Cybersecurity - Video 1

Passwords, Password Manager, MFA

A Password or Passphrase should be at least 8 characters long and alphanumeric with special characters. Never use personal information that can be found on your social media and try using phrases or having passwords autogenerated.

Password Manager alleviates a cyber-security phenomenon known as password fatigue. In this situation, an end-user can become overwhelmed by remembering multiple passwords for multiple services and which password is used for which service. Password managers typically require a user to create and remember one "master" password to unlock and access all information stored in the application. 

Data Mining is when cybercriminals collect personal information you post on social media (FB, Instagram, TikTok, WhatsApp, Snapchat, etc) to identify potential victims and refine their scams.

MFA / 2FA   Multi Factory Authentication /  Two Factor Authentication  MFA protects personal data—which may include personal identification or financial assets—from being accessed by an unauthorized third party that may have been able to discover, for example, a single password

Example: Withdrawing money from an ATM requires two-factor authentication; only the correct combination of a bank card (something the user possesses) and a PIN (something the user knows) allows the transaction to be carried out.

PII (Personal Identifiable Information) is any information connected to a specific individual that can be used to uncover that individual's identity.  There are 29 items that can be used with your first initial and last name to be considered PII (see chart below).

Your FIRST name (or initial) plus your  LAST NAME  plus  ANY ONE (or more) of the following equals PII

  • Full names (first, middle, last name), maiden name, mother’s maiden name, alias

  • Addresses: street address, email address

  • Phone numbers: unlisted mobile, personal

  • Asset information: internet protocol (IP), media access control (MAC)

  • Personal identification number: social security number (SSN), passport number, driver’s license, state identification number, taxpayer identification number, patient identification number, financial account or credit/debit card

  • Personal features: photographic images (that have distinguishing features e.g. show the face), x-rays, fingerprints, retina scan, voice signature

  • Vehicle numbers: registration, VIN, plate

  • Tax filings

  • Date of birth

  • Place of birth

  • Personal physical characteristics

  • Religious affiliations

  • Employment information

  • Medical information

  • Education information

  • Financial information


Cybersecurity - Video 2

Phishing, Smishing, Vishing, Scams, Statistics

Phishing, Smishing, and Vishing  are when cyber criminals attempt to trick you into giving them your PII

  • Phishing is via email

  • Smishing is via text or chat messages

  • Vishing is over the phone

Spear phishing targets a specific individual to try to steal their login credentials. The attacker often first gathers information about the person before starting the attack, such as their name, position, and contact details

Malware software secretly installed on a computer or phone to collect personal information or do harm to the system. Ransomware encrypts the victim’s files and demands a ransom to remove it.

  • Ransomware downloads can look harmless and like legitimate software downloads but malicious code is embedded to create havoc or gain personal information from the victim’s device.

  • Spyware steals personal information from the victim’s computer or phone

Spoofing is when criminals falsify (spoof) phone names and numbers so that your caller ID appears as a legitimate caller. It is often the precursor to an imposter scam. 

Statistics:

  • 3.4 BILLION phishing emails are sent daily

  • 1 phishing email is sent per  11  seconds  

  • 1 in every 4,200 emails sent is a phishing scam email

  • It’s estimated that 30% of phishing emails are opened, with a 10% chance that a phishing email will succeed in either stealing sensitive information or installing malware

Imposter scams are when criminals pose as a trustworthy person to convince you to send money or provide personal information:

  • Tech support scams: scammer says your computer has a critical virus and only they can fix it. Instead, they steal your personal information.

  • Charity scams: a false/fake fundraiser or story is created to solicit donations.

  • Authority scams: pretend to be someone official, à law officer, IRS auditor, utility company representative, or sweepstakes administrator. Normally need you to take quick action.

  • Romance scams: create fake profiles on dating apps (aka catfishing).

  • Investment/business scams: usually offer a job or investment opportunity.

What to look for in phishing emails (not all-inclusive) 

  1. Urgent action demands.

  2. Poor grammar and spelling errors.

  3. An unfamiliar greeting or salutation.

  4. Requests for login credentials, payment information, or sensitive data.

  5. Offers that are too good to be true.

  6. Suspicious or unsolicited attachments

  7. Inconsistencies in email addresses, links, and domain names.

Cybersecurity - Video 3

Quishing - also known as QR Code scams

There are many legitimate and helpful uses for QR Codes (online, magazines, menus, even business cards) but it’s important to know how to spot a fake. 

Quishing is when scammers create QR codes to trick people into visiting fraudulent websites or downloading malware to steal their personal information. It is important to stay aware and vigilant.

Verify source

Inspect

  • Look for signs of tampering,

  • misspellings,

  • odd colors

    Be Aware

  • sense of urgency?

  • Govt agency?

  • Asking for payment?

In 2023/2024 the FBI reported over $150 Million of declared Q R Codes fraud.

It’s important to remember, the best defense you have against fraud, is you!!!

Cybersecurity - Video 4

Deep Fakes

If you’re not familiar with Deep Fakes, it is one of the more sophisticated scams. This is when the bad guys impersonate you or someone you know, either physically in a video or your voice on the phone.

Deep Fake scams are becoming more common. They range from a relative calling you asking for money due to a travel emergency to political disinformation campaigns and fake celebrity endorsements of products.

There is a lot of money to be made in these schemes, which is why they are on the rise. To protect yourself it is important to be vigilant and adopt a mindset of healthy skepticism.

  • Verify unexpected communications - especially relating to sensitive information or finances

  • Be wary of urgent requests or pressure tactics

  • Stay informed of the latest scams and technologies

  • Trust your instincts! If something feels ‘off’, it probably is.