In today’s age, hackers have learned how to outsmart the average person and their success rate is on the rise. Listed below are 5 basic best practices when it comes to cybersecurity and how to prevent hacking.
Recently we had a contest for password security setup. One of the participants picked a bunch of weird characters and @ signs and exclamation points and upper and lower case letters for a total of 10 characters. We were able to hack their password in under 10 minutes. Our CIO picked one that said “pepperonipizzalover”. (He’s actually an extra cheese pepperoni pizza lover, but that’s way too many characters to type.)
“Pepperonipizzalover” was over 16 characters (and reminded him to order pizza every Friday night.) Because it hit the 16 characters, it would take a robot 1,000 years to hack. The best recommendation to prevent hacking is to ensure you have a password at least 16 characters long. For added security, change your password every 90 days. But, if you have a password over 16 characters, you can up that to six months to a year and you won’t have to worry about that password being hacked. A word of advice: one character below 16 takes you from 1000 years down to 32 days.
You got an email from Julie King today and she asked you to please share your credit card with her because she’s booking a trip for you, something that may normally happen. But can you trust that it’s really Julie King? What’s the best way to know? The easiest way is to reply to that email and look at the email address that’s spelled out. It should be exactly what you are expecting. It shouldn’t be something unique or even slightly off of the norm. Double-check it letter for letter to ensure it is the correct email address. If you aren’t certain, pick up the phone and call her or email her back and ask her to verify the request before you give up your credit card information.
You might be asking yourself: “Won’t the hacker read that email if they were the ones to send it in the first place?” They will see that email and they may even attempt to respond to it. But the user who has been hacked will see it as well and know that they never sent you the original credit card request. That should allow you to be in an absolutely safe position. But don’t forget, call to confirm.
You get a call from PNC Bank and they say that your account has been hacked. You wonder “Is this really PNC calling me?” PNC will know very specific things about you. However, a hacker can know those same things. For instance if you have ever written a check somewhere? At the bottom of that check is your routing number and your account number. If they read to your routing number and account number to you over the phone, you’d probably trust that caller, right? The problem is that could be the teller at the bank or someone in the accounting department that got hacked. So what do you do to prevent hacking? Call them back on their 800 number, ask to speak to the fraud division, and let them know you just got a call.
If they confirm the call, then you know you’re safe. When they don’t confirm it, you know that it was a hacking attempt.
When you do get a call and they want you to verify your security questions, which is typically part of what you might see from a banking organization, here is our recommendation:
Our CIO’s wife likes to give him a hard time about locking his computer. Every time she sits down at it, she has to enter the password. She doesn’t normally remember it, so she always hollers out: “What’s our password?” And he tells her. Her response is always “Who’s going to hack our computer? It’s just me and you living in the house. Is the dog going to hack it?”
Although she thought she was being funny, he took the time to explain to her that if the computer is locked, then no one can break into it without the password. Now, his wife, probably very much like you, leaves every one of her windows open and logged in to. This enables the hacker to simply open up the browser, log into her bank account and begin the financial fallout.
Locking your computer makes it twice as hard for the hacker to gain access to it.
It’s really important to keep your computer updated. It is actually the number one way to prevent hacking into your computer. Perform the weekly updates that come from Microsoft. Many of us are so used to ignoring those updates and typically speaking, most haven’t been updated in days, weeks, months or even longer.
Please remember: always do your Windows updates. You should be prompted by your computer, but you should get into the habit of, every Monday morning, clicking Windows Update and searching for new and critical updates that might be available on your computer.
Most of us have probably turned on “don’t bother me again” on the automatic updates. Once you turn that on, it’s never going to prompt you to update your computer again. To find the updates, simply click the “Start” button and type the word Windows Update. It’s the very first thing that will appear on your list. Click “Check For Updates” and run everything that it asks you to run.
Don’t pick and choose. You’re not a security expert.
Those are the five tips that we wanted to share that will help keep you a little bit more secure and safe in your environment. The best tip is BE PARANOID. Suspect everything and everyone and you will limit your exposure to a hacker.
For more information visit our managed IT page or if you have questions give us a call at 800.633.3673.
Share a few quick details to get a response from our support team.