check and see if the online retailer has ever been hacked. Don’t just presume that an e-commerce site will securely store your payment details.
After my checking account was hacked (for the second time), my bank suggested setting up a separate account just for debit card purchases and ATM transactions. Using a separate account this way has kept hackers from getting at my funds, as I keep these in other accounts.
Safety Tips for Social Media
Here are some social media tips, which also apply more broadly.
The best advice for securing your account identity is to use a strong password (or passphrase) and dual-factor authentication. Go here to learn more about that. However, many sites still use the “tell me a secret” authentication method (I made that up). These sites will ask you to answer a “security question” such as your mother’s maiden name, the name of your first pet, etc.
This is one of those seemed-like-a-good-idea-at-the-time ideas. After all, who would know these things? Well, depending on your level of social media sharing, a lot of people might know these things. So here’s a cybersecurity safety tip: answer any of these questions with a nonsensical answer. For instance, when asked to name your first pet, answer “bagel” (unless you happened to have a cat named Bagel!) Even better, answer “bag3l”. This will make correctly answering these security questions much more difficult for a hacker.
The simple cybersecurity safety tip in social media is this: don’t connect with people you don’t know. But even if you follow this practice, it can still be valuable to know how to spot a fake social media account. Here’s a resource for that. And as the occurrence of image “deepfakes” grows, it’s useful to know how to do a reverse image search. I tried this on an account that wants to follow me on Twitter and found the same image in several other (also fake) social media accounts.
My concluding cybersecurity safety tip is this: exercise caution. You don’t have to be paranoid (unless you like being paranoid). But remember that people and things aren’t always what they seem.