Security & Safety Resource Center

When someone interferes with your interactions with another party typically on a website or application, a man-in-the-middle attack may be involved. It could be monitoring your traffic via a non-secure public Wi-Fi connection or sending you to a compromised website. To stay safe, make sure your URL bar always displays HTTPS when conducting sensitive transactions, also encrypt your traffic with a VPN.

Self-driving vehicles are becoming increasingly popular. Because they’re connected to the internet, autonomous vehicles are susceptible to being hacked. One of the easiest ways for a hacker to infiltrate an autonomous vehicle is through “GPS spoofing,” or when they use radio signals to disrupt the car’s navigation system. This method tricks the car into thinking it has reached the destination when it really hasn’t. Turning this feature off when not needed is the best way to deter such a threat.

Cold wallets aren’t connected to the internet, which renders them much safer than other digital wallets. They generate public and private keys, which are printed on a physical piece of paper. Any crypto stored on the cold wallet can only be accessed if you have that paper’s keys in your possession. Other than the blockchain, paper wallets have no corresponding hardware or software, which renders them far safer than other crypto storage methods.

Paperless offices depend on a reliable digital solution to manage their files. More importantly, they need to keep sensitive information out of harm’s way, including malicious hackers who want to extort them with ransomware. Storing digital files in a protected system is a good way to protect them from outsiders. Take this one step further and set specific access privileges for your critical files, allowing you to see exactly who is attempting to open which files on your network.

Small businesses increasingly need digital payment methods to satisfy their customers. Hardware, like digital chip readers, are bridging this gap for business owners. To protect transactions, look for a chip reader with end-to-end encryption built into the device.

Many times, just entering a couple of letters in the “to:” field of an email often results in your email client filling an auto-completion. Sometimes it may be great feature, but one that may backfire. It might for instance, result in you mistakenly sending sensitive information to someone who shouldn’t have received it.

Many businesses are digitizing their records to streamline workflows, improve productivity and make important documents easier to retrieve. Most importantly, digitizing physical documents is a great way to ensure they don’t go missing. To do so securely, use a document management system (DMS) to store important files in one cloud setting. A good DMS can encrypt data when documents are transferred between authorized persons. They’re an essential barrier between your sensitive information and an intruder.

TikTok took the world by storm in recent years and, in turn, has become one of the most widely used social media platforms on the planet. Of course, this also represents an equally growing risk to privacy and security . To mitigate this concern, make sure your account is set to private. This allows only your followers to see your videos. Moreover, you can also turn off comments, allow only friends to send you messages and prevent the app from suggesting your account to others.

Many games now include in-game currencies and microtransactions through which players can obtain new items or features. Scammers attempt to take advantage of these systems by selling fully-upgraded accounts to unsuspecting kids for real-world money. To keep children safe while gaming, instruct them about the risks of in-game purchasing. Teach them what a legitimate microtransaction looks like and how to spot and avoid fraud. Most importantly, be sure they understand they should never attempt to purchase somebody else’s account or sell their own. If they do, it could open a door into your family’s personal and financial information.

Instagram is a great form of communication for millions of people, but that also makes it a target for bad actors. Some scammers send phishing attacks through the app’s messaging feature to unsuspecting users. To avoid these threats, you can choose not to receive messages from people you don’t follow whatsoever. Here’s how it’s done:

• Navigate to the setting tabs on your profile.
• Go to Privacy.
• Select Messages.
• Tap and select how you want to be contacted by each potential communication.

Online job boards can be very helpful when looking for work. Most, if not all, allow you to upload your resume directly to the service so that recruiters and employers can take a look. After finding employment, it’s best to go back and retroactively remove your resume from each job board it’s posted to. If those services were ever compromised, your information could fall into the hands of malicious parties.

Many companies are now allowing users to decide at what point data should automatically be deleted from their account history. For example, users can choose to have Google delete their information after 3, 18 or 36 months of storage. Here’s how to do it:

• Log in to your Google account.
• Click Data & personalization.
• You’ll now see a breakdown of the activity being stored on your account with options to auto-delete each category.

Many people like to share their streaming services with friends and family. While doing so can be a kind gesture or favor, it also puts privacy at risk for all parties involved. When you give a friend access to your account, your privacy hinges upon their cybersecurity just as much as yours. If they click a bad link, download malware or are compromised any other way, your shared account could be jeopardized, too. In turn, that can lead hackers straight toward you and your information. Avoid this risk altogether by keeping your Netflix account to yourself.

Retro gaming can be an exciting and fun blast from the past. However, some nostalgia trips are more costly than others. Older games were made with less advanced and secure technology. Emulators – replicas of classic games – are also available to download for gamers looking to enjoy their favorite childhood games, but not all are created equal. Be mindful of where you’re downloading an emulator and who is providing them. Check online to ensure they’re reputable and safe before installing them to your console or PC.

This is especially critical for large, enterprise-grade organizations that might deploy many IoT devices across their infrastructure. Each and every device, whether it be a sensor or a tablet, is an endpoint that can be compromised by a hacker. In turn, they could lead straight toward more critical areas of your network and jeopardize sensitive information. It’s best to keep a running log of all known IoT devices connected to your network. Running a routine audit will be much more effective when personnel know which devices aren’t meant to be connected.

