Being Cybersmart is Always in Style
In 2022, the Security team at Microsoft published a cybersecurity awareness campaign named “#BeCyberSmart”. Even though that was two years ago, the same best practices still apply. Cybersecurity is an important part of our daily lives and can enable us to accomplish more while keeping our data and identity protected.
Be CyberSmart
Security starts with awareness. Here are some tips to help you stay safe online.
Phishing: This is usually in the form of an email, website, or text message that lures you into giving away confidential information about yourself or your organization.
How to avoid taking the bait
- Inspect the sender’s email address and look for verifiable sender contact information. If in doubt, do not reply. Start a new email to respond.
- Avoid clicking on unexpected links and opening untrustworthy email attachments.
Scams: Tech scams often make you think you need to “fix” a nonexistent problem or will request a ransom payment.
How to protect yourself from a scam
- Be aware of unsolicited tech support calls and error messages requesting urgent contact.
- Do not follow guidance to download software from an email or third-party website.
Devices and data: Protecting devices is important for safeguarding your emails, accounts, and data and avoiding identity theft. Out-of-date devices and software are a leading access point for attackers.
How to protect devices and data:
- Be skeptical of messages with links, especially those asking for personal information.
- Enable the automatic lock feature on all your mobile devices and update the software immediately.
- Enable multifactor authentication on your apps and accounts when available.
Signing-in: One of the most important ways to improve the security of your online accounts is to protect your sign-in process.
How to protect your identity:
- Use a password manager or consider going passwordless (using identification such as fingerprints, facial recognition, or hardware token code instead of providing a password).
- When going passwordless is not an option, create strong passwords, or better yet, use passphrases. Passphrases are more robust and easier to remember than the general old advice of using at least 12 or more characters.
Watch out for Artificial Intelligence:
Criminals have started using Artificial Intelligence (AI) to refine their crimes. The success of this has resulted in some alarming trickery, leading to a substantial financial loss for one company. Criminals don’t always need to make millions to satisfy their quota. Anyone can be a target. Even though AI is an assistive tool, the criminal’s goal still remains the same: to trick you into using the same old social engineering methods.
How to protect yourself:
- If you receive a phone call from someone you know asking for money, make an excuse and hang up on them. Then, call the person back at the number you have on your contact list to confirm that the call is legitimate.
- Never trust your caller ID. Setting up a fraudulent caller ID is simple, and AI is making it a simple task for fraudsters.
- Don’t rely on poor grammar or misspellings as a hint of a fraudulent email. Criminals are using the same AI grammar tools as everyone else to craft compelling messages.
The Microsoft BeCyberSmart campaign is as relevant today as it was when it was first released. The overarching message in the campaign title remains as important as ever: Be Cyber Smart!