Sometimes, vendors will release an upgraded version of their software, although they may refer to the upgrade as a patch. It is important to install a patch as soon as possible to protect your computer from attackers who would take advantage of the vulnerability. Attackers may target vulnerabilities for months or even years after patches are available. Some software will automatically check for updates. If automatic updates are not available, check your software vendors' websites periodically for updates.
Use strong passwords. Whenever you have an opportunity to create and use a password to protect your information, make sure that you use a strong password. Passwords are frequently the only thing protecting our private information from prying eyes. Many websites that store your personal information (for example web mail, photo or document storage sites, and money management sites) require a password for protection. However, password-protected websites are becoming more vulnerable because often people use the same passwords on numerous sites. Strong passwords can help individuals protect themselves against hackers, identity theft and other privacy invasions.
In most instances, it's safe to ignore admonitions to regularly change your passwords. While once considered a security "best practice", changing your passwords regularly ranks relatively low as a means of protecting your accounts. Of course, if you believe that your password has been breached or compromised, it is essential to change it immediately.
Password recovery methods are frequently the "weakest link", enabling a hacker to reset your password and lock you out of your account. Make sure your security questions aren't easily answerable. It's also a good idea to have your password resets go to a separate email account designed for resets only.
Unfortunately, experts warn that the security of passwords has never been weaker. New hardware and techniques have contributed to a sharp rise in password cracking by hackers.
Be skeptical. Think before you click. Don’t open unexpected email attachments from unknown persons. Just because an email message looks like it came from someone doesn't mean that it actually did. Scammers can "spoof" the return address, making it look like the message came from someone else. If you can, check with the person who supposedly sent the message to make sure it's legitimate before opening any attachments.
Don’t click on links embedded in email messages. It’s usually safer to go to the company’s website directly from your browser than by clicking on a link in an email message, unless you are absolutely certain that the email was actually sent by the person or company claiming to have sent the message. This will help you avoid becoming a victim of “phishing”. Phishing is the fraudulent process of attempting to acquire sensitive information by masquerading as a trustworthy entity. Phishing is typically carried out by email and often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
Spear phishing is a type of phishing attack that appears to be from a colleague, employer or friend and includes a link or something to download. Spear phishing often targets senior executives at organizations that may have valuable information stored on their computers. These messages may be personalized with publicly available information about the recipient to make them look genuine. They are therefore more difficult to detect than ordinary phishing. The links or downloads included in such a message can be malicious, and might include viruses or fake websites that solicit personal information.
No matter how official an email message looks, never access a financial account by clicking on an embedded link. If the email is fraudulent, a scammer could use the account number and password you enter to steal your identity and empty your account. One way to protect against this is to use an incorrect password on the first try. A phishing site will accept an incorrect password, while a legitimate site won't. You should also avoid calling any telephone number in an unsolicited email unless you have confirmed that it is a legitimate number.
Avoid social engineering attacks. Social engineering can be defined as the process of obtaining information from other people through the application of social skills. The objective of social engineering is to deceive the computer user into compromising his/her system and revealing sensitive information.
Social engineering ploys take advantage of human nature by tricking people into installing malware or revealing personal information. The user is tempted to carry out a necessary activity that damages their computer. This occurs when the user receives a message directing him/her to open a file or web page or watch a video. Often, these ploys relate to celebrities, natural disasters, or popular events.
One common trick includes showing a fake virus scan that indicates your computer is infected and encourages you to download a tool to remove the infection. Another ploy offers to display a video, but only after you install a plug-in that is “required” to view the content.
Back up all your data. While your computer may be an expensive asset, it is replaceable. However, the data and personal records on your computer may be difficult or impossible to replace. Whether or not you take steps to protect yourself, there is always the possibility that something will happen to destroy your data.
There are many hardware and software alternatives for backing up your data including USB flash drives and external hard drives (hardware) as well as archiving and disk imaging programs (software). Each method has its own advantages and disadvantages. For a simple solution, important files can be saved to an encrypted USB flash drive. It’s a good idea to keep your backup media in a locked and secure location.
Encrypt files on your computer, laptop or portable device. Encryption is a way to enhance the security of a file or folder by scrambling the contents so that it can be read only by someone who has the appropriate encryption key to unscramble it.
Computers are lost, stolen or hacked every day. As a result, your personal information can become available to anyone and may lead to privacy invasion and identity theft. Many computers and other devices contain sensitive files such as financial records, tax returns, medical histories, and other personal files.
Many computer users rely on laptops and other portable devices because they are small and easily transported. But while these characteristics make them convenient, they also make them an attractive target for thieves. Make sure to secure your portable devices to protect both the machine and the information it contains. It’s important to encrypt any sensitive data on such devices.
USB flash drives pose security risks for similar reasons. Use them cautiously. Some flash drives offer built-in encryption features.
Unencrypted files on your computer can be read by anyone even if your computer is password protected. There are methods by which a person who has physical access to your computer can read unencrypted files without entering your password. So it’s important to encrypt sensitive files even if they are on a password-protected computer.
Protect sensitive information. Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email. Don't send sensitive information over the internet before checking a website's security.
No comments:
Post a Comment