Cyber Security Awareness Month Observed every October, the annual Cyber Security Awareness Month is committed to encouraging personal accountability, securing behaviors, and maintaining digital privacy in the cybersecurity landscape. This initiative was created as a joint effort between government and industry providing resources to stay safe and secure online.  This October we are focusing on current trends and following good security habits. Magic Words and Passwords We start the month with a look at how Passwords are similar to Magic Words (by Wizer) and having a single Magic Word/Password to open everything is not a good idea.     (this video plays directly on the Wizer website) Now that you have seen what having one "Magic Word" for all your accounts can do. Choosing and not sharing your "Magic Word" or Password is just as important. Watch this real-life video from Jimmy Kimmel Live about passwords and how people tend to create bad passwords and easily give those passwords away when asked. https://appdirectory.curry.edu/videos/Jimmy-Kimmel-Live_What's-Your-Password.mp4 (Jimmy Kimmel Live 2015) Hope you have enjoyed the two short videos and learned that Passwords are like a "Magic Word" and you should make sure that is Strong, Unique, and never share it. Here are some tips on how to have a strong unique "Magic Word" and its use. Having a unique long and strong Magic Word (Password) is important. Did you know that a computer can crack an 8-character password in seconds whereas a 14-character password with complexity (upper and lower case, a number, and a special character) takes centuries to crack? You ask, how can anyone remember a long complex Magic Word (Password)? Use a Passphrase. A Passphrase is a string of words, it can be just as simple as 4 random words together to make a memorable Magic Word (Password). Below are tips on how to make it memorable, unique, and strong. How to create a strong memorable Magic Word (Password) Make your passphrase funny so it will be easier to remember (do not use this example as your password) dogridingsmallbicycle Now add in complexity (upper and lower case, a number, and a special character) dog RIDING 24 small bicycles Great. Now you have a strong memorable Magic Word (Password). Keep in mind the following things when creating a Magic Word (Password). Don't use personal information like your name, birthday, or pet name. Don't use known phrases from a song, common saying, or book. You would need to change part of it to make it unique. Do have a unique Magic Word (Password) for every login. Have trouble with all those unique Magic Words (Passwords)? Use a password manager to remember all of your Magic Words (Passwords). If you are reusing Magic Words (Passwords) it is time to stop and update the most sensitive ones first. Like your bank, Curry credentials, email, and social media accounts. Lastly, regardless of how strong your Magic Words (Passwords) are, you should enable Multifactor Authentication (two-factor or 2 step authentication) wherever it is available, so if anyone steals your Magic Word (Password) it will not be enough to log in to your account. Observed every October, the annual Cyber Security Awareness Month is committed to encouraging personal accountability, securing behaviors, and maintaining digital privacy in the cybersecurity landscape. This initiative was created as a joint effort between government and industry providing resources to stay safe and secure online.

Observed every October, the annual Cyber Security Awareness Month is committed to encouraging personal accountability, securing behaviors, and maintaining digital privacy in the cybersecurity landscape. This initiative was created as a joint effort between government and industry providing resources to stay safe and secure online.  This October we are focusing on current trends and following good security habits. Phishing – Phone calls, Text messages and QR Codes Scammers are always looking for new ways to get your personal information, access to your online accounts, and money. Sometimes they pretend to be your bank or even a member of Curry. Sending you a request through email, social media, or even text message. Check out this video with a twist on Shaggy's song "It wasn't me". If you don't take the time to confirm a request is legitimate you could be giving away your information or money to a scammer. (Emirates NBD 2019)   Scammers also use are public places to take your personal information and money such as using Fake QR Codes. Why? Most people are not aware of the risk scanning QR codes in public places and trust it is associated with that public service. Places like parking meters, parking garages, and even restaurants. Always verify a QR code before providing any sensitive information when using one. Watch this video from ABC7 Chicago on Fake QR Code TIPS, (ABC7Chicago plays directly on ABC7 Chicago - may have Ad) Bottom line for any request is to verify,  If you don't recognize the sender or the message, QR - Don't scan the code.  SMS/Text Message - Don't open the link Phone Call - Hang up Confirm the Source If you receive a Text Message, Phone Call or QR code from a company you know and trust you should contact them directly to confirm its legitimacy before scanning. For physical QR codes you should check for stickers pasted over a public display. Spot the Phish Just like email phishing attempts with be wary of any request via phone, text or QR codes that create a sense of urgency, appeal to your emotions, or have poor grammar.   Review QR code URLs carefully and make sure the URL matches the website you expect to visit before scanning.  Watch out for personal info requests Don't give out sensitive information, such as login credentials or credit card numbers, to a website you reached through a Email, Text Message or QR code without verify it is legitimate.  Want to see if you can spot a phish? Visit the google phishing quiz site. https://phishingquiz.withgoogle.com/ Observed every October, the annual Cyber Security Awareness Month is committed to encouraging personal accountability, securing behaviors, and maintaining digital privacy in the cybersecurity landscape. This initiative was created as a joint effort between government and industry providing resources to stay safe and secure online.

