WIXLIB

Cybersecurity For Dummies CheatSheetFrom Cybersecurity For DummiesBy Joseph SteinbergSome scams that cyber-criminals use to target online shoppers seem to persistfor many years—likely indicating that people are continuously falling prey to thescams, thereby encouraging criminals to keep using the same forms of trickeryover and over. Learn about some such common scams, and learn somestraightforward tips on how to keep yourself—and your loved ones—safe whenusing the Internet to shop.In addition, people often make mistakes that provide great assistance tocriminals seeking to commit cyber crimes—learn about some of the commonones, so that you do not make such errors and help criminals target you or yourloved ones. By GoodStudio/Shutterstock.com

Cyber-Protect Yourself and Your Family onthe InternetTo cyber-protect yourself and your family, make sure everyone in your familyknows that he or she is a target. People who believe that hackers want to breachtheir computers and phones and that cyber criminals want to steal their data actdifferently than people who do not understand the true nature of the threat.Folks who internalize this reality typically behave differently than those who donot — sometimes without even realizing that they’re acting as such.The following tips help you protect your data and keep yourself and your familysafe from Internet scams: Protect your devices. — At a minimum, run security software on everydevice that you use to access sensitive information. Configure yourdevices to auto-lock and require a strong password to unlock them. Don’tleave your devices in insecure locations, and install software only fromreputable sources, such as official app stores and official vendor andreseller websites. Protect data. Encrypt all sensitive data and back up often. If you’re unsureas to whether something should be encrypted, it probably should be. Ifyou’re unsure as to whether you back up frequently enough, — you, likemost people, probably are not. Use safe connections. Never access sensitive information over freepublic Wi-Fi and consider avoiding using such Internet access altogetherfrom any device on which you perform sensitive activities or accesssensitive information. The connection provided by your cellular service islikely far more secure than any public Wi-Fi.

Use proper authentication and passwords. Every person accessing animportant system should have his or her own login credentials. Do notshare passwords for online banking, email, social media, and so on withyour children or significant other. Get everyone his or her own login. Makesure that you use strong, unique passwords for your most sensitivesystems. Share wisely. Do not overshare information on social media or via otherplatforms. Crooks look on these platforms for such data and use it to socialengineer people. Oversharing exposes yourself and your loved ones toincreased risks of being targeted by scammers.Avoid Common Cybersecurity MistakesHere are some of the common cybersecurity mistakes that people make. Thesemistakes make hacking easy and greatly help criminals commit cybercrimes. Thinking “it” cannot happen to you: Every person, business,organization, and government entity is a potential target for hackers.People who think that they do not have anything of value and “why wouldhackers want to attack me?” often act without proper diligence and learnquite quickly how wrong their perspective is. Using weak passwords: Despite ubiquitous warnings not to do so, alarge number of people still use weak passwords such as “123456” or“password” — as evidenced by the lists of compromised passwordspublicized on the Internet after various breaches. If you use a weakpassword or use the same password on a sensitive site that you usedelsewhere, you dramatically increase the risk to yourself of an accountbeing compromised.

Not using multifactor authentication when it is available: All majorsocial media platforms, Google, Amazon, and most major financialinstitutions offer some form of multifactor authentication capabilities.Multifactor authentication can, in the case of a password compromise,make all the difference between an account being breached and itremaining secure — yet, as of 2019, only a minority of users leverage suchfeatures. Not running proper security software: Modern security softwaredramatically increase the odds of a person fending off a whole slew ofpotential cybersecurity problems, including malware, breaches, spamoverloads, and others. Yet, many people still do not run such software oneach and every one of their computers (including laptops, tablets, andsmartphones), while others run software but fail to keep it up-to-date,thereby undermining the potency of their product to protect against thelatest (and, often, the most dangerous) threats. Not keeping software up-to-date: Many operating system and softwareupdates contain fixes for security vulnerabilities discovered by researchers(or hackers) in prior releases. If you do not keep your software up-to-date,you’re likely to leave your devices vulnerable to attack. Worse, yet, oncethe vendor publicly describes the vulnerability that it has fixed, criminalsmay seek to create exploit scripts to search for, and target, unpatchedmachines. Failing to exercise good judgment: The weakest link in the cybersecuritychain is almost always a human being. Whether it be by clicking a link thatshould not have been clicked, sending money to a fraudster who sent abogus email impersonating one’s boss, installing a rogue app,downloading a pirated copy of a movie, or through some other imprudentaction, human error often opens a cybercan of worms and provides

