Top Cybersecurity Tips to Stay Safe Online

Cybersecurity Awareness Matters Beyond Work Settings

Cyber threats are no longer limited to corporate networks; they’ve moved into every part of our daily lives. From social media scams to sophisticated ransomware attacks, individuals and businesses alike face constant digital risks. Staying safe means knowing the warning signs, building good security habits, and taking swift action when something feels off.

Back to the top →

Cyber Criminals Scamming on Social Media

Every day, Americans come across scams, whether through email, text, and now, social media.

Most people have a LinkedIn profile to connect and network online with colleagues and other professionals; an Instagram account to connect with friends and family, or a Twitter to stay up to date with the news. Social media can be a valuable tool. However, scammers are taking advantage of this environment to lure unsuspecting victims into scams.

Here’s how it usually goes…

A cyber criminal posing as a professional creates a fraudulent profile and reaches out to their target. The scammer eventually offers to help the victim make money through a crypto investment, starting with small talk over LinkedIn, Instagram, Facebook, and/or Twitter messaging.

Interviewed victims say that since they received the messages on a trusted platform, they tend to believe the investments are legitimate.

How to stay ahead?

• Protect Your Information
  Do not give out any financial information or click on any suspicious links. Keep your eyes open for red flags on social media.
  
  
• If It Looks Too Good To Be True, It Probably Is
  Scammers rely on you having your guard down, and they use enticements and threats, often with a false sense of urgency, to bypass your natural suspicions. If you feel like nothing adds up, always trust that feeling.
  
  
• Verify Requests
  When cyber criminals successfully hack an account or gather enough data they will often pose as a co-worker or acquaintance. By appearing as someone you trust, they have a better chance of tempting you to click on a link, share information or even potentially send money.

Did You Fall for a Social Media Scam? Do This!

With 25% of all fraud victims getting scammed on social media, there’s a good chance that you could become a victim. Here’s what to do if you’ve been scammed on social media.

If scammers took over your social media account:

1. Request a password reset email from the social media service. Each site and app has a different process for recovering a hacked account.
   
   Once you regain access, force any unfamiliar sessions to log out. For example, check your “login activity” and look for devices or locations that you don’t recognize.
   
   
2. Then, update the email and phone number associated with your account, and change your passwords.
   
   
3. Enable 2FA on your account and use an authenticator app such as Authy (instead of text or SMS).
   
   

Back to the top →

Signs You Have Been Breached

Despite your valiant efforts to protect your network and data, sooner or later you may suffer a breach.

Since you're ultimately responsible for keeping your computer and systems out of harm's way, it is important to recognize the signs of a breach in order to minimize the damage quickly and effectively.

1. Website Defacement

This is a breach where a hacker vandalizes your system. This kind of breach is commonly seen on websites. The hacker will "graffiti" a business's website to display an ideological message, promote a hacker or group, or distribute malware to unsuspecting victims who visit your site.

Taking Corrective Measures
Take the next steps if your website falls victim to defacement:

Step 1: If your site is hosted or maintained by an external party, notify them as soon as possible and have them take the necessary steps to remediate the problem.

Step 2: Reset all passwords to website administrator accounts.

Step 3: Replace all files located on the website server with files from an isolated or standalone backup source.

Step 4: Consider temporarily removing or quarantining your website until the situation has been rectified and all website links created by the hacker have been removed.

2. Malware Infections

Your device seems slower than before. That's right! Where we normally attribute poor speed performance to the age of the device, poor internet connection, or the latest update download... malware could actually be the cause.

Malware running on a computer can slow down a device's connection to the internet or even internal networks. So, how can you tell if your device is running slow due to malware or due to a more common issue like you're running low on memory? You can run your Task Manager for Windows or Activity Monitor for Mac to see if malware is interfering with these programs. If they fail to run, your computer may be infected.

Another program that gets impacted by malware is the Registry Editor. If this fails to run, malware infection may have occurred. As always, immediately reach out to your IT team if you suspect your computer has been compromised.

