![enquiry[at]ecylabs.com](https://ecylabs.com/wp-content/themes/ecylanding/assets/img/bg-img/contact_enquiry_ecylabs.png){kind=small}
EnglishCyber Security Advisor | Coimbatore | Naan Mudhalvan | Cyber Jagrookta Diwas
India is the biggest target of cyber threats to educational institutions and online platforms, followed by the USA, the UK, Indonesia and Brazil. India has over 500 million smartphone users, projected to grow to over 850 million by 2025. Additionally, a significant proportion of these users are in the younger demographic. To address cyber security issues and improve their implementation at the national level, Rias is creating cybersecurity awareness for the students.
Cyber Security Advisor | Coimbatore | Naan Mudhalvan | Cyber Jagrookta Diwas
Social media can be a great way to connect with friends and stay informed about whats happening in the world. However, it can also be a source of problem. Some common issues include cyberbullying, online harassment, and exposure to inappropriate content. Social media can also be addictive and can lead to decreased face-to-face interaction and poor sleep habits. Privacy concerns are also a significant issue, as teens may unknowingly share too much personal information online.
| Social Media Awareness Tips |
|---|
| We all want to know what Disney character our profile picture most resembles, but it's best to avoid Facebook polls and quizzes that require you to give random sites permission to access your account information. You never know where it might end up. |
| To stay safe on social media, You should frequently evaluate your privacy and security settings, avoid accepting friend requests from strangers, and carefully consider what they choose to reveal in status updates or photos. |
| Refrain from posting personal information on public-facing social media, including your phone number, location, photos which contains secret information,etc. |
| Be cautious about posting photos that could allow strangers to identify your location. Disable geotagging on all social media platforms. |
| Frequently check the security settings of your social media accounts. |
| Do not accept friend requests from students and other individuals you don't know. |
| Limit the amount of information you showcase on your social media accounts, because advertising your personal information or whereabouts through pictures could make you, your loved ones, or your home a tempting target for cybercriminals. |
| Manage your privacy settings. Learn about and use the privacy and security settings on your social networking sites. They help you control who sees what you post and manage your online experience in a positive way. |
| Be cautious on social networking sites. Even links that look they come from friends can sometimes contain harmful software or be part of a phishing attack. If you are at all suspicious, don't click it. Contact your friend to verify the validity of the link first. |
| On some social networking sites, such as LinkedIn, people are able reveal too much about a person's personal life and can give criminals such as hackers personal information which may help them to hack into one's account. |
| This point is for the parents. Please use kid-friendly instructional resources, such as animated games. Children should be taught not to share their private information, pictures, and videos online. |
| Make sure the passwords on your social media accounts are strong. Don't quickly click on sources given on social media sites or add unfamiliar persons to your lists. Maintain regular account monitoring so you can look out for and report any unusual activity. |
| Verify your privacy settings on mobile devices and social media. Make sure you’re not over-sharing information with the world that could potentially be used against you. |
| Cyberbullying is a major issue around the globe today due to thegrowth of social media. Children are the most susceptible users online, making them the most frequent targets of bullying |
| Don't share too much information on social networking platforms but Social networking has become a way of life for many individuals, but sharing too much personal information on your social media profiles can be dangerous. |
| Customize your social networking privacy settings so that the content you post online will be around for a long time, but you can customize privacy settings on most social media sites. This will affect who can contact you and who can see the information you post. |
| Remove suspicious or shady users on Facebook. For users you don't know outside of Facebook who befriend you and then make you uncomfortable by asking repeated, personal questions or pressuring you to meet them offline, blocking them is a viable option. |
| Don't believe everything you read Too many people have fallen victim to scams online, by buying into false claims and promises of vast accumulation of wealth. |
| Social media is one of the most open platforms that is directly linked to your personal lives, but that doesn’t mean you share every detail on the platform. Like if you are travelling out of town, don’t give hackers a heads up that you are leaving by updating statutes |
| Share passwords carefully truth is, it's impractical in the modern environment. Families need to share passwords to bank accounts, credit cards, and other online services with spouses, and many share a single login to services like Netflix. |
| Always review everything before you post it. Does it contain any personal information? If your social media post does involve personal information, delete it. |
| Most social media platforms come with an option to make your account private letting you filter through friends and follow requests. Never accept a request from somebody you don’t know. |
| Think twice before posting potentially embarrassing pictures of yourself or your family and friends. |
Everyone should be aware of security risks when using smartphones such as phishing, malware, public Wi-Fi, lost or stolen devices and social engineering. To protect themselves, students should use a mobile security app, avoid unknown emails and texts, use VPN on public Wi-Fi, use a passcode or fingerprint lock, and educate themselves on social engineering. Backing up important data regularly is also essential in case of device loss or theft.
