Home > Publications > Non-Technical > Cyber Security Tips for The Holidays

Cyber Security Tips for The Holidays


                                                                                                     
 
            
The holidays are approaching fast and everyone wants the convenience of  shopping online. Before making that online purchase ensure your computer is secure from unauthorized intruders (malware-worms, viruses, bots, etc). Users and software companies are becoming more cautious when visiting websites or downloading applications because malicious programs are on the rise. Everyone must work together to encourage good computing habits through best practices to prevent malware. When increasing the user’s knowledge/awareness when a new vulnerability occurs; it decreases the number of infections. Common computer best practices include: installing/updating antivirus software, turning the firewall on, patching the operating system, securing your passwords, using SSL secure websites (credit card transactions), and recognizing e-mail/pop-up scams. Users must be diligent and apply these best practices at all times when surfing the Internet, if not the result could be an infected/compromised computer.
 

Anti-Virus/Anti-Spyware is software that attempts to identify/block/remove malicious programs (virus, worms, bots) from compromising your computer.

  • Install anti-virus/spyware software to protect the computer from being compromised.
  • Set the anti-virus/spyware to update automatically to combat new fast spreading worms, viruses, and bots that are released every day.
  • Scan your computer frequently to prevent hidden worms, viruses, and bots from compromising the computer. 
  • If a virus/spyware is found research it and try to remove the infection using the anti-virus/spyware removal tool.
Firewalls are a barrier between the computer and the Internet. All machines that use the Internet should use a firewall.
  • Software firewalls are programs that allow or deny network traffic to pass to/through the computer. The user is responsible for entering specific web address to allow or deny.
  • Hardware firewalls are additional devices added to a network that either allow or denies traffic. These are normally found in businesses and not in the home.
  • Configure firewalls to filter out unauthorized (gaming, x-rated…etc) websites, prevent hackers from scanning/retrieving information from the computer.
  • Frequently check the firewall manufacturer’s web site for updates and patches

Patching is a quick fix before an update can be released. Patches are the result of security vulnerabilities found in computer software programs.  They should be applied immediately because someone can exploit the security vulnerability in a matter of hours.
  • Configure the computer/software to install patches automatically.
  • For older software, check the vendor’s web site frequently for patches.
  • Subscribe to receive patch notification e-mails.
  • Research newly released patches for compatibility purposes with the computer/software.  Some may cause more harm than good.
User ID's and Passwords are used to identify and authenticate you on a computer. You are responsible for all actions taken on a computer that use your ID and password.

Follow these best practices to prevent your password from being used:

  • NEVER tell or share your password with ANYONE
  • Your password should be changed periodically.
  • Don’t reuse your previous passwords.
  • Don’t use the same password for each of your accounts.
  • When your computer prompts you to save your password, click on “No.”
  • Never use a word found in a dictionary (English or foreign.)
  • If you think your password has been compromised, change it immediately and notify the information security officer or manager at their organization.
  • Create a password that is eight or more characters, use numbers and letters, special characters, and use hard to guess but easy to remember passwords.  For example, “The big Red fox jumped over the Fence to get the hen?” becomes TbRfjotF2gth?
Use SSL websites when entering in a credit card/bank account number. SSL websites provides secure/encrypted transactions during a payment process.

 Guidelines for an SSL website:

  • A closed padlock on the browser's status bar
  • The HTTPS/SHTTP (secured encryption) in the web site's URL address bar when purchasing or making a payment.
  • Look for the Better Business Bureau Seal  (www.bbbonline.org), when this is clicked it should bring you to their website
  • Do Not Pay with Cash (money-wiring service) or money orders for any online purchase. There is no guarantee that your money will be refunded to you if you return the item.
  • Don’t pay with debit cards, it is a direct link to your bank account. If a person obtains your debit card information and the pin number they now have access to your bank accounts.
  • Pay with a credit card, most creditors will refund fraudulent charges on your account. Some creditors have a security plan that monitors your activity on your card, so if anything unusual happens they will notify you that a transaction happened.

 

The number of E-mail Scams and Pop-Ups always increase during the holidays. The criminals know that people do not examine their e-mails during the holidays.

 

Guidelines to prevent e-mail scams/pop-ups:

 

  • If you don’t recognize the sender DELETE IT! and block the address to disable future communications
  • If you receive an e-mail asking to enter in your personal information (bank account #'s, passwords) DELETE IT!!!! Legitimate companies will not send you e-mails asking for personal information (passwords).
  • Look for misspelled words, things that look out of place (logo is normally on the right side now it is on the left), e-mail from foreign countries, etc. DO NOT CLICK ON ANYTHING, DELETE IT.  
  • Check your creditor’s official web site regularly and look for any changes made to your account.  
  • Close all pop-up ads, they can contain malware that can infect your computer and obtain your information. Legitimate companies will not allow pop-up ads in their secure web site domain

 


Use this information as a guide to protect your computer from criminals. Be cautious, they are always looking for new ways to hack into a computer, trick you into clicking an ad/icon/pop-up, or asking you to send money.