Are you making stupid cyber security mistakes?
As we mark Cyber Security Awareness Month, New Jersey residents are being reminded to be careful when they venture online, by keeping a few simple ideas in mind to maintain safety and security.
Don't click on unknown links
According to Adam Levin, the founder and chairman of Identity Theft 9-1-1 and a former director of the New Jersey Division of Consumer Affairs, New Jerseyans should avoid clicking on unfamiliar links that show up on websites you’re visiting or in emails.
“Even if you think you know where a link came from it’s important to verify before you click on it. This is one of those situations in life where you must never trust, you must always verify,” he said.
Levin explained the problem with links is that they can lead to malware. That malware can infect your computer or your phone. It might turn it into a turning it into a keystroke logger, or transmit your information back to criminals.
“It could also take you to a website that looks very much like the website you think you’re going to, but it’s not,” he said. “It’s a clone site, and when you enter information on that website, you’re actually giving it away to a hacker or a scammer.”
Don't overshare on social media
Levin said some people think they should share every morsel of their lives “with people who they know, they think they know, they think they might want to know, or they have no clue who they are, but they’re the audience so they want to do that.”
He said if you constantly update your Facebook page to let everyone know what’s happening in your life, you’re opening a potential Pandora’s box of problems.
“You don’t really need to tell people where you are, where you’re going, how long you’re going to be gone and when you’re going to get back, because unfortunately you’re giving stalkers and burglars a pretty good North Star into your life,” he said. “When you tell someone where you are, you are de facto telling them where you’re not.”
Think through those security questions
Levin suggested, when setting up security question protocols online, it's perfectly fine to lie. After all, people might be able to find the true answers — and use them to compromise your accounts.
“They don’t need to know your mother's real maiden name, your pet's name, the street you grew up on, your high school mascot,” he said. “All that matters is when the site asks you to answer a security question that you give an answer that was consistent with the answer you gave them when you set it up.”
Don't rely on weak passwords
Levin stressed “'password' is not a password. '1,2,3,4,5,6,7' is not a good password. You need to have long and strong passwords. They should be alpha-numeric with letters and symbols and numbers, and never use the same password across your entire universe of websites.”
Levin pointed out to keep online information secure, you can also create a pass-phrase “which would also make it more difficult for someone to figure out what your password is.”
Be careful with email
He also stressed it’s very important to keep in mind anything you put in an email could end up as the equivalent of skywriting.
“Don’t put sensitive, personal information in email. Don’t write things in email that could come back to haunt you or embarrass you, or your family or the organization for whom you work,” he said.
More from New Jersey 101.5: