2021 has already seen more than a fair share of cyberattacks and breaches, including news headlines of SolarWinds‡ and Kaseya‡ breaches as well as high-profile attacks on the Colonial Pipeline‡. Cyberattacks are becoming more sophisticated with bad actors social engineering more victims each day. As we move out of the COVID-19 pandemic and individuals continue to return to the office, reinforcing previous security habits to mitigate risks are vital.
Observed every October, Cybersecurity Awareness Month focuses on different themes addressing specific security challenges and identifying opportunities for behavioral change. This initiative is no longer listed as national because it is a global effort to help everyone stay safe and protected when using technology whenever and however you connect.
Here are a few quick tips you can use and share with your friends, family and colleagues:
Avoid social engineering/phishing attacks
Social engineers are masters of making their phishing content and interactions appealing. From content design to language to spoofed emails, it can be difficult to discern whether content is genuine or a potential threat, which is why it is so important to know the red flags:
Beware of malware in unusual but familiar places
Ransomware is a common social engineer’s tactic where the bad actor uses a fraudulent link or attachment in an online message to attempt to steal your data through various platforms. Not unlike the movie Ransom, it usually starts with an ominous and scary demand for money.
After clicking on a suspicious link or attachment, this usually appears in the form of a notification that pops up on screen, alerting something like “your data has been encrypted, pay to get the decryption key or we will release the files to the public.” What can you do to help make yourself a harder target to social engineers?
Continue to take care when connecting
Although the Internet of Things (IoT) may be an unfamiliar term, you may recognize this term used to describe connecting smart devices to your home or work Wi-Fi connections. These range from a Wi-Fi pet camera in your living room to a medical device implanted in your body like a pacemaker. If the device can connect to the internet and has sensors that transmit data, it can be considered an IoT device.
Marketed as a way to make your home life easier, connecting devices demands care and security to avoid social engineers finding a way in to steal your data.
What could go wrong? As with any technology, there’s the potential for positive and negative outcomes. Convenience and connectedness can also open the door to bad actors, so being security-minded when connecting is crucial:
Is that really Tom Cruise?
Deepfake videos, a combination of the terms deep learning and fake, began arriving online in 2017. These videos are created using artificial intelligence to make it appear a celebrity, politician or prominent figure are doing or saying something they would normally not do.
These videos include the Queen of England dancing at Christmas, actor Kit Harington’s Jon Snow giving an apology in place of an actual scene in the final season of HBO’s Game of Thrones and Tom Cruise doing funny things on the social media app Tik Tok. While many of these are funny, other videos have been used to commit fraud with an alarming or controversial message designed to harm the individual recreated in the video. When you see a video online, it’s a good idea to use your head and not your heart when examining the content:
Moving through October and beyond
Being cyber smart and maintaining stellar online hygiene is the best way to protect yourself and others from cyberattacks – during October as well as year-round. No single tip is foolproof but taken together they can make a real difference for taking control of your online presence. By taking preventive measures and making a habit of practicing online safety, you can decrease your odds of being hacked exponentially – and prevent lost time and money, as well as annoyance.
For more information about security and how UMB protects your data, visit UMB.com/Security.
When you click links marked with the “‡” symbol, you will leave UMB’s website and go to websites that are not controlled by or affiliated with UMB. We have provided these links for your convenience. However, we do not endorse or guarantee any products or services you may view on other sites. Other websites may not follow the same privacy policies and security procedures that UMB does, so please review their policies and procedures carefully.