| SmartPhone Awareness Tips |
|---|
| It's a good rule of thumb to distrust every piece of email that lands in your inbox. Double check the email address of the sender for phishing giveaways like a wrong domain. |
| Avoid clicking on links in text messages. Be suspicious of shortened URLs like bit.ly addresses, which may be used to hide a link's true destination. |
| To mitigate risk of infection, avoid sharing USB drives with others, and be cautious when plugging them into public computers. Use security software to scan any device given to you, even by a trusted friend. |
| Gmail Help provides dozens of articles on account safety and security guidelines. You can also access tools to report phishing emails and other violations of Gmail's policies. |
| When surfing the web, enable pop-up blocking and consider private browsing. Cookies can open security loopholes for hackers, so it's best to delete them periodically. |
| Research shows that changing passwords regularly is often unhelpful, as users tend to make minor changes that are easy to guess. Instead, focus on creating an effective password that will last, and only change it if your account has been compromised. |
| Do not use the same passwords for all of your accounts. Instead, create different password tiers according to the level of data/information sensitivity. |
| Avoid downloading and installing software sent to you via email. Instead, visit the manufacturer's site for a download. |
| Store your passwords with care. This means no sticky notes on your desk, no lists emailed to yourself, and no unprotected documents in cloud storage. Instead, consider password management apps, password-protected documents, hints kept in a secure location away from your device. |
| Distrust unusual callers, especially those who use an "unknown number" ID. Let your voicemail take care of things. Remember that caller IDs can also be spoofed. |
| Avoid taking or storing private photos on your devices. No matter how secure you think your files are, someone may still gain access to them. |
| Treat email attachments with care. Never open one unless you can verify the sender and are expecting the attachment in question. Remember that even trusted email addresses can send infected attachments if they've been compromised. |
| Software updates offer plenty of benefits. It’s all about revisions. These might include repairing security holes that have been discovered and fixing or removing computer bugs. Updates can add new features to your devices and remove outdated ones. |
| Consider using your mobile phone. If you need to access any websites that store or require the input of any sensitive information it may be worthwhile accessing them via your mobile phone network, instead of the public Wi-Fi connection. |
| Encrypt the data on your network, Encrypting your wireless data prevents anyone who might be able to access your network |
| Use strong passwords. Make sure that your password is at least eight characters long and consists of some combination of letters, numbers, and special characters (for example, +, @, #, or $). |
| If you ever can't find your phone or tablet, open the service or just do a Google search for "find my device" in any browser where you're signed in and you'll be able to pinpoint precisely where the missing gadget was last seen |
| You've probably granted countless apps access to parts of your Google account over time — which is no big deal in general, but with any apps you're no longer using, it's a smart idea to close the connections. |
| My Account section of its settings, then tap "App Protection" and confirm that you're using a PIN or fingerprint for protection. |
| If you really want to keep your account secure, Google also offers a souped-up option called Advanced Protection. It requires you to purchase physical security keys and then use those anytime you sign into your Google account. |
| Head into the Security section of your device's settings to get started this second, if you haven't already. Then pop over to the Devices section of the same settings menu to check up on exactly what devices are authorized to access the app. |
| First, think about the types of notifications you get and how much of that info you want to be visible on your lock screen — since anyone who gets their hands on your phone could easily see all that data. |
| The operating system is even looking out for SMS-based scams, and the Chrome for Android browser is keeping an eye out for web-based threats as well. |
| No matter how secure your Android phone itself is, someone could still snoop on your sensitive info if you're transmitting it over an insecure network. That's where virtual private networks, or VPNs, come into play; |
| Use parental controls to modify privacy settings for socialnetworking platforms, online games, applications, and other websites. Considerplacing time restrictions on all of your gadgets and keeping your PC in a well-litspace. |
| Install software, application and operating system updates as early and as often as possible. |
| I really hope that most people nowadays know that viruses are not the only security threat they need to worry about, but all too often, all that they do is install an often free anti-virus program. |
| Set your smartphone to lock after a short idle time, and set it to require authentication for unlocking. If at all possible, use something stronger than a simple-minded four-digit PIN. |
| Keep all applications up-to-date with the latest patches, and use a less-targeted browser such as Chrome or Firefox. |
