Today is Safer Internet Day and we thought we’d try a bit of click-baiting. That explains the headline and, coincidentally, also what this article is all about.
After interviewing a few experts in our podcasts and videos; reviewing countless articles on various topics within cybersecurity; and publishing an entire special edition on it, we have learned a thing or two about how to be safe online. Here are our top three tips for staying safe and secure online.
Beyond proof that I can count to 6, it’s also the most common password out there, followed by “123456789”, “12345”, “qwerty”, and “password”. Besides “password” of course. Seriously, there is no excuse for using an extremely weak password like that online. You’re probably reading that now and thinking: “Yes, he’s right, but for [enter any website here], which I’m not using frequently anyway, it’s ok, isn’t it?” No, it isn’t.
Think about what hackers do with these passwords. Hint: it’s not to get into your account. Once they have access to your account — any account — they know a little bit more about you (besides the tons of data that are readily available from social media) and might be more successful starting a “real” attack (aka one that really hurts).
Or maybe the hacker is not even interested in your data – and just using your account for whatever. The point is: Don’t use weak passwords. Don’t use the same password for different accounts. Get a password manager – even those built into today’s gadgets should do, just make sure to use them.
“My name is …”
Whether it is Antonio Guterres, Secretary-General to United Nations, Warren Edward Buffett, Inigo Montoya, or some obscure “Nigerian Prince” offering you a fabulous amount of money, you have to ask: “Why me?” That’s the first question to ask before following any link in these e-mails. It’s called phishing and you are not special. Those emails go out to thousands of people.
Unlike those examples, it’s not always that easy to identify a scam e-mail. Many phishing e-mails are almost impossible to make out as such especially if you’re working in a large corporation and have a corporate budget, attackers might use an attack dedicated to you specifically. Don’t feel flattered. This method is called spearphishing and is quite possibly the most effective scam method.
Don’t blame yourself either, if you do fall for it – if you receive an e-mail from your boss which looks legit right down to the signature, it’s understandable to read it and even follow the link. In any case, if an e-mail looks suspicious, take a good look at the sender and also check whether the actual link address matches the link description. That in itself should prevent a successful attack. If it passes all those tests, but still sounds “phishy”, a call to the sender can clear things up quickly.
Not because it is known as one of the worst operating systems ever, but rather because of the song that was chosen to promote it: “Start me up” by the Rolling Stones. That should also be the motto for your cybersecurity measures. Just get started.
Of course, your IT wizard wants to sell you the latest and greatest, and if that sounds like overkill, it usually is. Nevertheless, the most important step to protect your data, regardless of whether it’s personal or business data, is the first step.
Staying in the realms of popular music, the first cut is, indeed, the deepest. This means that just getting started will go a long way in protecting your data. Then again, just buying anything won’t get you far, either. Pro tip: The best tool is the free and easy to obtain. It’s called common sense. It prevents you from buying some expensive and complex solution that you never use. Apply common sense to cybersecurity and you should be relatively safe. Not only on Safer Internet Day, but all year round.
Patrick Boch has been working in the IT industry since 1999. He has been dealing with the topic of cybersecurity for several years now, with a focus on SAP and ERP security.
In recent years, Patrick Boch has published various books and articles as an expert, especially on the subject of SAP security. With his extensive knowledge and experience in the areas of SAP compliance and security, Patrick Boch has served as product manager for several companies in the IT security sector since 2013. Patrick is Co-Founder and Editor of Cyber Protection Magazine.