October is Cyber Security Awareness Month. It “… is an internationally recognized campaign held each October to help the public learn more about the importance of cyber security. The campaign helps Canadians stay secure online by teaching them simple steps to protect themselves and their devices.”
This post will mention some things that everyone can do to reduce the risk of a hack — whether for your own personal safety or that of your employer.
Despite attempts to replace passwords, they will be around for a long time.
Password hygiene
Good password hygiene is a must. Make sure your passwords are not ones that hackers can easily break. Don’t use common passwords like “password” or “123456”. Or single-word passwords like “starwars”. Make sure a password is complex enough and long enough that it would take a long time to crack. This chart shows types of passwords that can be cracked instantly, compared to those that would take untold years. Ideally, use a password manager to generate and save long complex passwords. Such as this one that a password manager created: Ly8Q%mc@xdz8XP9wE.
Don’t reuse passwords
Make sure not to reuse a password for more than one login. Given the number of successful hacks over the years, it is almost guaranteed that every one of us has a username and password for something available to hackers. A common attack uses that information to try a person’s known password on other sites. This is called credential stuffing and can be used by hackers to gain access to whatever accounts you have that use the same password. It is a common way to gain access to business email accounts and engage in business email compromise or get access to your bank account. It is suspected this was the compromise behind the recent 23andMe hack.
Common scams
There are a myriad of scams. This Kaspersky article lists 11 common types. It seems like hardly a day goes by without hearing about a victim. A common thread is a sense of urgency to do something. If it seems to be from someone you know, be wary if it seems out of character. A major red flag is any request to send money for any reason or to change where to send money. If anyone calls or emails asking for any kind of financial or personal information, it’s probably malicious.
David Canton is a business lawyer and trademark agent at Harrison Pensa with a practice focusing on technology, privacy law, technology companies and intellectual property. Connect with David on LinkedIn and Twitter.
Image credit: ©Sergey Nivens – stock.adobe.com