| A staggering amount of information is sent via email every second, so it’s essential that all that data is properly secured For practical ways to get started. |
| The web pages you visit can also be tracked by cookies, which are small bits of text that are downloaded and stored by your browser. Browser plugins may also track your activity across multiple websites. |
| If your phone number ends up outside of your control, this means that 2FA codes can be stolen and any online account linked to this number is at risk of being hijacked. |
| Clearing out your cookie caches and browser histories can prevent ad networks from collecting too much information about you. The easiest way is to clear the cache (Firefox, Chrome, Opera, Safari, Edge). |
| It sounds simple, but many of us don't do it -- make sure your mobile device is locked in some way to prevent physical compromise. |
| The messaging app is a simple and secure means to conduct chats between either a single recipient or a group. To tighten things up, make sure you visit the Chat Backup option in "Chats" and turn it off. |
| Consider using a VPN it can help to keep your data and personal information secure, especially for those working on less secure networks. |
| Clear out your deleted files ,That said you might want to make sure certain sensitive files are completely obliterated and no longer able to be recovered. |
| Use secure passwords because it are easily cracked by hackers, particularly if you don't use sound password-creation practices. The best passwords contain uppercase and lowercase letters, numbers, and special characters. |
| Enable remote location and device-wiping incase,If your gadget is lost or stolen, tracking apps can tell you exactly where your phone is. These apps also let you wipe sensitive information remotely |
| Check your push notification settings on mobile devices In general, these notifications are valuable and make it easy to keep track of what's happening in your favorite applications. |
| Don't use Social Security numbers, phone numbers, addresses, or other personally identifiable information as passwords |
| Delete your internet history regularly no matter how careful you are with your phone, it's always a good practice wiping the browsing history. |
| Get a secure passcode because Passcodes are great for locking your device, but if you use something like 12345 or 00000, you're making it easy for hackers to bust into your phone and steal all of your data. |
| Ditch your reused passwords; data breaches often leak user credentials, including passwords. This can be hugely damaging for people who reuse the same passwords across accounts, and each additional charge amplifies your risk. |
| Limit the number of incorrect login attempts allowed to unlock devices. This will help protect against intruders. |
| Keep up-to-date antivirus software on devices that connect to your network, including mobile devices |
| Vendors take additional steps beyond logging in with a password to access your network — like a temporary code on a smartphone or a key inserted into a computer. |
| Regularly review permissions for apps on your devices. |
| Beware of shoulder-surfers when typing in your password, or sensitive information is displayed on screen |
| Consider buying a privacy filter for your screen if frequently working on sensitive materials in public |
| Set a screensaver password and lock your screen when leaving your computer |
| More than half of all cyberattacks are committed against small-to-midsized businesses (SMBs), and 60 percent of them go out of business within six months of falling victim to a data breach or hack. |
| There are nearly 5.3 billion unique mobile phone users in the world today, according to the latest data from GSMA Intelligence. Mobile security threats are on the rise: Mobile devices now account for more than 60 percent of digital fraud, from phishing attacks to stolen passwords. |
| Auto-locking is essential. Your device will come with a feature usually found in settings that will lock your device after a certain length of inactivity. This is important in case you ever have your device stolen or lose it. |
| Do you need bluetooth and Wi-Fi on? If you’re not using bluetooth or Wi-Fi features on your phone, then turn them off. This will increase your security and will reduce the chances of rogue devices connecting to yours. |
| Only download apps from trusted places. Use your devices built in app store and never download rogue apps from the internet as they can contain malware and more. |
| Learn how to set up parental controls to make sure your kid is not a victim of cyberbullying, online pedophiles and other forms of harassment. |
| Extend your smartphone's battery life by turning off Wi-Fi, radio, GPS and Bluetooth when not in use. |
| When you install a new app, it pays off to read the permissions and Terms and Conditions. |
| Virtually and physically lock up devices, assets and data storage. Make sure you lock your device any time you leave it unattended and also make sure devices auto-lock when idle and services are set to aggressively time out when not used. |
WiFi networks can pose a security risk as they can be vulnerable to hacking and man-in-the-middle attacks. To protect yourself, use a VPN, avoid accessing sensitive information on public networks, use a strong and unique password, and be cautious of unknown or suspicious networks. Also, ensure that your device is updated with the latest security patches and software to ensure the best protection.
