Why have I chosen these topics this month? Let me tell you a story of what made me think about cyber security essentials and password security.
Learning means a lot to me. It’s not just my job (as a computer coach). I enjoy taking courses to give me specific and speedy information.
Recently I found a course that I was curious about, and I decided to purchase it.
I paid the money and completed the steps to sign up, including creating an account with a password.
As with most learning platforms I got an email – in fact I received 3.
I was horrified to discover that one of these messages had the normal – name and email address. But also the password that I had just created.
It was the full and clear password in a completely unsecure manner.
I immediately logged back into this account and changed the password.
One of the options in the account were payment details used. Fortunately I had used Paypal, so no bank details were available.
If you’re wondering – yes, I did contact the course creator. I let them know what had happened, with a few suggestions to improve things on their site.
But what I want is for you, dear reader, to have the same immediate reaction to this type of situation, plus some of the others that appear day after day – to help keep you safe and improve your data security.
Strong Password
I’m not going to go into depth of this, because there’s going to a post dedicated to passwords, and there’ll be more details there.
You should be using strong and unique passwords for all your accounts.
It’s a lot but you need to be using a different password for each system or account.
This was another part of the horror of my password being sent through an unsecured email – many hackers will always try a password that they’ve found on other accounts in your name, as we try to make life easier for ourselves by reusing passwords again and again.
Two-factor Authentication (2FA) or Multi-Factor Authentication (MFA)
More companies are using this option to help secure your accounts. In fact you may already be using this without realising.
Simply put, you sign into a website with your username and password (first factor). Then you need to enter another code, that is different each time, to confirm your identity and authenticate (or verify) that it’s you.
This is often done by sending you a code (numbers or letters and numbers) to your phone.
There are also programs that generate random numbers on a regular basis, often your phone. You tell the website that you’re using it (often they suggest which apps to use) and through the magic of tech, when you enter the code they match up and let you in.
You’ll notice in the image that there’s a countdown – the codes or tokens are set to be available for a set and often short period of time (around 30 seconds).
If you use something like this, don’t leave it for too long, if it’s close to ending, wait for the time to run out and a new code generated.
Do you have a Microsoft Account? Do you need to get a code or approve something after your password?
Then you’re using multi or two factor authentication.
Emails – Downloads and Links
It’s not a new thing, but you still need to be careful of links and attachments in emails.
While our email service providers (ESP), like Google Mail, Microsoft Outlook, Apple Mail, do a lot to help us, we still need to take responsibility.
There’s going to be a post dedicated to what to look out for around emails, but here are tips:
- For unknown senders, don’t click on any included links
- If you’re not expecting an attachment, don’t open it!
- Don’t take the senders details at face value – check the email address
Text Messages and Phone Calls
While you think cyber means computer – these tips can also relate to your phone.
Let’s face it, most phones are smartphones basically equalling a small computer in your pocket.
Text Messages
Often they can contain links to websites – which your phone can easily go to through its web browser.
As with emails – if you aren’t expecting a message or it’s from someone that you don’t recognise don’t click on it.
In a text message this is even more important, as they use a shortened link so you can’t see where it will actually take you.
It’s better to make a phone call to the person to check that it’s really from them instead of clicking.
If it’s a company that you are familiar with, if you’re not sure, don’t click the link. Instead head over to their website to check or even sign into your account.
Phone Calls
There are a lot of companies that are paid to call you to get personal details or money from you.
If you haven’t read it, take a look at my post Are you using the right language?, because knowing the company name – rather than a product – it’s a good starting point to realising if it’s safe (or not) to continue the call.
For computer programs, make sure that you know what’s the program and who’s the company. (Just repeating myself as this is such a simple and useful step.)
It’s an easy red flag when the speaker is using the application name instead of a company.
Additionally make sure that you know the name of your provider e.g. your internet service.
If you’re not a customer then someone from the real company isn’t going to call you offering tech support. 😋
And I can say without a doubt – if you haven’t called a company about a technical problem first, their technical or customer support won’t be calling you up!
Next Steps
The best tool that you have is to have in your cyber security essentials ‘pack’ is common sense when using the internet.
Be cautious of suspicious websites, emails, and messages. If something seems too good to be true, it probably is. Trust your instincts and stay safe online.
Know the companies that you have accounts with, so it’s easy to spot when a different company calls you up.
If you want to learn more, there are lots of training and courses out there but a good place to start is National Cyber Security Centre (NCSC) for the UK or Cybersecurity and Infrastructure Security Agency (CISA) for the US.
Other Data Security Posts
Let’s talk basic cyber security essentials (current post)
How to stay safe from email scams
What are good password practices?
Do you really need a password manager?
How many email addresses do you need?
Recent Posts
- ChatGPT: The Ultimate Time-Saving Sidekick for Small Business Owners
Hello, fellow small business warriors! Now, unless you’ve been living under a rock (or perhaps buried under a pile of invoices), you’ve probably heard of ChatGPT for business. It’s the AI chatbot people can’t seem to stop talking about. But what can it actually do for you, the small business owner? Let’s break down the… Read more: ChatGPT: The Ultimate Time-Saving Sidekick for Small Business Owners - AI Assistants Under The Microscope: A Trainer’s Meta-Experience
I wanted to write a first introductory blog to explain what’s happening or happened this month. There’s been a lot of talk about AI and there are now a range of options on the market. I thought it would be interesting to join my voice to everybody else. Time to share some thoughts and options… Read more: AI Assistants Under The Microscope: A Trainer’s Meta-Experience - Why virtual desktops are great for screen sharing
When it comes to screen sharing, there’s a really useful feature built into today’s operating systems. Yes, it’s both Windows and Mac – virtual desktops. Let me explain what I mean and how you can use it when screen sharing. What is a Virtual Desktop? A virtual desktop is like having multiple computer screens or… Read more: Why virtual desktops are great for screen sharing - Is your desktop prepared for unexpected screen sharing?
Screen sharing has become a standard part of our working practices, ever since online meetings became the norm. But what about when you get an unexpected screen sharing request? Here are several things to consider before you start the share. Have the apps and/or files already open When you click on the share option, you’ll… Read more: Is your desktop prepared for unexpected screen sharing? - How to Choose Between Window and Full Screen Sharing
With the rise of online meetings, has come the popularity of using the screen sharing option. Whether it’s to show colleagues what you’re working on, or to give advice, or assistance with something. One question that I get asked or there’s confusion about – should I be using a window or full screen? You can… Read more: How to Choose Between Window and Full Screen Sharing
cyber security essentials, cyber security, cyber security for beginners
2 thoughts on “Let’s talk basic cyber security essentials”
Pingback: How to stay safe from email scams
Pingback: What are good password practices?
Comments are closed.