3. Compromised Email Accounts

If you start noticing that your colleagues and friends are not receiving your emails, or your emails are bouncing back as spam. You may have been breached.

Someone or something has altered your email configuration in order to turn over your messages through another server that allows the hacker to read or change your email content causing the receiver's security systems to flag it as dubious.

As we have mentioned before, you don't have to receive a ransomware message or have a complete meltdown of your device to have been breached. Little things like...

• • Your device suddenly restarts
  • You are routed to the wrong website or to bad websites
  • Your hard drive light never turns off
  • Your language settings are changed
  • Pop-ups start appearing
  • Unexpected charges on your phone or internet bill
  • Unexplained increased use of data, text messaging, or network traffic

These things can be signs that malware has infected your device(s).

You have a greater chance of preventing a hack or recovering from an attack if you can identify the signs of one. Unfortunately, most people ignore the warning signs of a cyberattack until it’s too late.

Back to the top →

The Password Problem & How to Solve It

Coming up with passwords can be an annoying task, right?

Passwords can be a hassle, especially when so many different accounts need them. Cybersecurity experts recommend changing your passwords regularly to make your accounts more secure. Here is how you can create passwords efficiently:

Bruce Schneier's Password Method

Bruce Schneier is a cybersecurity expert who created a method for creating strong passwords. The method involves taking a memorable sentence and turning it into a password.

It could be a short quote, a song lyric, the title of your favorite book, or just a phrase that is memorable for you.

Here are a few examples:

• My pet patches is a pug = MYp!P@iSaP?
• I love peanut butter pretzels = 1<3PnUt.Btt3r.PtZL!
• Try bathing your dog once a day =TbURd1@d 

   

Online Password Generator

You can get a strong randomly generated password with an online password generator. The PasswordsGenerator.net is a valuable tool to get yourself a strong password.

The site allows you to choose the length of the password and if you would like special characters, uppercase letters, or numbers.

These passwords are nearly impossible to guess, which is great to ward off hackers, but not so great if you don’t write the password down somewhere.

Cyber Tip Takeaway

• The longer the password, the better — we recommend at least 12 characters
• Don’t use memorable keyboard paths (ex. QWERTY)
• Use a unique password for each account you have
• Don’t use personal information

Keep your passwords strong!

Back to the top →

Keeping the Workplace Cyber Safe

According to a recent study by Sophos, 66% of companies suffered a ransomware attack in 2022.

The amount of attacks has increased by 75% compared to the previous year, indicating that cyber criminals have become significantly more capable of deploying large-scale attacks.

We’ve gathered the most effective and essential cybersecurity safety tips to keep in mind for prevention and risk mitigation.

Cybersecurity Tips for Prevention and Risk Mitigation

1. Use a Password Manager
Password managers generate unique complex passwords for each site and service. Don’t use the same password for multiple sites; always use a unique mix of upper- and lower-case letters, numbers, and other characters. The password manager also provides a secure place to house and organize those complex passwords.

2. Use Multi-Factor Authentication
Multi-factor authentication is used for additional layers of security and to make sure important accounts aren’t easily hacked if the passwords are cracked. Preferentially, use non-SMS-based MFA options.

3. Back Up Data Often
If data storage is ever compromised, you’ll have the best chance of recovering that data if you have a secure backup. Be sure to back up regularly so new data is saved. Utilizing automated backups is an easy way to be sure your backups are up-to-date.

4. Monitor Your Network for Suspicious Activity
Monitor your network so that you can catch on to an attack early enough to reduce the damage. Reacting to suspicious activity early on can save you time and money.

5. Be Wary of External Devices
Keep in mind, some devices such as hard drives, flash drives, and smartphones can infect your computer when plugged in. Be cautious of where your personal devices are being plugged in and avoid connecting your devices to public computers if possible.

6. Never Share Sensitive Information with an Unauthorized Party
This may sound obvious but all too often employees feel some sort of social pressure when someone else asks them for information (this applies to people within your organization too). If there’s any doubt, say no and consult a manager/supervisor for permission.

