IT
Tips – June 2015
Summer time, the livin’s easy.
Unless you don’t read this tip; then
the livin’ might be hard…
What’s Inside:
Tech Section
·
How not to get Hacked
How
not to get Hacked
Hackers are everywhere. They
have loads of time and they could be preparing a hack on you as you read this.
FEAR; HYSTERIA; CHAOS!!
I sound like an American news
station: Be scared! They’re after you! Tune in at 11!
Unfortunately, when it comes to
cyber security, I’m not that far off. This era of social media and up-to-the-minute
sharing makes us more vulnerable than ever before. It’s almost too easy for hackers today.
Hacks happen every day (lots of
them). This
visualization of known hacks over the last 10 years should be an eye opener.
We don’t want to see IMC on that list, right?
Analysts estimate the annual
cost of cybercrime to be around $100,000,000,000 globally. That’s not a typo, that
is one-hundred billion doll-hairs (errr,
I mean dollars).
There are an estimated 556 million
victims per year!
Well, now I’m terrified. I thought
this blog was supposed to be fun!
Don’t worry, I’ll keep it cool
with some obscure geek references in about 60 seconds.
Really, I’m a glass half full
kind of guy. Especially if that glass is half full of a tasty double-IPA! Mmm,
beer…
Ahem, what I’m saying is that
optimism can still prevail in the intimidating world of cyber security. Follow
along and I will show you some simple methods to protect both the security of
our wonderful IMC family as well as your own (this stuff applies to your
personal computing life as well).
Out with it, Keith! How do I stay
safe?!
Disclaimer: there is no
foolproof way to thwart hackers. However, you can make it much more difficult
for them which in turn makes you a less desirable target.
P@$$w0rds!
Do you leave your keys on the seat when you exit your car?
Do you lock your house and then leave the key in the door to make it easier to
unlock when you get home? Didn’t think so. The same goes for your password: don’t
stick it on your computer; memorize it.
Your password is one of many keys into our systems. An
experienced hacker could wreak havoc with nothing but your username and
password. It should be kept safe like the DragonBalls from Frieza!
 |
| Woah!! Obscure anime reference! Geek level over 9,000! |
Never share any password, corporate or personal, with
anyone. Not even someone you trust.
All passwords are a potential risk; even passwords for
obscure websites can be a boon to hackers. Do you know why? Because most people
use the same password everywhere (did you just turn red??).
To summarize: Keep your passwords complex and don’t share
them with ANYONE. It’s also a terrible
idea to use the same password everywhere.
Social Engineering
This is a HUGE topic. Social engineering has become
extremely common because it’s a much easier technique for the bad guys than “actual”
hacking.
A person who employs social
engineering is essentially a con-man. Social engineering is the act of using
slick emails or tricky language to trick someone into divulging more
information than he should. Why would the hacker spend hours writing scripts
and code when he can just ask you for access?
The most popular social
engineering methods are “phishing scams” and “vishing scams”.
First, phishing scams
 |
| I couldn't help but reuse this little gem. |
Hackers use your social media pages and other easily-obtained
information to make the email seem legitimate. They will reference people,
services and places that are familiar to you but it’s a trap!!
Dealing with phishing is actually pretty simple:
1.
If the message seems odd, delete it! Do not
follow links or attachments from email messages you weren’t expecting,
especially if they don’t have any real implications for you.
2.
If it seems weird but you think it’s someone you
know, give them a call to verify.
3.
NEVER click a link from an email to log into an
account. If you get an email asking you to log in, open a web browser yourself
and manually navigate to the page.
Next up: Vishing
Another valuable tool in the
hacker’s arsenal is known as “vishing”. Vishing is essentially the same thing
as phishing but it’s done over the phone. A hacker may call you asking for
information that shouldn’t be provided over the phone. Again, they usually do
some reconnaissance to make it seem convincing: they may know that you use a
Windows 7 computer, or maybe they’ll know the name of someone in your HR
department.
Never trust someone who calls you
requesting information or access to your PC.
There are two main avenues a vishing
call will take:
1. Someone
calls claiming to be from HR.
a.
Never provide personal or confidential
information over the phone.
2. Someone
calls claiming to be from IT.
a. Contrary to popular belief, we IT folk are not
psychic. We will not call you to fix a problem that you did not report to us.
If someone unexpectedly calls asking to remote into your computer, hang up! I
already have remote access to your PC and if I seem sketchy (ouch, my feelings),
just ask me to identify myself.
b.
Never provide your password over the phone! If I
ever need it, I will identify myself and prove my identity.
Malware (viruses)
Malware/viruses are a very popular method employed by
hackers. Malware can do much more than just slow down your computer (they can
steal your info too!).
I’ve covered
malware pretty extensively in the past. However, there are some key rules
to follow to avoid contracting malware/viruses:
1. Use
your IMC computer for IMC-related business only.
2. Do
not try to find and install software without first contacting us.
3. Do
not click on website ads. Ever!
4. Don’t
open email attachments/links in strange emails.
Have a great month, everyone!
-Keith
Please
don’t hesitate to shoot me an email if you have a something that you think will
make a good tip. You’ll get credit on the blog for your contribution and I
might give you a high-five
2 comments:
Thanks, Keith. Great info!
Yet another great blog... you make me feel smarter & laugh at the same time.... AWESOME!
Post a Comment