MFA and Use Caution: 2 Super Simple Cybersecurity Tips

Using MFA and being cautious: two easy cybersecurity tips that can go a long way! Read on to learn more.

You’ve heard about big companies getting hacked or falling for phishing scams. Target, Home Depot, Colonial Pipeline, Equifax, just to name a few.

Those stories are featured in the news, and there’s always a big dollar amount attached to it.

$1M, $3M, $10M or whatever.

Millions of dollars lost due to paying a ransom, or legal fees, or costs to get equipment up and running again.

But you don’t always hear about the little guy.

The little guy can experience losses of time or money in dealing with a hack:

• The mom who has her email hacked and has to spend hours upon hours changing logins and passwords, contacting companies and friends, not to mention the worrying and double-checking she’ll need to do.
• The grandpa who clicks on a phishing link which allows hackers access to his computer. He’ll have to say goodbye to important photos and documents or whatever else the hackers take even after collecting a ransom.
• The small business owner who falls for a whaling scam and ends up paying a $15k invoice to a fake vendor.
• The doctor with a hacked email account (due to not using multi-factor authentication) is now dealing with a HIPAA breach. Talk about loss of reputation and possible huge HIPAA fines!

These are real stories. Real people with real cybersecurity nightmares.

And honestly? Many of these scenarios could be prevented using two important measures:

1. Set up multi-factor authentication on your email, banking and social media accounts, and any other account with the option.
2. Be cautious about emails and links.

What is Multi-Factor Authentication (MFA)?

MFA is added protection to your account.

Instead of just using a username and password, MFA will send a code to your mobile device that you enter upon login. This means someone would need your password AND mobile device to access your account. 

It’s an extra step for you, but it is critically important. For anyone. This isn’t just a tip for those in the banking industry. If you have an online bank account, you need to use MFA. 

And if your bank doesn’t offer MFA? Find a new bank. Seriously, it’s that important.

Emails and Links

Over 300,000,000,000 emails are sent every day.

Over 6,000,000,000 text messages are sent every day.

Let’s say 0.1% of those emails and text messages are malicious in some way. That means 306,000,000 malicious scams are out in the world each day.

You need to be cautious with emails and links. 

What could be bad in an email? Lots of things. 

Someone pretending to be someone you know and trust could ask you for money, or gift cards. They provide a mailing address and you send the gift cards. 

No malicious links, no malware on your computer. BUT you lost money. Need an example?

Hi Holly,

Haven’t heard from you in a while! I’m collecting gift cards to send to [a mutual friend] for their [insert holiday or special occasion here]. I think she’d love iTunes or Macy’s cards. 

Here’s my address:

[insert mailing address]

See? It doesn’t look horribly suspicious. No obvious spelling errors or strange links. 

What should you do instead?

Look at the FROM address and name. Is there anything strange, misspelled or different than usual? Looks ok? Text or call your friend to confirm. It may be a legitimate message, or perhaps they were hacked. 

Always be cautious when emails contain information about money in some way.

Ok, what about links? Links can be in emails or texts. How do you know if it’s legitimate or not?

We like the hover link method in most cases.

Basically, if you’re not 100% sure the sender is known and legitimate, don’t click the link. 

Clicking a bad link could: 

• Download malicious software to your computer
• Lead to a fake login page and record your credentials
• Take you to a fake webstore and collect your credit card information
• Honestly, who knows what else! Hackers are always coming up with something new.

A few other suggestions for avoiding a link-clicking disaster:

• Use an email service with strong anti-spam features, like Gmail.
• Keep your computer patched. Use auto-update features if you tend to forget.
• Use strong, unique passwords and multi-factor authentication. That way if one password is stolen through a phishing site, the rest of your accounts are protected.

Sharing cybersecurity tips with your family and friends

We understand, no one wants to be ‘that guy’ telling other people what to do. But when it comes to your family and friends, helping them with their cybersecurity is a good thing to do!

Check in with your family to make sure they are using multi-factor authentication on their email and banking accounts. Starting there will help so much! Don’t assume they even know what it is. We hear from people all the time who haven’t heard of MFA before.

You can also share this link to Google’s free phishing quiz so they can test their knowledge: https://phishingquiz.withgoogle.com/ 

Conclusion

Usually, we only hear about the big guys getting hit by phishing scams or ransomware. But people all around you are targets for hackers.

Be sure to protect yourself by using MFA (multi-factor authentication) wherever possible PLUS being cautious with emails and links. 

If your company needs help with cybersecurity, we can help! We work with you to make your organization more secure. Contact us to learn more.