October is National Cyber Security Awareness Month

October is National Cyber Security Awareness Month

The Department of Homeland Security has marked October 2010 National Cyber Security Awareness Month, and for good reason. Last year consumers in the United States lost almost $560 million in online scams, a $265 million dollar increase over the previous year, according to the F.B.I.

To help steer clear of cybercrime, remember the basics, such as hygienic surfing. And always stay suspicious. With the advent of the Twitter worm last month, even Facebook itself is advising its users to be leery of links, pictures, and multimedia data. If you think it might lead to questionable or dangerous content, don’t click it.  Some other tips that will help stay safe include:

  • Never pay for anything upfront online and use a service such as PayPal or a credit card that has buyer protection. Do not link your PayPal to your checking, or any other account that can be immediately withdrawn from.
  • Use different passwords for different sites. That way, if your LinkedIn account is hacked, they won’t have access to your email, your bank and other social websites.
  • If you suspect a website is not what it claims, leave it immediately. Do not click or run any content or software.
  • Do not provide your personal data, such as SSN, credit card numbers, or other confidential information on websites where you can’t verify the security.
  • Log on to the computer with an account that does not have “Administrator” privileges, to reduce the likelihood and severity of damage from self-installing malicious software.
  • Do not connect to “free Wi-Fi” access points. It might be the “evil twin” of a legitimate access point, set up to intercept your logins and online transactions.
  • Do not use cracked/pirated software! These are great avenues for introducing malware into, or exploiting weaknesses in a system. This also applies to P2P (peer-to-peer) illegally distributed audio and video files.
  • If sensitive information is stored on the hard drive, protect it with encryption and by regularly backing up your data to a separate disk and, where possible, a remote site or facility.
  • Do not expect antivirus alone to protect the computer. Use additional measures such as an anti-malware, personal firewall, browser security plugins and anti-phishing toolbars. However, be aware that there is a lot of fake security software out there that can be easily installed on your computer with a click. Sometimes even the best protection might not protect as well as common sense and caution.
  • Ensure your mobile device has security and protection features enabled, such as power on password, inactivity time lock, security settings for cleaning browsers and caches, and antivirus and data encryption, if available. Also, regularly backup your mobile device.
  • Consider how much of your identifying information is posted on social networking sites, such as Facebook, Twitter and others. Are there photos that show the entire layout of your apartment, and everything in it? Is your full birth date disclosed? Oversharing is a bad idea for many reasons; examples are or
  • Be aware of phishing e-mail scams that include website links advertising incredible deals. Rather than clicking on them, type the link of known sites into your browser. Misspelled website names are still around.

With the holiday season around the corner, scammers and con artists will increase their efforts to get into your pockets. In the coming weeks we’ll post some specific holiday shopping tips, but until then, stay aware, keep your PC clean and secure and, most importantly, stay vigilant—that's often all it takes online.

About Ondrej Krehel   |   Cybersecurity and Digital Forensics   |   LIFARS