24 May 2018
Home network security as defined by the United States Computer Emergency Readiness Team refers to the protection of a network that connects devices to each other and to the internet within a home. With technology becoming more and more prevalent in our daily lives, it becomes increasingly important to protect against security risks. This article hopes to better your understanding of the risks associated with being connected to the internet as well as the importance of properly securing your home networks and systems.
Most people are under the assumption that their home network will never be attacked. This is a very common misconception for a couple of reasons. Home users believe their network is not big enough to be at risk of a cyber attack, and they think the devices they are provided by companies such as Comcast and Verizon are plenty secure. This line of thought is wrong and can be costly because attacks can occur to any network connected to the internet no matter the size, and the devices you are provided by Internet Service Providers (ISPs) are preconfigured with factory issued settings such as default usernames and passwords that create opportunities for cyberattackers to gain unauthorized access to information, amongst other problems.
The good news is that there are ways to prevent these types of problems. By improving the security of your home network, you can significantly reduce the chances of being successfully attacked. The list below are ways to improve the security of your home network.
- Regularly update software as the updates often include critical patches and security fixes for the most recent threats and vulnerabilities
- Remove/uninstall unnecessary services and software to reduce security holes on a device’s system
NOTE: This is especially important on new computers as they are often pre-installed with many software and application trial versions
- Adjust factory default configurations on software and hardware because the configuration settings are created to be user-friendly and are not geared towards security
- Install up-to-date antivirus software and make sure to enable automatic virus definition updates
- Install a network firewall to block malicious traffic from entering your home network and alert you to any potential dangerous network activity
- Install firewalls on network devices to inspect and filter a computer’s inbound and outbound network traffic
- Back up your data on a regular basis to minimize the impact if your data is lost, corrupted, infected, or stolen
- Enable wireless security by:
- Using the strongest encryption protocol available
- Changing the router’s default administrator password
- Changing the default SSID (often referred to as the network name)
- Disabling WPS (WiFi Protected Setup)
- Reducing wireless signal strength
- Turning the network off when not being used
- Disabling UPnP (Universal Plug and Play) when not needed
- Upgrading firmware
- Disabling remote management
- Monitoring for unknown device connections
- Familiarize yourself with the most common elements of a phishing attack
- Create strong passwords by:
- Making the password long and complex
- Creating a unique password for each account
- Never use personal information within the password
For more information about home network security, please visit the United States Computer Emergency Readiness Team website.
When you are scrolling your Facebook feed or taking a Buzzfeed quiz online, do you answer historical questions? Questions about your childhood home, your family dog, or the first car you drove can expose you to cyber criminals. These seemingly harmless games can lead to Facebook or quizzes online can help the company store and potentially sell your data. That is not to mention the other people that are seeing your answers online.
You may think to yourself, who care if they knew my first dog was a Boxer named Luna. Well, if you ever used that as a security question to reset your password, you may be more concerned. These data-harvesting schemes have become more and more prevalent and give identity thieves and scammers easier ways to access your online accounts.
There are many examples of this but, lets take a look at a few from krebsonsecurity.com
San Benito Tire Pros created a post that says, “What car did you learn to drive stick shift on?” This seems like a harmless answer, but by answering this question you could be giving them the answer to “What was the make and model of your first car?” This questions is one of the most commonly used by banks and other companies to verify customers before they reset their password.
Another from Good Old Days asks “What was your first pet, and what was it’s name?” This one is a little more obvious as it directly asks the question that you will frequently see as your security questions from companies online.
This can also happen when Facebook pages post quizzes or articles but pose questions as their caption. Texas asked “What was your high school mascot?” with a link to the most unusual texas high school mascots.
Protect yourself online and don’t share your historical data or make sure you answers to security questions are fictional. However, then you have to remember what you wrote.
16 Nov 2017
The holiday season is here and we will be searching for the perfect gifts for many people in our lives. Shopping from the convenience of our own home is one of the greatest benefits of the internet. You don’t have to wait in line, stand in crowds, or even take off your pajamas. With this convenience, comes many cyber criminals creating fake shopping websites, sending phishing emails, and trying to steal from others.
Spot Fake Online Stores
Criminals can create fake websites that replicate the look of real sites or using the names or well-known stores or brands. When you are searching online for the lowest prices, you may find yourself directed to one of these websites. Below are ways to help identify fake websites:
- Shop with reputable merchants.
- Research the website. There are many independent sources that will give grades to websites. Places like Reseller Rating or Better Business Bureau can be very informative. Even entering the the URL into a search engine and looking at results can be informative.
- Check the merchant’s customer information and return policies. Do not provide a vendor with personal information or bank account numbers. Make sure that they will support you if you package is stolen or missing.
Your Computer and Mobile Device
Protecting your device is just as important as shopping at legitimate websites. Make sure to always install the latest updates and run up-to-date anti-virus software. This makes it much harder for a cyber criminal to infect your device. On top of that, if you have children, let them use a secure device. Not one where your credit card or bank information is stored.
Be Sure the Transaction is Secure
When you are in the checkout process, the web site should be using encryption called SSL (Secure Sockets Layer). SSL ensures secure transmission of your credit card information across the internet. You can tell if the web site is using SSL by look for https: (rather than http://) at the beginning of the web site’s address in the browser.
Your Credit Card Information
Never send your credit card numbers via e-mail. Although it is generally safe to enter your credit card number on a secure web site, it is not safe to send it through e-mail. E-mail is sent through the internet in clear text format, so it’s possible for someone other than the vendor to see it.
Keep a record of your transactions. Print or store the copy somewhere for your records. Check your credit card statements to verify you were charged the proper amount. Also, keep any e-mail confirmations about your order for later reference.
Consider using credit cards that generate a unique card number for every online purchase, such as PayPal, which do not require you to disclose your credit card number to the vendor.
If you do have a problem with an online vendor, first attempt to work it out with them directly. Don’t just rely on e-mail; call them as well. If you cannot resolve the problem to your satisfaction, contact your back and ask them to stop the payment. You can also use an online service such as SquareTrade to resolve your dispute.
Finally, you can file a complaint to the state Attorney General’s Office, post your experience on a site like Reseller Ratings, or contact the Better Business Bureau.
Take this quiz, Workplace Security Risk Calculator, to find out if you activities while at work are risky and what you can be doing on the front lines to protect our organization!
Welcome to FIS’s 5 days of Cyber Security! October is national cyber security month. This is an initiative to help keep our online community safer and all citizens more informed. Over the next 5 days, we will highlight everything from types of scams to a checklist to complete cyber spring cleaning. Follow along with all of our information, videos, and quizzes! We are going to start with basic tips and advice to be safe online. Be sure to watch the YouTube video to gather 3 easy tips to stay safe on the go.