| Wi-Fi Awareness Tips |
|---|
| The best way to avoid the pitfalls of public Wi-Fi is to simply avoid using it. Consider an unlimited data plan or your own portable travel router |
| Never send sensitive information like passwords over public Wi-Fi. Avoid using the same password for your social media, system account, and online banking. Resist the temptation to download pirated content, which may carry malware and/or subject you to legal penaltie |
| Use only secure wireless networks.The wireless network we use is responsible for transferring and sending data like username, password, card details and other sensitive data. If the wireless network we use is not secure then we are at risk and face undesirable consequences. |
| Protect your Service Set Identifier (SSID). All Wi-Fi routers allow users to protect their device’s SSID, which makes it more difficult for attackers to find a network. At the very least, change your SSID to something unique. |
| Connect only to private networks whenever feasible, especially while working with sensitive data. If a network isn't given by a reliable source,like the government, never connect to it. |
| It is best not to use a public, unsecured Wi-Fi connection at all. An alternative and far more secure method is always to use a mobile 4G/5G connection through your own mobile device when possible |
| Consider running all your Iot devices on a separate home network. Therefore, in the case of compromise, the damage can be limited. |
| Secure your router by Changing the default name and password, turning off remote management, and logging out as the administrator once the router is set up |
| Make sure your router offers WPA2 or WPA3 encryption and that it’s turned on. Encryption protects information sent over your network so outsiders can’t read it. |
| Change smartphone settings to stop automatic connections to public Wi-Fi. |
| If you offer Wi-Fi on your business premises for guests and customers, make sure it’s separate from and not connected to your business network. |
| Disable automatic connections to Wi-Fi networks and Bluetooth devices. |
| Use encryption to protect sensitive data when stored on devices or transmitted over networks. |
| Turn off Wi-Fi and Bluetooth when not in use to reduce the attack surface. |
| Enable firewalls on all devices and network components. |
| Disable unnecessary services and ports on network devices to reduce the attack surface. |
| Regularly run security scans and penetration tests to identify vulnerabilities in your network. |
| Use security solutions, such as firewalls and intrusion detection systems, to protect against attacks. |
| Use security best practices, such as regular security audits and vulnerability assessments, to maintain the security of your network. |
| Use security software, such as intrusion detection systems, to protect against network-based attacks. |
| Disable UPnP on your router to prevent the creation of unwanted inbound firewall rules |
| If you don’t need a wireless network, then avoid having one. Ethernet is better anyway |
| Use WPA2 and a strong password/key to secure your wireless networks |
| Set a custom SSID on your wireless network, this will make rainbow-table attacks significantly harder |
| Turn off your wifi card, either in the OS or using a physical switch (if you have one), when not in use. This is to prevent fake-ap attacks. Also disable Bluetooth when not in use |
| Turn off unnecessary network services (eg. file sharing, screen sharing, remote login) if unneeded or when not in use |
| When setting up or using network file transfers, try to use encrypted methods such as SFTP/FTPS and SCP |
| Use SSH Tunnels or IPSec VPNs to secure and/or anonymize browsing, email and other traffic on untrusted networks (and unencrypted wireless networks) |
| Remote desktop services such as VNC are usually unencrypted. You should definitely tunnel this traffic through SSH or VPN. |
| Use mechanisms such as Single Packet Authorization to protect high-risk services like SSH or VPN. |
| Set up a host or network-based intrusion detection system (eg. Snort) to alert you to suspicious activity on the network. |
Phishing is a common security threat that involves tricking individuals into providing sensitive information, such as login credentials or financial information, through the use of fake emails, texts or websites. To protect yourself from phishing, be suspicious of unsolicited emails, texts, or messages and do not click on links or provide personal information unless you are certain of the authenticity of the request.
