It is no secret that cybersecurity has become an issue that cannot be ignored. Here are a few tips to stay alert in both your private and business activity online:
Beware of spoof emails
Phony emails commonly known as “phishing” remain steady regardless of how many times users have been alerted to the practice. Scammers have become very talented at tricking email recipients into thinking they’re logging into an account when it is, in reality, a clone of the actual website you intend on visiting. Take PayPal for example. You may receive an email asking you to log in and update your business information, but if you’re not paying close attention, you might miss that the URL in your browser’s location bar says peypal.com rather than paypal.com, or some other variation.
The smart approach when receiving any email asking you to log in to an account is to open a new tab and log into that account directly from your bookmarks or a website address. Never click on links from a suspicious email, or anything that even remotely looks legitimate. By only logging in through your known website location (via your bookmarks or physically typing in the URL in the address bar), you can avoid possible phishing activities or tracking.
Also be very aware that this extends to other online entities. If you receive a renewal notice for your website's domain name, for example, log in to your provider directly. Chances are someone is trying to hijack your domain name and charge you a higher rate or even hold it hostage. I have nearly a dozen clients that forward these to me for review on a regular basis asking me if they are legitimate, and 99 times out of 100 they aren't.
With the majority of logins consisting of an email address and password, your password becomes the key to many doors online. You can’t easily change your email address on the fly, and the longer you’re active online, the more likely it is that your email address can fall into the wrong hands. Your password simply must have the strength to uphold security.
A common mistake is using the same password for everything you do online. I am the first to admit I wish things were that easy. However, consider this. If your password for Facebook is the same as your bank, and Facebook has yet another breach in security, you don’t have to think very hard to determine what damage could be done by those in possession of your credentials.
Using a separate password for email and financial institutions can add a layer of security, as well as using a strong password for each one. Punctuation, capital letters, and various numbers can create a string that while difficult to remember off the top of your head can be very hard for hackers to crack. If your dog’s name is Max, your sister was born in 1977, and your phone number in high school ended in 4056. Why not try !Max0000!1977-4056!? This is something that resembles and triggers your memory but adds a few character elements to deter any successful guesses or computer-generated algorithms.
Be extremely aware of how third-party apps are connected to your online presence. These days we are connecting through mobile devices, tablets, watches, and other electronic accessories, which can put your information at risk. Providing login credentials to other apps online can create a loophole for hackers. Example of this being online games or polls through social media or using your Gmail account to log in to other websites. Should that third-party app experience a security breach, whatever that app has been allowed to connect with has also been exposed.
My approach has always been: Always assume it can be hacked and always hesitate before making a commitment to providing any secure information. It is better to be on the edge of paranoid than to be on the end of a security breach that can do damage and create some extremely terrible consequences.