I am sure all of you know of the famous Christmas caroling song “The 12 Days of Christmas” – you know, the one where no one knows any of the words except “FIVE GOLDEN RINGS”, that song?
Well, if you haven’t heard it before, then you should go YouTube it after reading this article.
But first, let me tell you “The 12 Days of Christmas – Cybersecurity version”!
In recent years, I have noticed an increased number of cases related to security breaches. In some cases, email accounts were compromised, resulting in spam emails being sent from these compromised accounts. Or, people’s sensitive data was hacked into and retrieved without one’s consent – remember, the 2018 SingHealth Cyberattack?
So this Christmas, in the spirit of giving, I would like to share with you 12 cybersecurity tips on how to work safely in the digital world, and not fall prey to attempts that seek to compromise electronic security.
These tips are not comprehensive, but they are simple tips that can significantly enhance the effectiveness of the first line-of-defence provided by the users through their usage and behaviours.
Because let me tell you a secret – while you may be happily enjoying cutting up that turkey for Christmas, hackers may be opening up their version of a Christmas present through hacking into your accounts!
Now, you wouldn’t want that would you?
So here are 12 Cybersecurity tips for the holidays:
Cybersecurity Tip #1: Change the passwords to both your PC and your email account regularly
In the off chance that your PC or email account has already been compromised, please take the immediate step to have your passwords changed. This effectively stops those who have unauthorised access any further access, and reduces the risk that hackers have long-term access to your accounts, preventing them from stealing information over time.
If your PC has been attacked and allowed the attacker access to your PC, you may need to have your PC cleaned up and reformatted. In that case, you can contact our Helpdesk for assistance.
Cybersecurity Tip #2: Use Strong Passwords
Weak passwords that are not hard to guess or are common words can be easily cracked. For example, unless you want to be hacked into, do not use “0000” or “1234”.
Also, do not use people’s names, special dates or complete words as password. A mixture of both is always a good idea. For example, instead of having your password as “NewYorkCity” which can easily be guessed, perhaps you could use “N3wY0rkC1ty” or “nEwyoRKC1tY”.
Here are some suggestions:
- Create a password that is at least 8 characters long
- Use Acronyms instead of a complete word (for example, instead of using “Iamfromsingapore”, use “Iafs”)
- Include both upper and lower case letters
- Insert Numbers, however try not to have running numbers or the same number like “1234” or “1111”
- Add punctuation/special characters, such as “&”, “^”, “$”, “#”
Cybersecurity Tip #3: Minimize Location Sharing
It’s very common for people on social media to update their social media sites as go for parties, meet up with friends, go out for a meal or drink, etc. The problem with this type of excessive sharing is that it creates a security threat at home. By signaling your every location, you make it easy for a criminal to determine that you’re not at home, leaving your personal belongings within these areas vulnerable to a physical intrusion. Because of course, who would bring their laptop for a Christmas party, right?
So try to limit the information you post online about your specific whereabouts to limit these threats to your personal property.
Cybersecurity Tip #4: Be cautious when using public WiFi
Free Wi-Fi access is very appealing to anyone especially at cafes or function rooms. However, this is also particularly vulnerable to security issues!
So remember to avoid unencrypted Wi-Fi networks.
Cybersecurity Tip #5: Practise caution even if an email seems to be from a trusted source
Remember to only open those attachments that you are expecting.
Cybersecurity Tip #6: If in doubt about the legitimacy of an email, send it to eVantage Technology for verification. Do not reply or forward it. Do not click on any of the links in it
If the email is from a party known to yourself, call the sender up to verify. Feel free to also report such incidents to eVantage Technology.
Examples of suspicious email would include (but are not limited to) the following:
- Email asking you to perform security or account updates by clicking on a link within the email. Very often, the heading includes words like “penalty” or “overdue account”
- Email from trusted colleagues/friends asking you to take actions that do not follow standard operating procedures, especially in relation to financial matters
- Email that is not addressed to you by name
- Email that asks for personal and/or financial information, or your password. A common email content can go along the lines of “your great grandfather has passed away and left you a $1 million inheritance”, or “I know one of your passwords is XXXX. If you value your privacy, please send (X amount) in bitcoins to XXXX”.
Cybersecurity Tip #7: Look out for suspicious activity
This includes receiving unusual notifications such as a change in security settings, when you didn’t make the change, or unauthorized financial activity.
If in doubt over the legitimacy of the email, call the sender up to verify if possible or escalate the issue to your IT department/ manager. Examples of suspicious emails include, but are not limited to:
- Emails asking you to perform security or account updates by clicking on a link within the email.
- Emails from trusted colleagues/friends asking you to take actions that do not follow standard operating procedures, especially in relation to financial matters.
Cybersecurity Tip #8: Install only authorized programs on your work PC
Try your best not to torrent any applications onto your laptop, such as Adobe Photoshop.
Cybersecurity Tip #9: Do not use your work email address for personal online subscriptions
Cybersecurity Tip #10: Update your antivirus, and run a full antivirus scan weekly
This is one of the easiest and most effective ways you can keep your personal and company information safe during the holidays.
Ensure you use a trusted brand of security. Additionally, make sure to regularly update it to the latest version.
Cybersecurity Tip #11: Turn on local firewall for all devices
Always keep your local firewall on.
You must assume that the network you are connecting to is compromised. Even if the place you are at employs their own firewall, assume it’s unsafe and employ your own locally.
Get it. Install it. Enable it. Never turn it off!
If it blocks you from something you probably didn’t need to visit it anyways!
Cybersecurity Tip #12: Update Operating Systems
Just like your anti-virus software, you should keep your operating system as current as possible. This also applies to apps on your phone; take special care to update apps that you regularly use to conduct financial or personal business.
And if you follow these tips, your holidays would be more secure and relaxing!
IT Security is one of our IT Services we provide. For more information, visit our IT Security webpage, or contact us by clicking below.
eVantage Technology is a professional and trusted IT solutions provider, dedicated to providing exceptional service to companies in Singapore and across Asia.