| Phishing Awareness Tips |
|---|
| If an email seems "off" to you, do a quick Google search to see if similar phishing scams have been reported. |
| Today's phishing scams use sophisticated replicas of login pages. make sure the web address is correct. Never submit sensitive information like usernames, passwords, or credit card numbers through an HTTP website. |
| Learn how to recognize scams and manage your email.The majority of cyber attacks targeting businesses start with a single malicious email. Keep your operations running securely with email security & monitoring. |
| Hackers may also set up their own rogue honeypot Wi-Fi points that appear legitimate whilst only being interested in stealing the data of those who connect to it. |
| In an evil twin attack, the hacker sets up a false Wi-Fi network that looks real. If someone logs in to it and enters sensitive details, the hacker captures their info. |
| website spoofing, a hacker creates a fake website that looks legitimate. When you use the site to log in to an account, your info is collected by the attacker. |
| Smishing is an attack that uses text messaging or short message service SMS to execute the attack. A common smishing technique is to deliver a message to a cell phone through SMS that contains a clickable link or a return phone number. |
| Check to see if the website is secured and safe beforeproceeding. The most significant breeding grounds for data thieves and potential hackersare a number of insecure websites. To avoid data leaks, only visit websites withURLs that start with "https". |
| Search engine phishing, also known as SEO poisoning or SEO Trojans, is where hackers work to become the top hit on a search using a search engine. Clicking on their link displayed within the search engine directs you to the hacker’s website. |
| Pop-up phishing often uses a pop-up about a problem with your computer’s security or some other issue to trick you into clicking. You are then directed to download a file, which ends up being malware, or to call what is supposed to be a support center. |
| A clone phishing attack involves a hacker making an identical copy of a message the recipient already received. They may include something like “resending this” and put a malicious link in the email. |
| Use encryption it suggests encrypting emails, as they are often a target of cyberattacks. “Through encryption, content is disguised, so any sensitive information that comes up in a conversation will be seen only by the designated recipient. |
| Vishing is know as Connecting with users by making fake phone calls from renowned companies to steal users' confidential information like social security or credit card numbers.so avoid this type of calls. |
| Use email authentication technology to help prevent phishing emails from reaching your company’s inboxes in the first place. |
| The scammers may ask you to give them remote access to your computer — which lets them access all information stored on it and on any network connected to it |
| Scammers may try to sell you software or repair services that are weak or available elsewhere for free or enroll you in a worthless computer maintenance or warranty program. |
| If you get a pop-up message to call tech support, ignore it. Some pop-up messages about computer issues are legitimate, but do not call a number or click on a link that appears in a pop-up message warning you of a computer problem. |
| If someone spoofs your email Report the scam to https://cybercrime.gov.in/Webform/Helpline.aspx |
| Be wary of unsolicited phone calls or emails, especially if they request personal information. |
| Educate yourself about common types of cyberattacks, such as malware, phishing, and ransomware. |
| Be cautious when downloading software and only download from trusted sources. |
| Use a pop-up blocker and enable anti-phishing filters in your browser. |
| Be cautious when receiving emails from unknown or unexpected sources. |
| Use network segmentation and access controls to limit the spread of security incidents. |
| If you use and travel with a laptop, consider installing software (such as Hidden or Prey) that would help you with recovering it, if it gets lost or stolen. For iPhones, check out Apple’s free Find My iPhone service |
| Use a physical computer lock and secure it to the desk or other immovable object when leaving your computer in public or even workplace environment |
| Use a browser plugin (such as HTTPS Everywhere) that will enforce persistent SSL on specific sites |
| Regularly clear cookies to purge any unneeded or unwanted tracking cookies |
| Learn to recognise current phishing, vishing and other scams |
| If you connect to untrusted or unencrypted wireless networks, enforcing SSL is even more important |
| The most important piece of information is ‘Everybody has something of value to a hacker’. If you’re a one-man band or the biggest business in the world, hackers will always find something of value. |
| Did you know that 267 million records were breached in the UK during September 2020 alone due to cyber attacks and data breaches. |
