To remind you in staying safe online and prevent becoming a victim of a 'no-delivery' scam, listen to this 1-minute podcast from the FBI:
Online
Holiday Shopping
Never click links in pop-up ads. Ever!
Saturday, November 28, 2015
Saturday, November 7, 2015
Are you using two-factor authentication to secure your banking credentials?
What is "2FA" in geek speak? It stands for two-factor authentication, which is a fancy way of saying that your successful login to a computer system is dependent upon two separate things from any of these categories:
Go to your banking web site today and turn on 2FA. Don't wait!
- Something you know, like a password.
- Something you have, like a cell phone.
- Something you are, like a fingerprint or heart beat.
If your login credentials require only user name and password, that's called single factor authentication because there is generally only one unknown in that combination: your password. User names are rarely hard to guess.
But passwords are made to be broken. If you're not using a very strong or really long password, your credentials can be easily cracked and your bank account wiped out. (See earlier posting How do I create a strong password?)
The best protection you can get is to use multiple authentication methods to gain access to your sensitive web-based accounts. If your web site provider offers 2FA, turn it on. It's something you'll have to enable on the site, but figuring out how to do that is easy thanks to Turn it On: The Ultimate Guide to 2FA, which provides instructions for many (but not all) sites that offer 2FA.
Try it out. Navigate to Turn it On, then type "Google" in the search box and press the Enter key on your keyboard. If the Turn it On web page doesn't have instructions for the site you're looking for, just check with your web site provider.
Go to your banking web site today and turn on 2FA. Don't wait!
For more information, see
How Not To Be Hacked: The Definitive Guide for Regular People
The book is a quick and easy read. James shares the most essential tips for keeping your data and your family safe and secure online.
On pp. 141-144 of the book is a nicely summarized list of all the tips that James has to offer to regular folk who are not security experts or don't do this stuff for a living.
One of those tips is about using two-factor authentication for every online account you access that involves your money. This includes banking web sites, credit card account logins, retirement account web sites (frequently accessed through your employer benefits portal), bill payers, online retailers who have your credit card number, homeowners association (HOA) sites where you pay your dues, online brokerage firms, your pet insurance seller, or any web-based site where you are moving money. And that is exactly the topic of my next posting.
James' book already has a unanimous 5-star rating on Amazon and is available for just $12.99. This is a great gift for anyone and everyone you know who has a computer, tablet or mobile phone.
A perfect Christmas gift for someone you love! If you read the book, please post your comments here. I'd love to hear from you.
Sunday, November 1, 2015
Are you cyber aware?
October was cyber security awareness month, but every month is security awareness month at (SANS) Securing the Human.
Stay on top of what's happening in cyber and how to protect yourself and your family online with free SANS.org resources. Here are three popular resources to bookmark or download:
Stay on top of what's happening in cyber and how to protect yourself and your family online with free SANS.org resources. Here are three popular resources to bookmark or download:
- Securing Your Kids Presentation & Handout - http://ow.ly/SWH6X
- Three Steps to Transform Your Security Awareness Program - http://ow.ly/TTGbv
- Security Awareness Event Calendar - http://ow.ly/TTGjE
Remember to visit Securing the Human year-round to
access dozens of tools, videos, and articles all related to security awareness. You don't have to be part of an organization or corporation to take advantage - these resources are for everyone!
Sunday, October 25, 2015
Atlanta, GA: Join us Saturday, Oct. 31st for the 2nd annual Super Run!
Join in the fun on October 31, 2015, for the Savvy Cyber Kids' 2nd annual Super Run Atlanta!
Be a super hero for a day and make every day a little safer online!
In honor of National Cyber Security Awareness Month, Savvy Cyber Kids is hosting the second annual Super Run Atlanta. Savvy Cyber Kids is asking our community to lace up your shoes and don your masks and capes to support cyber security awareness!
