I am getting posts from the FBI and the Internet Crime Complaint Center (IC3), and received this interesting warning on November 18th of last year. This warning was sent to law enforcement and public officials, but if you have come to the point in your life were you are feeling a bit overexposed on the Internet, these tips can help you too.
For some of us, a few of these suggestions are going to be hard, since many of us are using social networks to promote our business or professional identities. Just remember, it is all a balance. Choose the ones that work for you.
- Use two factor authentication wherever possible, especially on your email account.
- Turn on all social media privacy settings and think about what you are sharing.
- Look at your other online profile settings and limit sharing to people you know.
- When posting to social media, do not provide personal details or location information.
- Do not promote your professional standing in social media.
- Limit posts and comments on social media.
- Use security settings on your personal computers and home wireless network.
- Perform hardware and software updates as recommended.
- Update your security software to limit exposure to new security threats.
- When setting up security questions, don’t use ones where the answers can be easily found online in public records.
- Use passwords of 15 characters or more and change them regularly.
- Do not store your login credentials near your computer. (Personally, I would recommend using a password manager such as LastPass.)
- Be alert to pretexting phone calls (a.k.a “vishing”) from people pretending to be someone you may know or in authority, and looking for information.
- Be on guard against phishing emails, and never click on a link or open an attachment without verifying the source.
- Share these tips with your family. Your security can be compromised by the online actions of your children, or other family members.
- Restrict your driver’s license and motor vehicle information with the DMV.
- Monitor your credit and banking activity. (Brian Krebs is recommending that we get a credit “freeze” to prevent identity thieves from opening accounts in our name.)
- Request that real estate and personal property records be restricted from online searches with your county governement.
- Hack yourself! Perform online searches for your own information to see where you m,ay have information leakage.
It also can’t hurt to learn a bit about “social engineering.” This is when attackers use the phone or email to trick you into parting with your user credentials, credit card number, or other personal information. This is a straight up old school con. This way you may recognize an approach or an attack when you see it, and avoid the incident entirely.
As I like to say, “just because you’re paranoid, doesn’t mean they’re not out to get you.” If these ideas have induced a deep sense of paranoia in you, start at the top of your list and work through them. On Friday we will look at Security-in-a-Box.
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com