criminals with the ability to inflict far more harm that they would have beenable to on their own. Not learning the basics: People who suffer from a medical condition, orwhose loved ones do, typically learn about the condition to ensure thatproper treatment is administered and that unnecessary danger does notresult. When it comes to cybersecurity, however, many folks choose toremain ignorant, thinking that, somehow, if they pretend that there is nodanger to them, such will be the reality. Not hiring a pro: When serious cybersecurity incidents occur, people(often individuals or small business owners) often try to address them ontheir own. Doing so is not much different than trying to treat a seriousmedical condition without going to the doctor or defending yourself incriminal court without a lawyer. Hackers, malware designers, and othercybercriminals have significant knowledge. If you’re locked in a de factobattle against them, you want a pro on your side, too.Common Cyber Scams Targeting OnlineShoppersCyber-criminals use some common scams to target online shoppers, but you canprotect yourself from these Internet scams easily.One simple technique can help protect you against all of these scams. If you everreceive any communication from a retailer, shipper, or any other party related toan online shopping order, an amazing deal, or other matter that you want to lookinto, do not click links in the message or open associated attachments. Open aweb browser, go to the website of the relevant “sender,” locate its contactinformation, and contact it directly to ask about the message that you received.

“There are problems with your order” emails (or textmessages): Criminals often send mass emails that appear to come froman online retailer and that tell recipients that a problem is preventing thestore from shipping the order and that the recipient must take action toreceive the order. Such emails often contain a link to a bogus website thatcollects, at a minimum, login information, such as usernames andpasswords, for the retailer’s website. Such scam emails aren’t normallytargeted — they simply impersonate major retailers. Criminals rely on thefact that a large number of people who receive the email are likely to haveplaced an order with the impersonated retailer in the not-so-distant past. “There are problems with your payment method” emails (or textmessages): Similar to the preceding scam, criminals send mass emailsthat appear to come from an online retailer and that tell recipients that aproblem occurred with the payment method used to pay for an order —with instructions that the recipient submit new payment information viasome web page. Recipients who had, in fact, recently placed orders, arelikely to be caught off-guard, and some will likely click through. Of course,the page that collects that new payment information — sometimes alongwith login credentials to the retailer’s site — is simply a tool for stealingcredit and debit card numbers, along with potentially other data as well. Delivery-service problem emails: Criminals send emails that appear tocome from a major delivery service and that inform the recipients that therean issue occurred with a delivery and that the recipient must take action tohave delivery reattempted. Of course, these messages either delivermalware via attachments or direct users to phishing or malware-spreadingwebsites; They do not help people get any items delivered. Bogus deal emails, social media posts, or web links: Criminalsfrequently either send via email or post to social media or deal websites all

sorts of “amazing” offers, which often seem too good to be true. A 55-inchSamsung smart television for 100?! A brand new 13-inch Mac for 200?!While some such deals may be legitimate — and, if they are advertised bya major reseller, you can check on the website of the relevant seller todetermine that — the overwhelming majority are not. If the seller is a majorreseller and the deal is not legit, the email may link to a bogus site or bespreading malware. If the seller is a firm that you have never heard about,the whole store may be a scam — collecting payments, for example, andnever shipping the goods, shipping defective goods, or shipping stolengoods. Fake invoice emails: Criminals send what appear to be invoices fromonline stores for purchases costing significant amounts and note the saleamounts were charged to the recipients’ credit cards. These “invoices”scare people into thinking that they somehow unintentionally placed anorder, were charged more than they expected for some item, or weresomehow defrauded by someone using their credit card number — any ofwhich lead the recipients to contact the seller by clicking links that thesender conveniently included within the invoice message . These linksbring the user to a site that either captures information, installs malware, orboth. Sometimes the invoices that are sent via email are included asattachments and, you guessed it, contain malware.Cybersecurity for DummiesAudible Audiobook

Cybersecurity For Dummies Cheat Sheet From Cybersecurity For Dummies By Joseph Steinberg Some scams that cyber-criminals use to target online shoppers seem to persist for many years—likely indicating that people are continuously falling prey to the scams, thereby encouraging criminals to keep using the same forms of trickery over and over.