By That second step is a lot harder for a hacker to fake. So, prove it’s you with two … two steps, that is.
Now that you know what it is, you’ll see prompts for multifactor authentication all over. So opt-in. Start with your email account, then financial services, then social media accounts, then online stores, and don’t forget your gaming and streaming entertainment services!
Update your software. In fact, turn on automatic software updates if they’re available.
Bad actors will exploit flaws in the system. Network defenders are working hard to fix them as soon as they can, but their work relies on all of us updating our software with their latest fixes.
Update the operating system on your mobile phones, tablets, and laptops. And update your applications – especially the web browsers – on all your devices too. Leverage automatic updates for all devices, applications, and operating systems.
Think before you click
Have you ever seen a link that looks a little off? It looks like something you’ve seen before, but it says you need to change or enter a password. Or maybe it asks you to verify personal information. It could be a text message or even a phone call. They may pretend to be your email service, your boss, your bank, a friend…. The message may claim it needs your information because you’ve been a victim of cybercrime.
It’s likely a phishing scheme: a link or webpage that looks like a legitimate, but it’s a trick designed by bad actors to have you reveal your passwords, social security number, credit card numbers, or other sensitive information. Once they have that information, they can use it on legitimate sites. And they may try to get you to run malicious software, also known as malware. Sadly, we are more likely to fall for phishing than we think.
If it’s a link you don’t recognize, trust your instincts and think before you click. We all need to Phight the Phish!
Use strong passwords
Did you know the most common password is “password”? Followed by “123456”? Using your child’s name with their birthday isn’t much better.
Picking a password that is easy is like locking your door but hanging the key on the doorknob. Anyone can get in.
Here are some tips for creating a stronger password. Make sure it’s:
- long – at least 16 characters,
- unique – never used anywhere else,
- and randomly generated – usually by a computer or password manager. They’re better than humans at being random.
Make sure you’re not recycling the same password across all your apps and websites. You can use a password manager to store all of your passwords. That way you don’t have to remember them all! If you go this route, make sure your master password is strong and memorable, and secure your password manager account with MFA!
Being cybersmart is contagious.
Our world is increasingly digital and increasingly interconnected. So, while we must protect ourselves, it’s going to take all of us to really protect the systems we all rely on. Being cyber smart is contagious. Take the four basic steps outlined above and help two friends do the same.
For more information, visit CISA’s Cybersecurity Awareness Month Resources page.
