Cybersecurity Awareness Month: 4 ways to stay safer online
Did you know that October 2024 marks the twenty-first National Cybersecurity Awareness Month in the United States? The initiative was launched in 2004 by the US Congress to spread the word about ways we can build a safer digital world.
by Alyssa Schmitt
One key element of Cybersecurity Awareness Month is the “Secure Our World” program, which outlines four simple steps every person can take to stay safer online: Keep reading to find out how you can boost your own security!
AI is making it cheap and easy for scammers to create phishing messages that are tough to distinguish from the real thing. This is why it’s important to be wary if you receive an urgent message that makes a strong appeal to your emotions or threatens dire consequences if you don’t act immediately. Phishing emails often contain incorrect email addresses or links, e.g. googgle.com instead of google.com. And they often ask for personal or financial information, like passwords, credit card numbers, etc. – which, as a general rule, you should NEVER share in response to an unsolicited email.
If there is even the slightest reason to suspect that a message is fake, resist the urge to click any links or to reply. Instead, delete the message. Remember, if you are worried that there is a real problem or emergency, you can always reach out to the person or company directly to confirm whether they actually contacted you.
What do we mean by a weak, easily guessed password? Examples of weak passwords include those with less than eight characters, that only contain letters or numbers instead of a mix of characters, that consist of your name or easily guessed words, or are a string of consecutive characters like Abcdefg. In addition, using a password that appears on the lists of most common passwords – such as “Password123” – or that has appeared in a data leak puts the safety of your account at risk.
A strong password, on the other hand, is:
Multi-factor authentication simply means that, when logging into an account, you are asked to confirm your identity in an additional way besides the password. This offers an extra layer of protection online: even if someone guesses, steals, or hacks your password or PIN, they still won’t be able to get into your account or device without the step of verifying their identity as the owner.
How does MFA work? As a second step, you may have to enter a code that is texted to your saved phone number or generated using an authenticator app. Or, on a modern phone, you may be asked to set up fingerprint or facial recognition to unlock your screen or certain apps.
Even if they do not require MFA by default, nowadays most applications or online accounts will offer you the option of switching it on. For better protection, go to the account or app settings and look for multi-factor authentication, two-step verification, 2FA or similar. If you cannot find out how or where to activate MFA, consult that company’s help pages or reach out to their customer support.
Cybercriminals are always on the lookout for flaws in programs and applications that will leave them vulnerable to hacking. Along with the bug fixes and other improvements that are part of their regular updates, companies that develop software fight such threats by including “security patches” that plug these gaps.
Luckily, today most applications and devices offer automatic updates, so you don’t have to worry about missing one and opening yourself up to preventable risks. If you don’t have auto-updates turned on, you should do it today – and don’t deactivate any auto-updates that were switched on by default!
National Cybersecurity Awareness Month serves as a reminder of four simple steps we can all take to boost our security as we navigate the digital world. mail.com is also committed to keeping you safe online. This includes sharing blog posts that raise our readers’ awareness of cybersecurity issues and best practices. If you’d like to find out more, explore our archive of articles on online security.
And if you still don’t have an email account with mail.com, why not sign up for free today?
Images: 1&1/Shutterstock
One key element of Cybersecurity Awareness Month is the “Secure Our World” program, which outlines four simple steps every person can take to stay safer online: Keep reading to find out how you can boost your own security!
1. Learn to recognize and avoid phishing
Unfortunately, nowadays you would be hard-pressed to find someone who has never experienced a phishing attempt. Phishing, which can take the form of fraudulent emails, text messages, phone calls, etc., usually aims to trick victims into disclosing sensitive information such as credit card information or online passwords. An example of a phishing email is an authentic-looking shipping notification that claims a package cannot be delivered, but is actually trying to lure you into clicking a fake link, which will let cybercriminals steal your login credentials or flood your device with malware.AI is making it cheap and easy for scammers to create phishing messages that are tough to distinguish from the real thing. This is why it’s important to be wary if you receive an urgent message that makes a strong appeal to your emotions or threatens dire consequences if you don’t act immediately. Phishing emails often contain incorrect email addresses or links, e.g. googgle.com instead of google.com. And they often ask for personal or financial information, like passwords, credit card numbers, etc. – which, as a general rule, you should NEVER share in response to an unsolicited email.