| Here are two types of cyber attacks, targeted and non-targeted. Targeted attacks will go after specific users or businesses. Non-targeted attacks will cast a large net over the web and look for any vulnerable networks or systems. |
| Roughly one million more people join the internet every day. Cybersecurity Ventures expects there will be 6 billion people connected to the internet interacting with data in 2022, up from 5 billion in 2020 — and more than 7.5 billion internet users in 2030. |
| 66 percent of SMBs had at least one cyber incident in the past two years, according to Mastercard. |
| Overall, cryptomining, phishing, ransomware, and trojans averaged 10x the internet activity of all other threat types, according to a 2021 report by Cisco. |
| Enable mail server options to explicitly label emails that originate from outside the company. |
| Keep an eye out for strange requests, spelling and grammar mistakes, flashy click-bait content and other things that may seem “off.” |
| Everybody at some point will be a target for a cyber criminal. Your defences will determine how easy it is for the cyber criminal to get into your system. |
Banking security issues include online fraud, phishing attempts, hacking, and card skimming. To protect yourself, use strong and unique passwords, avoid using public Wi-Fi networks, be cautious of unsolicited emails or messages, and monitor your account regularly. Additionally, you should use two-factor authentication and a anti-virus software to protect your device. If you notice any suspicious activity on your account, contact your bank immediately.
| Banking Awareness Tips |
|---|
| Never give your personal or financial data out to someone who calls you. Government agencies/Legitimate Business will not insist Sensitive Data or Wire Transfers or Immediate Payments over the phone. |
| Write down your bank's customer service phone number and keep it on hand. If you lose your card or think your information has been compromised, call the number to freeze your accounts. |
| Always cover an ATM's keypad with your hand when entering your PIN. Be alert for shoulder surfers standing too close. |
| If you have trouble inserting your card, this may be a sign of an internal ATM Skimmer. Do not use the machine. |
| Closely monitor your credit rating, credit cards, and bank accounts. Set up text notifications that alert you to possible fraudulent activity. |
| Be aware of your surroundings. Shoulder surfers may try to snag usernames, passwords, and other sensitive information. |
| There are several methods by that cybercriminals might rob your money. Students are vulnerable as their understanding of money matters might not be strong, and they could easily fall prey to such crimes. |
| Check your bank statements on a weekly basis your online banking can help you do that easily. Look for suspicious activity and, if any, alert your bank, change all passwords related to that account and make sure to activate every security measure available.. |
| A common example of a smishing attack is an SMS message that looks like it came from your banking institution. Once the attacker receives the information, the attacker has control of your bank account. |
| when using debit cards, don't enter your PIN because Not entering you PIN into a keypad will help reduce the chances of a hacker stealing that number too, Young says. Crooks can do more damage with your PIN |
| Keep changing your UPI pin If you don't update your UPI pin every month, changing it every three months is best to keep your account secure. |
| Keyloggers occur when cybercriminals install malicious software on your device. Put, if you enter your credit card number on a platform for online purchases, cybercriminals can find it because you typed it on your keys, so be careful. |
| If you bought bogus services, ask your credit card company to reverse the charges and check your statement for any costs you disapproved. Keep checking your credit card statements to make sure the scammer doesn’t try to re-charge you every month. |
| Use a secure connection when accessing sensitive information, such as online banking. |
| Whenever you buy something online check your online banking straight after. Make sure everything is as it should be and the right amount has been withdrawn from your account. |
| Always read the terms and conditions! We know they’re tedious and boring to read, but it’s always good to know what you’re getting into. |
| Once you’ve finished online shopping always make sure you log out of your account |
Identity security issues include identity theft, phishing, hacking, and social engineering. To protect yourself, use strong and unique passwords, be cautious of unsolicited emails or messages, do not share personal information online and monitor your credit report regularly. Additionally, you should use two-factor authentication and a anti-virus software to protect your device. If you notice any suspicious activity on your account, contact your bank and credit bureaus immediately.
