Be on the Lookout this National Cybersecurity Awareness Month
Since 2004, the Federal Government has recognized the month of October as National Cybersecurity Month, a dedicated time for the public and private sectors to raise awareness about the importance of cybersecurity. Cybersecurity has become the umbrella term that encompasses the protection of all electronic data, information, networks and devices from malicious or criminal activity.
Cybersecurity Affects Everyone
Many people might consider that cybersecurity is an issue that only Information Technology (IT) companies need to be concerned with, but in reality, everyone should be aware about the risks associated with technology. In fact, every citizen of the U.S. has a Social Security Number (SSN) that is filed digitally. This means people who do not use electronic devices are still vulnerable to cybersecurity risks. For the vast majority of the world, we have become dependent on technology more than ever before in history. Banking, property management, healthcare records, education - everything is digital. That means, everything is vulnerable. Everyone needs to be aware, educated and proactive to maintain their security.
The Infamous Social Security Breach of 2024
In August of this year, we saw a massive social security breach that affected millions of Americans. Instantaneously, millions of people were at risk for identity theft. A burden of responsibility was left to individuals to call the major credit bureaus and freeze their credit, but not everyone knows how to do so. This is why it’s vital to be aware of the potential risks and solutions with cybersecurity. We cannot solely rely on companies like our credit card companies to guide us through a data breach.
This rang true for Trinity IT’s cybersecurity engineer, Alex J. When news of the social security data breach broke this summer, he was quick to notify the entire company with the situation and tips to secure our information. Alex knew to call for a credit freeze as soon as he learned of the breach.
“I found out initially by staying aware of the news, so I'm glad I had my credit locked when I did," said Alex. "It's always better to be proactive than reactive."
It wasn’t until this month that his credit card company had notified him that his SSN was one of the numbers in the data breach. Luckily, his cybersecurity awareness prevented his identity from being stolen.
Unfortunately, major data breaches aren’t the only way private information can be stolen.
Other cybersecurity risks to be aware of: Phishing
Phishing is a common scam that involves criminals trying to steal your personal or financial information over text or email. Probably everyone reading this has either been contacted by a scammer or knows someone who has.
Some phishing scams are fairly obvious to the receiver. For example, many people receive text messages from an unknown (often randomized) email address, claiming their USPS package could not be delivered and providing a link to click. I have even received this text on multiple occasions, though I know I’m not anticipating any packages. Even if I were waiting for the mail, I would not trust any notifications to come from a random email address that doesn’t look affiliated with the alleged sender.
When in doubt, don’t click that link! Always block sketchy contacts.
Phishing scams, though, are often much more elaborate and convincing than those amateur USPS texts - which is a scary thought. That’s why it’s critical to be aware and avoid being the scammers’ next victim. Some scammers are able to mimic an email address of someone you do trust, like your boss. Stay vigilant, though, and you might notice the message seems odd. Maybe the email doesn’t have the same writing patterns your boss usually has, or maybe it’s asking for information your boss should know/would never ask you. If you have a gut feeling that the email seems fishy (or should I say, phishy), contact the person you supposedly got the email from in person, or by phone. Ask them if they sent the email, and make sure they’re aware of this scam attempt so they can notify others and change their account information as soon as possible.
If someone has come to you about receiving an email impersonating you, immediately change all of your passwords. If the email is compromised, it’s best to stop using the email altogether and alert all of your contacts that you’ve been hacked. The same protocol applies to social media accounts, which are hacked frequently.
Protect Yourself from Cyber Attacks
Here are a few steps you can take to protect your personal information from a cyber attack:
- Make sure a link is safe and authentic before clicking on it. (Remember: when in doubt, don’t click that link!)
- Create strong and unique passwords for all of your accounts. Yes, it’s easier to only remember one password that you use for everything, but that makes it easier for cybercriminals to hack your information, too.
- Multi-factor Authentication is your best friend. Many services offer this option - use it.
- Make sure your software is updated regularly. Out-of-date software is much less sure and vulnerable to a breach.
- Report suspicious activity to your company’s IT department if that applies to you. If you believe your identity was stolen, report it to the government in the resources below.
Resources:
For information about protecting your personal information if you suspect your SSN has been stolen, please visit Social Security Matters.
For general tips on protecting yourself from cyber attacks, visit Washington State Department of Financial Institutions.
Elizabeth Casalnova,
(267) 396-7901
elizabeth.casalnova@trinityit.biz