Cybersecurity is the process of protecting networks, devices, and data from unauthorized use or criminal access to ensure integrity, confidentiality, and authentication of information. From the ways we communicate, use transportation, shop, bank online, and work remotely, our daily lives significantly rely on cybersecurity in our interconnected digital world. Because criminals from across the globe are constantly looking for new opportunities to attack our digital systems to exploit and cause damage, we have to stay vigilant.

Below are a list of different types of cybercrimes and how you can protect from, stop, and avoid them.

• Business Email Compromise – In this scam, criminals target both businesses and individuals. It has evolved from a simple form of sending an email that appears to come from a business or individual you know and requesting a seemingly legitimate payment, often urgently, via a wire transfer, to compromising legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds. More recently, criminals receive funds from cryptocurrency platforms where they can quickly disperse the funds.
  Be on guard. Check the accuracy of email senders. If payments or payment changes are requested, verify with the intended recipient first. As soon as fraud is detected, contact the originating financial institution, and request a recall of the fund transfer as well as a Hold Harmless Letter or Letter of Indemnity.

• Ransomware – A type of malicious software, or malware, that prevents you from accessing your computer files, systems, networks, or cell phone. Malware is installed in various ways, including through links and attachments in emails, downloads from malicious websites, or removable drives. Criminals hold your data hostage until the ransom is paid or pressure you for the ransom by threatening to destroy or release your data to the public.
  Be on guard. One way to prevent or minimize the risks is to conduct system and software scans using anti-virus and anti-malware programs. You can also make an offline backup of your data and update your operating systems and software on your devices frequently. If you fall victim to this crime, file a report with the Internet Crime Complaint Center, regardless of whether you have paid the ransom or not.

• Spoofing – Scammers deliberately falsify an email address, sender name, phone number, or website URL and manipulate you into believing that it is from a trusted source. Once you seem engaged, they lead you to download malware, send money, or share personal, financial, and other sensitive information. Spoofing is often used in connection with other crimes.
  Be on guard. Scammers tweak little things – often a letter, symbol, or number. DO NOT click on or download anything unless they are verified to be from legitimate sources. Additionally, if a call comes from an unknown number or the caller (or a recording) asks you questions or to hit a button, DO NOT hang on, just hang up.

• Phishing – Scammers send an email, text, or message on social media that appears to be from a legitimate business and lure you into providing your information by visiting a website that looks almost identical to the real one. Once you click the link, you may be asked to provide sensitive information for verification purposes, such as your Social Security number, login credentials, mother’s maiden name, or place of birth. Once the information is provided, scammers use it to access your accounts to steal money or sell your information to other scammers.
  Be on guard. Businesses and financial institutions would never call you first to verify your account information or to ask for sensitive information. DO NOT click links in emails or messages. If you believe the contact may be legitimate, contact the business or visit the official website yourself. Never provide your personal and sensitive information in response to an unsolicited request over the phone or the Internet. If you feel suspicious of or fall victim to Phishing, alert the situation to your credit union and other financial institutions and file a report with FTC.

• Technical Support Impersonation Scams – Criminals pose as service representatives of a company’s technical or computer repair service and ask you to contact them through email or by phone about a highly priced, soon-to-renew subscription. Once you contact them, they convince you to grant full control access to your computer for technical support and a refund. With the granted access, criminals steal your sensitive information and conduct unauthorized wire transfers of funds from your accounts. Almost half the victims who report this crime are over 60 years old.
  Be on guard. When you receive email about unsolicited services or services you didn’t sign up, resist the pressure to act quickly, search online for the company, and initiate the communication from your end. Do not send wire transfers to someone you have only spoken to online or via phone. Also, do not download unfamiliar software or grant remote access to unknown persons or entities.

Basics of Cyber Hygiene

Cyber hygiene refers to the practices and steps taken to protect your digital assets and information from unauthorized access and cyber threats. By practicing good cyber hygiene, you can ensure the safety and security of your digital assets and information online.

1. Turn on Multifactor Authentication
   Multifactor authentication, also known as two-factor authentication, or MFA, is a highly effective security measure that requires an extra form of identification, on top of your password, when trying to access your digital assets and information. Most websites now offer this security feature such as a PIN, fingerprint, confirmation text, and authentication application. Once prompted, opt in!
2. Update Your Software
   Criminals take advantage of well-known problems and vulnerabilities. Network defenders work hard to fix them, but their work heavily relies on you installing the latest fixes. Keeping your devices up to date with the latest security patches and utilizing automatic updates for operating systems, antivirus software, and applications will help protect your digital assets and information from cybercrime.
3. Recognize and Report Phishing
   Phishing is the number one way our information gets compromised, and we are more likely to fall for phishing than we think. Be cautious of unsolicited phishing emails, texts, and calls that ask for personal and sensitive information. Don’t click on links or attachments from unknown sources and avoid sharing sensitive information or credentials over the phone or email, unless necessary. If suspicious, trust your instincts and think before you click!
4. Use Strong Passwords
   Strong passwords are critical to protecting your digital assets and information. Make sure your password is long, unique, random, and including all four-character types. Password managers are a powerful tool to create passwords and they make storing passwords and user IDs much easy!