October 29, 2014
One of my credit cards sends me an “Oops, looks like your account was compromised” letter and a new card about every six to eight weeks. I know that I’m not alone. From Target and Home Depot, to Apple’s iCloud, Google and DropBox, it seems there’s a new security breach announced every month. Just in time, October is “Cyber Security Month.” Celebrate by taking a few precautions to protect yourself from cybercrime.
Cyber security is a growing concern. The number of security breaches that take place every year is staggering: 90 have been reported so far this year alone, and it’s only October. Experian’s “ProtectMyId” recently released results from their latest online survey of 1,000 adults in the U.S., conducted by Edelman Berland on their behalf in September 2014. Check out the full survey here.
A third of respondents report having been victims of identity theft in the last two years. Almost all respondents (93 percent) recognize that identity theft is a growing problem. Unfortunately, they still aren’t doing enough to protect themselves.
I was shocked to read that only about half of survey respondents (52 percent) update their protection software each year, which means a lot of people are using the limited-use software that came pre-installed on their machine, well after the updates have expired. If you do nothing else in honor of Cyber Security Month, please install a free anti-malware application like Microsoft Security Essentials or Avast Free Antivirus. Both of these programs will download updates and scan automatically once installed, so you don’t have to remember to run it manually.
Passwords are a common target of cyber criminals. Phishing schemes often send emails or redirect unsuspecting web surfers to imposter websites that look like the login page for your bank or email account. Once you enter your username and password, the criminals have your information and can get into your account without much effort. A surprising number of people (nearly half of millennials, according to Experian’s survey) feel comfortable sharing passwords with others. This complacency leads some people to offer up personal information and passwords to solicitors or phishing phone calls and emails.
Criminals are also getting more adept at stealing passwords. They hack into a relatively weak site, capture usernames and passwords and then post lists of those username/password combinations online for their fellow criminals to use to try to crack accounts at other, more secure sites. This becomes a big problem when people use the same username and password across multiple sites – a relatively commonplace practice.
While it can be daunting to consider having a difficult to guess and unique password for every website you frequent (particularly those that have records of your personal or financial data) there are a couple options:
You could utilize a password management application like LastPass to generate random character passwords and store them for you in a password vault. Install the app on all your computers and mobile devices and you only need to remember one password (the one for your LastPass account) and it will do the rest.
Alternatively, you could use my password trick of pass phrase + number + website identifier to get a difficult to guess password that is unique to each site.
Also, enable multi-factor authentication wherever possible. While it can take an extra minute or two to login from a new computer (a code is sent to an established contact such as your primary email account or cell phone and you need to enter that code to login from an “unknown” device), it means that you’ll get notified if someone tries to access your account and you can take steps to protect it (change the password, notify the website, etc).
Mobile computing, whether it’s logging onto a public WiFi network at the local coffee shop or balancing your checkbook on your Smartphone, is super convenient but it can also put you at risk. In Experian’s survey, 66 percent of respondents report that they log on to personal accounts on public Wi-Fi and more than a third (38 percent) access bank or credit card accounts on public Wi-Fi. The problem is that a shared network can allow anyone else logged onto the same network to gain access to your device without your knowledge, particularly if you don’t utilize a firewall (like the one integrated into current versions of Windows). Make sure that your device’s firewall feature is enabled and identify the network as public. Still, it’s a good general rule to avoid mobile banking in Starbucks.
Finally, smartphone owners should remember that they’re carrying around a small, easily stolen portal to all the personal data stored and accessed on their device. A third of survey respondents reported that their smartphones are NOT password protected, and even more have elected not to enable remote tracking and wiping. It’s imperative that you make is as difficult as possible for a thief to get to access to the wealth of personal data stored on your mobile device. I know it’s a pain, but trust me – it’s super important to utilize a password or fingerprint lock on your smartphone, tablet and iPod, and enable remote tracking and data wipe features so that if your device is stolen you can remotely erase everything on it before it falls into the wrong hands.
Andrea Eldridge is CEO of Nerds On Call, which offers onsite computer and laptop repair service for homeowners and small businesses. Based in Redding, Calif., it has locations in five states. Contact Eldridge at www.callnerds.com/andrea.