7. Don’t Underestimate Hackers’ Interest in Your Company
Breaches and attacks affect organizations of all sizes, including start-ups and small businesses. Many offensive security tools indiscriminately scan the Internet for vulnerabilities in services, remote access, and web applications.

Back to the top →

Creating a Cyber-Aware Culture

Engaging your employees in cybersecurity is a complex but crucial endeavor. Despite common misconceptions, cybersecurity remains one of the most vital components of any business.

Promoting a culture of cybersecurity is key to keeping your organization safe and secure in the digital age. Between phishing attacks, business email compromises, social media scams, and credential theft—it is imperative that your employees be educated and prepared.

Building a 'human firewall' is thus critically important.

Engaging Employees in Security

1. (Personal Benefits) Show them what’s in it for them
Highlight how cybersecurity training can protect not only the company but also the personal accounts of employees. Emphasize the value of the information for their own safety and security.

2. (Universal Risk) Educate them that no one is immune
It’s not a question of "if" but "when" a cyber attack happens.  Make it clear that it can happen to anyone. Employees need to know how to respond swiftly and effectively to minimize damage.

3. (Reporting and Mitigation) Teach them to report and shut down cyber threats
Along with the above, ensure that there is a structured and accessible training plan for employees, and keep it updated. Regular security training and simulated attacks can be invaluable in ensuring employees know what to look for and are always staying alert.

4. (Onboarding Training) Incorporate awareness training as part of the new hire process
Cybersecurity awareness should start early. Integrating it into the onboarding process is effective, especially as new employees access accounts, create passwords, and familiarize themselves with company procedures.

Training & Testing for Readiness

AUTOMATE IT - Implement weekly tips and reminders to keep cybersecurity top of mind.

TEST IT - Use simulated phishing attacks to regularly assess your employees' skills.

OUTSOURCE IT - Engage cybersecurity professionals to provide comprehensive training.

Persuading employees to prioritize cybersecurity is challenging amidst their own tasks and deadlines. However, never underestimate the importance of training and educating them about their role in the organization's cybersecurity.

Back to the top →

Top 5 Cybersecurity Tips for Online Shopping

Nowadays, we spend much of our time online, whether working, learning a new skill, or shopping, and the number of scam opportunities online are limitless. Stay safe while online shopping with these top 5 practices:

1. Use Caution When Shopping Online

Only use secure devices that belong to you and secure WiFi/networks when shopping online. Opt for a third-party payment service where you don't need to give the merchant your credit card information directly (PayPal may be a good way to avoid having your card info stolen or hacked).

2. Only Shop on Secure Sites to Avoid Scams

A secure site's URL should start with HTTPS, not HTTP. Look for the lock icon in the search bar.

3. Phishing Scam Awareness

Make sure you, your family, and your employees are educated about the signs of a phishing scam: Slow down and evaluate emails carefully before clicking or taking action on any offer.

4. Keep an Eye Out for Strange Requests

Spelling and grammar mistakes, flashy clickbait content, and other things that may seem “off.”

5. Be Careful on Social Media

Refuse to transfer money, send gift cards, or wire money to anyone you meet online. If you want to shop for an item you saw on a social platform, we suggest going directly to a verified website.

Bonus Tip: Ensure Safe Delivery of Your Packages

Your online shopping experience doesn’t end when your order is submitted – and safe delivery of your packages is key. Here are a few tips to help ensure you get what you ordered:

• Track your package step-by-step by signing up for shipping email or text alerts.
• Consider installing a smart doorbell camera to deter theft and get real-time alerts.

Back to the top →

Building Everyday Cyber Resilience

Cybersecurity isn’t a one-time checklist—it’s an ongoing habit. By learning to spot scams, securing your devices, and fostering a culture of awareness, you reduce your risk of becoming a victim. Whether you’re shopping online, logging into work systems, or networking on social media, every action you take to protect your data is a step toward a safer digital life.

Cut through the noise. Our Cyber Roundup e-Newsletter makes the complex world of tech and cybersecurity simple, reliable, and easy to understand. Sign up today.