Less than twenty years ago you had never even heard of cybersecurity. You flipped through your mail and quickly identified “junk mail” and “real mail”—physical pieces of junk mail, unable to locate the addresses of your friends and invade their mailboxes with viruses or steal their information.
Then we entered The Digital Age.
A Growing Problem
Identity theft is the fastest growing crime in America. The US government has just proposed a $3.1 billion plan to improve cybersecurity in the U.S., with an additional $19 billion slated to be part of the cybersecurity budget. It sounds like a waste of tax dollars, until you discover, as the Boston Globe did in 2014, that the IRS has sent billions of dollars in fraudulent tax refunds to scammers. Stolen tax-ID and social security numbers—it’s not just about stolen credit card information anymore.
What is Cybersecurity?
Cybersecurity, sometimes called information technology security, refers to the protection of your digital data—your computers, financial information, personal information, image and other data that might be available on a digital device. Digital spying and cyber attacks are part of the beast. Cyber criminals aim to take digital information and use it primarily for monetary gain. In 2015, CBS reported that $18 billion had been stolen through credit card fraud alone; that’s in addition to the IRS figures.
Where Do Cyber Criminals Get Your Information?
An enormous amount of personal information is stored digitally, from medical and hospital records to government and military records, to business transactions and purchases. So much data that needs protecting, while an estimated 1.5 million cyber attacks occur annually, or about 170 attacks every hour.
How Do You Know You Are the Victim of a Cyber Attack?
Often, you don’t. If you are like Joe, you find out your identity was stolen when you go to file your tax return, and the IRS informs you that someone with your social security number already did. Ray found out when his cell phone and computer suddenly stopped working. He runs his own furniture restoration business and was on the road, unable to reach his wife back in the office who was trying to tell him a suspicious-looking email had arrived with his name attached. Real guys, ordinary guys, who weren’t even sure of the mistakes they had made leading up to their breach of security.
What Can You Do to Protect Your Cyber Security?
With just a little effort, you can better protect your cyber security. You can learn from the IRS and instead of spending massive time and money after the fact, you can spend a little time wisely proactively.
- Protect your passwords. You’ve heard this one before, but it is still true and you probably still haven’t done it. Change your passwords. Make them long and a little complicated. Don’t pick a word, your name, or the word “password.” Even if you sub in a few symbols and numerals like “p@ssw0rd,” it is too predictable. Don’t use the same password for multiple sites. If you really can’t memorize them, go ahead and be old-fashioned and write them down somewhere and hide it where only you can find it. Then change your passwords regularly (at least quarterly).
- Have an extra layer of security. Use sites with an extra layer of security, such as security questions or an additional PIN. Here’s the catcher: don’t use anything that can be discovered about you online. Is your mother your Facebook friend? Then don’t list her maiden name as a security question. Does your brother have a business profile where he mentions where you were raised? Then don’t choose a security question like the street name where you grew up. You can even choose a nonsensical answer, which is unpredictable, to the security question. Maybe it asks your favorite color and you say, “Who Framed Roger Rabbit?” You just need to remember your own answer; it doesn’t have to be real.
- Think before you click. Fraudulent emails are still a major source of cyber crime. Criminals are getting smarter. You need to get smarter also. If you receive an email, do you know who it came from and does the email address match that person? Does it sound like the person you know, including their grammar? Are you expecting a document from them? In this day and age, even a PDF or Word Doc, legitimate ways to share information, can contain a virus. If you weren’t expecting the attachment, don’t click on it. If you are asked to click on a link with a vague subject like, “Check this out!” just DON’T. Don’t click on a link or attachment you weren’t expecting. Hover your mouse over the link and it will tell you where the link will take you. It may be disguised as something legitimate sounding.
- When in doubt, verify. The safest way to verify an email from someone is to email that person in a separate email asking if they sent you the suspicious-looking email. Don’t click “reply,” or you may go to a false email. Email address and web links can all be faked. Your reply email will go to the fake.
With a little work and extra savvy, you will avoid the fate of Joe, Ray, the IRS, and so many others. Some additional resources are listed below, especially in the event that you have already been the victim of a cyber crime.