Here are some resources from Verizon’s Data Breach Digest to help you and your family have the confidence to use technology safely and responsibly. We’re here to help with tips to guard against hacks and data attacks. Below is a guide to recognizing and responding to some of the most notorious cyber threats.
Don’t let the Golden Fleece get hold of your cash
Financial pretexting is when someone under false pretenses tries to get your personal information to gain access to your cash and credit.
Phone call: Hi [your name], this is your bank. I see some unusual activity on your account. I need to confirm this is you so can you please provide your card number so I can confirm it.
Recorded message: This message is an important reminder for [your name]. Recently, somebody attempted to change the password of your [company] account. A temporary PIN was provided. If you did not request this temporary PIN, please call us immediately at [number].
Email: After your last tax filing, we have determined that you are eligible to receive a tax refund of $180.00. To access your tax refund, use the following personalized link [fake link].
Use 2-factor authentication to access email.
For example, use a password + a unique code texted to your phone for your email.
Don't immediately click links or open attachments in emails.
Hackers can pretend to be from companies you know and use, so be sure before you click. Or better yet, go directly to the site in a web browser first. If you’re not expecting an email attachment or link, call or text the person who sent it to ensure it was really them.
Avoid uploading personal information online (like your bank account).
Even if you know the company or website, be sure the device you are using is secure when you need to upload personal information.
Start new sessions in your browser frequently.
Completely log out and close your browser when finishing a session. Clearing your browser history regularly is a good idea, too.
Don't let the Epluribus Enum disrupt your activities!
Hacktivism occurs when online accounts and devices are broken into (hacked) by individuals or groups for social or political purposes.
Use strong passwords and add 2-factor authentication.
Add 2-factor authentication so that your email, social media and personal websites accounts don’t get held for ransom. Two-factor authentication is something you know (e.g., password, personal identification number (PIN)) plus something you have (e.g., smartcard, hardware token, USB drive with code).
Minimalize personal information on social media.
Be careful with what you post on social media; limit personal information that could be used against you. This could include personally identifying information (e.g., date of birth, home address), habit patterns (e.g., specific vacation dates that indicate when you will not be home), strong social and political opinions (e.g., ones that may attract undue attention), etc.
Don’t let the Secret Squirrel squirrel off with your data
Connecting to unknown public WiFi may give hackers an open window to hijack your identity or steal your personal information. They may also install malware on your device and use your identity to send emails, texts and social posts on your behalf.
Be aware when using public WiFi.
Public WiFi in places like coffee shops and hotels is more susceptible to mobile attacks, so limit the personal information you share (e.g., personally identifying information) and the type of activities you do (e.g., banking) online while using public WiFi.
Keep devices in your possession.
When traveling (especially internationally) don’t let your devices out of your sight. If a device is out of your possession for a significant amount of time, be aware that your information may be compromised.
Double-check to see where your account is logged geographically.
Facebook provides this option, for example. If you see you’ve logged in on the other side of the world, your account has been compromised and you’ll need to reset your password(s) and notify your contacts.
Don't let the Panda Monium bear down on your devices!
The “Internet of Things,” often called “IoT,” describes a network of physical objects connected to the internet. Devices are subject to compromise if good security practices are not followed. Chances are you have IoT devices in your home or office – such as your television, refrigerator, thermostat or video game console.
Use secure WiFi (and account) passwords.
Use strong passwords on WiFi routers (e.g., 12 characters that include at least two of each of the following: upper case letters, lower case letters, symbols and numbers) and don’t freely give out the password. Change all passwords periodically.
Create unique passwords for different devices.
Don’t re-use passwords. Be sure all of your devices and log-ins from routers to thermostats to bank accounts have their own passwords. Consider a password keeper like LastPass or Dashlane.
Do not use the default password for anything. Change passwords for products once they’re out of the box.
Regularly check for updates to your IoT devices.
Manufacturers will periodically uncover and fix weak points in the security. You’ll need to keep them updated in order to have the latest protection.
Don’t let the Hot Tamale burn you and your crew
USB drives can be used to spread infections to unsuspecting recipients’ devices. They can also be used to steal data and are easily lost.
Don’t leave devices unattended near strangers.
Someone could quickly install a USB device that could capture keystrokes, pictures, sounds and data without you knowing.
Don’t plug unknown USB drives into your devices.
Any unexpected USB should be received with caution. Unsuspecting recipients who plug them into their devices are at great risk for malware.
Completely destroy old USB flash drives.
Delete (wipe, if possible), reformat, and then physically destroy the USB drive so no one can recover the data.
Fraud and Scams
Fraud can occur online and offline. Learn about current scams and tips on how to protect yourself.
Data Breach Digest 2017
Put our cybercrime case studies to work. The Verizon Data Breach Digest 2017 offers actionable insights on the most common and dangerous threats you face.