Keeping up with computer security can be a daunting and overwhelming task. My goal in this post is to outline five things I think are essential in order to keep your digital life secure.
1. Configure all of your computers to automatically download and install operating system updates.
The steps for setting up automatic updates vary slightly based on your computer system (e.g. Windows 7, Window 10, Mac OS, etc.). Fortunately, you can Google how to enable automatic updates for your specific system. For example, here are two links with instructions on how to enable automatic updates for Windows 10 and Mac OS.
- Windows 10: https://answers.syr.edu/display/os/Turn+on+Automatic+Updates+in+Windows+10
- Mac OS: https://www.techrepublic.com/article/how-to-turn-on-automatic-updates-in-macos/
2. Install antivirus software.
Windows 10 comes pre-loaded with Windows Defender, Microsoft’s built-in antivirus program that works really well. I recommend Sophos Antivirus for Mac. Sophos continues to be recognized as one of the best antivirus solutions for Macs.
3. TREAT ALL EMAILS YOU RECEIVE AS A PHISHING EMAIL until you can verify its authenticity.
A phishing email is an email sent by a fraudster/hacker that appears to come from a legitimate company (e.g. your financial institution) asking you to provide sensitive information (e.g. your username or password) or asking you to click on a malicious link or attachment with the goal of stealing your financial assets. It’s estimated that 75-85% of all cyber attacks start by getting the victim to perform an action in a phishing email. Use these steps to verify each email you receive:
- Verify senders email address (firstname.lastname@example.org vs email@example.com)
- Hover over links in emails to verify the destination (be careful to note the spelling of the domain name). For example, gmail.com vs gma1l.com.
- Ask you yourself. Were you expecting the email? Is the email part of an outgoing conversation? Do you know the sender? Is there anything suspicious about the email and request? Keep in mind that the sender’s email account may have been hacked.
- Be suspicious of ALL emails that request that you click on a link or open an attachment.
- If you are uncertain if a link or attachment is malicious, contact the sender by phone or text.
- Many phishing emails purport to be from DocuSign, Dropbox, and other popular online services – be careful.
4. Turn on two-factor authentication on all online services that support it.
Two-factor authentication requires you to enter a code or approve the connection from an app after you have entered your username and password. This is the best way to safeguard your online access because it prevents a fraudster/hacker from accessing your account with merely your username and password. Contact your online service provider for help setting up two-factor authentication.
5. Monitor your Phone Calls/Text/Social Media.
Fraudsters are also using these avenues to trick people into providing sensitive information. Be careful about what information you provide through these services.
Remember, if you suspect that your account has been hacked, change your password immediately and contact the service provider.