Social media sites like TikTok and Facebook have a seemingly never-ending selection of settings you can tweak for security and privacy. Please don’t leave the defaults on – take a little time and review the options, find options that limit who can see your data and reduce your overall exposure. A good example is TikTok’s option to mute specific accounts.

Smart TVs provide a wonderful array of entertainment, but they’re also an entryway into your home network. In the time that a smart TV has been manufactured, packaged and shipped off to a distributor, there may have already been several security updates released by the developer. To rest assured that your network is safe, download the latest updates as quickly as possible before you sign into any accounts or input any information.

If one thing is for sure, piracy is rampant on the internet – especially when it comes to movies. It may be easy to find pirated movies online, but they often come at the expense of your cybersecurity. Such illegitimate websites often contain hidden malware and other threats. Protect yourself from these threats and stick to reputable streaming services on movie night.

It’s best practice to backup your most important data before any updates. If there should be a technical malfunction during the upgrade, you will at least have a backup to fall back on. An additional advantage is that you are at less risk when you update your applications and operating systems.

File sharing services are major boons to productivity, especially given the increasingly hybrid workplace. Businesses depend on seamlessly sharing documents to collaborate without a hitch. However, file sharing also raises many cybersecurity challenges. Employ a file sharing service that offers end-to-end encryption; a feature that ensures sensitive data is protected from bad actors or unauthorized users. You should also check permission settings on all files to ensure they aren’t being shared through public links.

Did you know that your eReader can be hacked? Just like any web-connected device, eReaders like Amazon’s Kindle are still susceptible to cyber attacks. Hackers most often attack endpoints – computers, smartphones or tablets – to later gain entry into the target network. That’s why it’s important you only download books from verified sources, like Amazon or Apple Books, rather than third-parties. Otherwise, you could open a doorway into you and your family’s privacy.

When cruising the internet on a PC or Mac, you’ll eventually run across websites imploring you to click a link or button to download a program. You should avoid most of these programs. Increase your security by setting your device to only run programs from the official app store for its operating system (OS), or from trusted developers registered with the official OS developer.

Teach children how to be responsible online, explain the risks of technology. Because the nature of the internet is so anonymous, it is easy for people to misrepresent themselves and manipulate or trick other users. Children present unique security risks when they use a computer—not only do you have to keep them safe, but you also must protect the data on your computer. By taking some simple steps, you can dramatically reduce the threats (see Keeping Children Safe Online for more information).

One of the best-known email scams the “Nigerian prince” scheme is important to recognize, but it’s hardly the only one. Some others to keep an eye out for include emails purporting to be from government agencies (which almost never communicate with individuals in this manner) and communications from Internet service providers (ISPs) and software companies, if they claim to include software updates that would almost never reasonably be distributed in this method.

Basically, encryption is a way to transmit a message in code. The only person who can decode the message is the person with the right key; to anyone else, the message looks like a random series of letters, numbers, and characters. Encryption is essential if you are trying to send sensitive information that other people should not be able to access. It’s very important to add this extra layer of security to sensitive information, because email messages are sent over the Internet and may be seized by an attacker.

Network segmentation is when you divide your computer network using a bridge, switch or router. In essence, you split your network to control the flow of traffic in each separate part. When it comes to security, segmentation prevents a hacker from moving laterally across your network. Put simply, it limits how far their attack can spread, thus reducing the damage overall.

Around are many established ways to make your passwords stronger, including the use of password managers to automatically create and store all your logins. As an alternative, you can try using your own terms by thinking of nonsensical phrases – e.g., “the Seahorse and the Plumber were preparing four pancakes!” and abbreviate it into a string (tSatPwp4p!) that can be a unique, strong password.

Skills – essentially apps – can be downloaded to an Alexa device to teach it new capabilities. Although useful, many of these skills are created by third-party developers, a lot of which don’t have complete privacy policies. In other words, there’s not always a guarantee how that developer will use your data. More importantly, Amazon doesn’t verify many developers on their skills store. Users, in turn, could fall victim to phishing scammers posing as legitimate developers.

Malicious bots are automated programs that are designed to infect hosts and steal information. File-sharing and spam bots are the two most common types that pose a risk to personal or corporate security. The former tricks users into clicking a malicious link, while the latter floods the user’s inbox with spam mail, making it easier to identify. In addition to antivirus software, monitor your logs to proactively tackle bots before any critical damage is done to your data.

As tough as it is to believe, some cyberattacks originate from inside the company under attack. Whether it be a malicious insider or a careless employee, plenty of data breaches occur from within an organization. To safeguard against insider threats, enforce strict security policies and deploy a smart security system to increase network visibility. Keeping track of employee actions on your network is a good way to thwart any nefarious activity.

Romance scams target unsuspecting users by fooling them into a relationship with their false identity. They often solicit money from their victims via blackmail, extortion or manipulation. Avoid being scammed by reverse image searching their profile photos. This can give you an indication that their photos are either legitimate or stolen.