If there is even the slightest reason to suspect that a message is fake, resist the urge to click any links or to reply. Instead, delete the message. Remember, if you are worried that there is a real problem or emergency, you can always reach out to the person or company directly to confirm whether they actually contacted you.
Do you know how to recognize a fake link in a phishing email? Learn more in our deep dive: What does a phishing link look like? How to check links safely
2. Use strong passwords
One of the easiest and most important ways to protect your online accounts is with a strong password. Nowadays we save a lot of valuable personal data in our email, online shopping, banking, and social media accounts – including credit card and other financial information. Protecting these accounts with weak, easily guessed passwords leaves the door open for hackers and cybercriminals.What do we mean by a weak, easily guessed password? Examples of weak passwords include those with less than eight characters, that only contain letters or numbers instead of a mix of characters, that consist of your name or easily guessed words, or are a string of consecutive characters like Abcdefg. In addition, using a password that appears on the lists of most common passwords – such as “Password123” – or that has appeared in a data leak puts the safety of your account at risk.
A strong password, on the other hand, is:
- Long: experts now recommend 16 characters or more
- Random: use a string of random upper- and lowercase letters OR a series of 4 or more unrelated words
- Unique: never use the same password for more than one account
What are the latest recommendations for a secure password? Find out in our explainer: Strong password standards: Changes and best practices
3. Turn on multi-factor authentication
If you find yourself wondering “what is multifactor authentication?” don’t worry – likely you know this concept by one of its other names – MFA, two-factor authentication, 2FA, two-step verification, etc.Multi-factor authentication simply means that, when logging into an account, you are asked to confirm your identity in an additional way besides the password. This offers an extra layer of protection online: even if someone guesses, steals, or hacks your password or PIN, they still won’t be able to get into your account or device without the step of verifying their identity as the owner.
How does MFA work? As a second step, you may have to enter a code that is texted to your saved phone number or generated using an authenticator app. Or, on a modern phone, you may be asked to set up fingerprint or facial recognition to unlock your screen or certain apps.
Even if they do not require MFA by default, nowadays most applications or online accounts will offer you the option of switching it on. For better protection, go to the account or app settings and look for multi-factor authentication, two-step verification, 2FA or similar. If you cannot find out how or where to activate MFA, consult that company’s help pages or reach out to their customer support.
Have you heard about all the ways multi-factor authentication is used to protect accounts? Catch up in our blog post: Types of two-factor authentication: Which 2FA is best?
4. Keep software up to date
You may be surprised to learn that keeping software and devices up to date is one important way to protect yourself online. Updates are essential to security because they often address security risks. So, the next time your phone or an app asks you to install an update, keep this in mind before you click “Later”:Cybercriminals are always on the lookout for flaws in programs and applications that will leave them vulnerable to hacking. Along with the bug fixes and other improvements that are part of their regular updates, companies that develop software fight such threats by including “security patches” that plug these gaps.
Luckily, today most applications and devices offer automatic updates, so you don’t have to worry about missing one and opening yourself up to preventable risks. If you don’t have auto-updates turned on, you should do it today – and don’t deactivate any auto-updates that were switched on by default!
Have you activated automatic updates on your devices? Read more about why it’s important and how to do it in our article: Software updates: Why they are important to your security
National Cybersecurity Awareness Month serves as a reminder of four simple steps we can all take to boost our security as we navigate the digital world. mail.com is also committed to keeping you safe online. This includes sharing blog posts that raise our readers’ awareness of cybersecurity issues and best practices. If you’d like to find out more, explore our archive of articles on online security.
And if you still don’t have an email account with mail.com, why not sign up for free today?
Images: 1&1/Shutterstock
59 people found this article helpful.
Related articles