A key method to protect your accounts is by practicing best practice password management.
These best practices include:
- Use unique passwords on all your various accounts (email, banking, social media, shopping, etc.).
- Use complex and lengthy passwords or phrases to increase your password strength.
- Use a password manager to remember and control your passwords for you.
Some recommended Password Managers include:
- DASHLANE – https://www.dashlane.com/
- LASTPASS – https://www.lastpass.com/
- STICKYPASSWORD – https://www.stickypassword.com/
Most Password Managers have free versions and a subscription-based version. Review each website and see what best works for you. Password Managers also usually have a method of storing payment information on your device instead of on multiple websites. This is a nice advantage of controlling your sensitive credit card information.
It is easier than you think for someone to steal your personal login credentials. Two-Step Authentication (also called Two-Factor Authentication) can help keep the criminals out of your email account, even if your login and password have been compromised. Two-Step Authentication requires that your configured accounts will require a second form of identification, typically a SMS text to a defined phone or an app on your smartphone.
This second form of identification is something that the criminals would not be able to acquire easily.
Some accounts to consider adding Two-Step Authentication include:
- GMAIL – https://www.google.com/landing/2step/
- YAHOO – https://help.yahoo.com/kb/SLN5013.html
- MICROSOFT MAIL (Hotmail / Outlook / MSN / Live.com) – https://support.microsoft.com/en-us/help/12408/microsoft-account-about-two-step-verification
Many social media and other sites that contain personal information will also have Two-Step Authentication available to you. Take advantage to protect your and your customers’ sensitive information.
Has my account ever been compromised in a known breach?
Go to https://haveibeenpwned.com/ and enter your email address. A database of known breaches will be reviewed to see if your account has been involved in any known security breaches.
What is Social Engineering?
Social Engineering is the art of manipulating people into performing actions or divulging confidential information and it is typically done through email or by phone.
Why is Social Engineering the method of choice for attackers?
It is easier for attackers to trick someone into giving them access to anything they want as opposed to developing and planning a technical attack.
Security Awareness Training
Employee training can be your best and last line of defense. Easily understood video and example training can substantially increase the awareness and correct action against the threats you face. Alliance Title uses KnowBe4.com as our end-user training and testing partner.
More information can be found at: https://www.knowbe4.com/
Social Engineering Red Flags
This graphic from KnowBe4.com shows 22 Red Flags to help you identify potential threats directed at you.
Blog submitted by Vice President and Chief Information Officer Jason Jacobson