Risk Minimization Actions
- Always Be Skeptical
- Whenever on a website/email check out the Sending URL (Uniform Resource Locator aka web address) which can be found at top line of whatever browser you are using (Google, Edge, etc) checking for familiarity or odd/unknown websites. https://www.facebook.com/ could be https://www.fasebook.com/ BEWARE!
- Passwords are the “lock on the door” or the first defense against hacking. Make sure you use unique/complex passwords, more than 12 characters- include as many different characters as possible – caps, lower case, special characters, numbers. Don’t forget to use UNIQUE passwords this mean not duplicating a password from one site to another.
- Secure your passwords file (paper or electronic format) Physically lock down, password protect.
- Muti-factor Authentication (MFA) is the ‘bolt on the door” or the second jump a hacker needs to overcome. When on an internet site enable MFA especially on sensitive areas – go to source (don’t go to link but go to known URL and allow call/text to cell phone to verify.
- Go to source (URL) avoid clicking on links you receive…unless you were aware of someone sending you the link. For example: https://cpeake.com/ is known link.
- Take 5, count to 5…never let yourself feel rushed. If you feel rushed it is probably a scam. Let them wait! Take deep breaths, get a cup of tea. Come back to issue when you feel refreshed.
- Phone a friend…. check in with friends to see if they think the source is real.
- Realize that emails and texts are NOT SECURE… Avoid sending Personally Identifiable Information (PII) via emails/texts. This includes your social security number, date of birth, account number, signature, passwords, etc. NEVER SEND passwords via email or text. Use only secure methods like phone calls or set up prior credentials during a meeting.
- If you must send PII redact it. Remove the majority of the information leaving only the last or first 2-3 digits/characters. Example my number is XXXXXX70.
Verify at least monthly that your device is updating. Most people rely on the automatic updates that most devices can be directed to do in the background with install and re-launch happening off peak hours. It is always wise to check that updates are actually occurring. Not only on your computing devices but also on your cellphone devices. Trust but verify!
Keep your device updated
Lock down every device with a password at least 6 characters long. It is widely known that 4 digits is the easiest password to hack. Especially important on cellphones, laptops and items you use in a public setting.
And finally, try to avoid carrying your license and credit cards physically attached to your cellphone. It is very convenient to put these together until you find your cellphone gone. Then you pay the price in time, frustration and fear!
Pamela Kleczek August 2022