Continuing with good security habits and using sound judgment. Human Error has been identified as the leading reason for most security incidents. Watch this Mimecast sketch and see where Human Error should be replaced with Sound Judgment. After watching, see if you can reduce Human Error with your day-to-day activities.      (Mimecast-Human-Error-vs-Sound-Judgment) Tips on how to reduce Human Error:   DO Know your data. Use added caution to protect data that is sensitive, whether it is on paper or digital. Pay attention to opening email links or attachments. Make sure it was something you expected, and you know who sent it.  Be careful not to provide/give away sensitive data. Don't be fooled. Always confirm who you are sending the data to, and it is someone who should be receiving the sensitive data. Avoid using weak passwords or storing passwords in unreliable places; Such as plain text (word, excel, email, phone, google) or even on sticky notes on the office desk or around the house.  Use Multifactor for all services that you have access to. (i.e. bank login, personal email, social media, personal cloud storage, etc.) Encrypt sensitive data whenever possible. Understand how to encrypt or protect sensitive data. Back up and secure important data. Now for the DON'Ts Do not use outdated software: Do not ignore software updates. Do not download unknown or illegal software they could be malicious or have an adverse impact on your machine. Do not plug in insecure devices, like unknown USB storage devices they could contain viruses. Do not connect to open public Wi-Fi it could be malicious. Use a VPN (Virtual Private Network) or connect to your own private hot spot. Observed every October, the annual Cyber Security Awareness Month is committed to encouraging personal accountability, securing behaviors, and maintaining digital privacy in the cybersecurity landscape. This initiative was created as a joint effort between government and industry providing resources to stay safe and secure online.

Cyber Security Awareness Month Observed every October, the annual Cyber Security Awareness Month is committed to encouraging personal accountability, securing behaviors, and maintaining digital privacy in the cybersecurity landscape. This initiative was created as a joint effort between government and industry providing resources to stay safe and secure online.  This October we are focusing on current trends and following good security habits. Phishing and Scams Using AI (Artificial Intelligence) Last week we saw how Human Error has been identified as the leading reason for most security incidents. This week we look at how AI is now used to scam you. Phishing does not just happen through email, it can be over Text, Phone and even social media. With the evolving AI scammers are making it harder for you to detect these scams. Watch this NBC news video and see how easy it is to clone someone's voice from a family member, a friend, a co-worker, even your boss. Pay attention to the things that you can do before you get scammed out of your money or personal information. (NBC News AI Voice Clone Scam - plays on YouTube may have Ad) Tips to prevent being scammed by AI phishing: DO Pay attention - Be skeptical of any request for money or personal information. Anyone's voice can be mimicked. Confirm. Do not be fooled. Always confirm by calling the person back on a known number. Safe word - Pause for a second and ask a personal question that person would know. What did you have for dinner? Or something that happened the last time you saw them. For family members it could be setting up a secret word or phrase they can use when in distress. Now for the DON'Ts Do not trust caller id number it can be spoofed. This is true for Text messages, Phone calls. Do not trust any request for money, gift cards or personal information. Phishing Scams that come over text can look like this using AI to create better sounding text messages. Do not be fooled. Some tips on protecting yourself from AI Text Scams Urgent or Threatening Requests: Be skeptical, scammers use urgency to pressure you into giving personal information, buying gift cards, or even sending money. Unsolicited Requests: Legitimate organizations do not request sensitive information via text messages. Such as unexpected job offers, internships, fines to be paid, or requesting credentials for user accounts. Suspicious Links: Just as we saw with QR codes, refrain from clicking on links within text messages unless you have confirmed the link is legitimate. Instead, visit the website directly and log in from there. Don't Respond: Unsure, do not reply to the message or engage with the sender in any way. If you think the message is legitimate, always confirm by calling the person directly on a known number. For links go directly to their official web site and do not use the link in the text message. Observed every October, the annual Cyber Security Awareness Month is committed to encouraging personal accountability, securing behaviors, and maintaining digital privacy in the cybersecurity landscape. This initiative was created as a joint effort between government and industry providing resources to stay safe and secure online.

Cyber Security Awareness Month Observed every October, the annual Cyber Security Awareness Month is committed to encouraging personal accountability, securing behaviors, and maintaining digital privacy in the cybersecurity landscape. This initiative was created as a joint effort between government and industry providing resources to stay safe and secure online.  This October we are focusing on current trends and following good security habits. Reject and Verify As we wrap up cybersecurity awareness month, we leave you with a message that you can use anytime you feel pressured or unsure of a request. Reject and Verify. Watch this video and remember it is a good habit to question any request especially if the request is for money, personal information, or access to your online accounts. After you watch the video you can test your knowledge on Phishing with the link below the video. (Vikki Beretta Comedy Sketch - plays on YouTube) Test your phishing knowledge Google Phishing quiz - Jigsaw https://phishingquiz.withgoogle.com/ Observed every October, the annual Cyber Security Awareness Month is committed to encouraging personal accountability, securing behaviors, and maintaining digital privacy in the cybersecurity landscape. This initiative was created as a joint effort between government and industry providing resources to stay safe and secure online.