You can run, walk, volunteer to help at the event, cheer on the runners, or donate in support of keeping our kids safe online.
When: October 31, 2015 (early morning!)
Distance: 5K or 1K Fun Run/Walk
Where: Brook Run Park, Dunwoody, GA
Who: You!
Registration: http://thesuperrun.com/locations/atlanta/
Donations can be made online at Savvy Cyber Kids. Last year, over 200 runners & walkers became superheroes. And though they may not be able to shoot laser-beams, speak with aquatic animals, or leap buildings in a single bound, they definitely made a difference!
Latest press release: Ionic Security Celebrates National Cyber Security Awareness Month 2015
In honor of National Cyber Security Awareness Month, Savvy Cyber Kids is hosting the second annual Super Run Atlanta. Savvy Cyber Kids is asking our community to lace up your shoes and don your masks and capes to support cyber security awareness!
You can run, walk, volunteer to help at the event, cheer on the runners, or donate in support of keeping our kids safe online.
When: October 31, 2015 (early morning!)
Distance: 5K or 1K Fun Run/Walk
Where: Brook Run Park, Dunwoody, GA
Who: You!
Registration: http://thesuperrun.com/locations/atlanta/
Donations can be made online at Savvy Cyber Kids. Last year, over 200 runners & walkers became superheroes. And though they may not be able to shoot laser-beams, speak with aquatic animals, or leap buildings in a single bound, they definitely made a difference!
Latest press release: Ionic Security Celebrates National Cyber Security Awareness Month 2015
Thursday, October 8, 2015
Are you shredding your used boarding passes?
This week I found out that we should be shredding our airline boarding passes after using them, based on the myriad of details easily gleaned from the data on the pass and in the bar code.
For example, if you take a snapshot of your boarding pass and upload that image to your FaceBook page, anyone with access to your page can take a screen shot of the image and then upload it to a web site called Inlite that reads bar codes. Inlite decodes and spits out the contents of the bar code.
As it turns out, the boarding pass contains lots of information about you and your trip, as well as your frequent flier number (FFN). For airlines that allow you to log in to their web sites using your FFN as your user name, that is exactly one half of the credentials needed to log in as you—unless, of course, the login requires multi-factor authentication.
With your login name in hand, cracking your password and logging in as you is not hard for hackers to do, especially if the secret question used to unlock your account is your mother's maiden name.
This is a fascinating story. For details, see Brian Krebs' article What's in a Boarding Pass Barcode? A Lot.
For example, if you take a snapshot of your boarding pass and upload that image to your FaceBook page, anyone with access to your page can take a screen shot of the image and then upload it to a web site called Inlite that reads bar codes. Inlite decodes and spits out the contents of the bar code.
As it turns out, the boarding pass contains lots of information about you and your trip, as well as your frequent flier number (FFN). For airlines that allow you to log in to their web sites using your FFN as your user name, that is exactly one half of the credentials needed to log in as you—unless, of course, the login requires multi-factor authentication.
With your login name in hand, cracking your password and logging in as you is not hard for hackers to do, especially if the secret question used to unlock your account is your mother's maiden name.
This is a fascinating story. For details, see Brian Krebs' article What's in a Boarding Pass Barcode? A Lot.
Saturday, October 3, 2015
Securing the human
October is National Cyber Security Awareness Month, and
the SANS Securing The Human team has extensive free resources to help you stay
safe and secure online.
Resources include:
- Newsletters
- Videos
- Posters
Access free resources at: http://cyberaware.securingthehuman.org/
Securing Kids Webinar
- Cyber security expert Lance Spitzner will outline the top three risks to kids online and how you can protect your family.
- October 14 1:00 p.m. EDT/ 10:00 a.m. PDT.
- Register now for the Securing Your Kids webcast
Want more tips? Visit the #cyberaware resource hub
for tools, tips and more: http://cyberaware.securingthehuman.org/
Subscribe to:
Posts (Atom)