| Identity Awareness Tips |
|---|
Information security threats include hacking, data breaches, malware, phishing, and social engineering. To protect yourself, use strong and unique passwords, be cautious of unsolicited emails or messages, do not share personal information online, and keep your device and software updated. Use a anti-virus software and firewalls to protect your device, and backup your important data regularly. If you notice any suspicious activity or unauthorized access to your data, contact the relevant authorities immediately.
| Information Threats |
|---|
| If a suspicious caller claims to represent your Company, hang up and call the Manager directly to confirm and follow up. |
| Distrust any unattended device, whether a USB drive, laptop, or cell phone. |
| Bank PINs, account numbers, health information, and passwords should not be stored in address books. |
| Avoid clicking on links in text messages. Be suspicious of shortened URLs like bit.ly addresses, which may be used to hide a link's true destination. |
| Avoid sharing details about when you'll be away from home. Burglars may use this information to target your unoccupied residence. |
| The biggest threat you should consider is the security surrounding your devices and accounts; all it takes is 20 minutes a year to ensure your setup is sound. |
| Always maintain a copy of your data on hand. Thesedays, finding economical storage options is simple. Remember that dangerous threats and hackers may just wish to encrypt or delete your data rather than steal it. Back it up, so you have the best recovery tool possible. |
| Nothing is free. This is particularly true for apps or software. Free often means if you give us access to your personal data. |
| Learn who’s collecting your personal data, how they intend to use it, for how long, and whether they will share what they collect from you. |
| Don’t be scared or pressured into clicking on anything, even though the email may seem urgent the more urgent the email, the higher the chances of infection. |
| The hacker gets in “the middle” of two parties and tries to steal information exchanged between them, such as account credentials.so beware of man in the middle attacks |
| Always follow secure browsing When looking for customer service phone numbers, try using the official website rather than Google. Scammers sometimes post phone numbers on websites that appear authentic or authorized but are fraudulent. so beware of it. |
| Maintain physical control over your devices. Theft of laptops and smartphones is prevalent in some public locations. “Take your laptop everywhere because the data can be safe and secure. |
| When paper files or electronic devices contain sensitive information, store them in a locked cabinet or room. |
| Be cautious when downloading free games, music, and other media. |
| Store sensitive information in a secure location and use encryption if necessary. |
| Regularly back up important data to prevent loss in the event of a security breach or device failure. |
| Regularly back up important data to a secure, off-site location. |
| Regularly monitor network traffic for unusual activity that may indicate a security breach. |
| Use security information and event management (SIEM) software to centralize and analyze security events. |
| Implement data classification policies to ensure sensitive data is protected appropriately. |
| Regularly backup important data and store it in a secure location, such as an off-site data center. |
| Use security best practices, such as data classification and access controls, to ensure sensitive data is protected. |
| Use secure wiping functionality (Disk Utility) or tools (DBAN) to erase drives/devices before giving or selling them on |
| Use Tor to anonymize web browsing, but beware that the destination/content of your browsing may be visible to a third party (use SSL!). |
| Be mindful of the type and quantity of information you divulge online (aka. oversharing), as it may be used against you. Even information in ‘private’ services can come out for a number of reasons |
| Think before posting your location on location-aware services (Foursquare, Facebook, etc), and consider what the effects could be of doing so, particularly if this is something you do on a regular basis. |
| Many types of documents are embedded with some form of personally-identifying information which may include your name, contact details or location. If you are distributing documents online, text or images, be sure to remove undesirable meta-information. |
| Your cyber security is only as strong as the weakest or least trained person using the network. If you work in a business make sure everybody has at least a basic understanding of cybersecurity. |
| A report from Cybersecurity Ventures predicted ransomware damages would cost the world $5 billion (USD) in 2017, up from $325 million in 2015 — a 15X increase in just two years. The damages for 2018 were predicted to reach $8 billion, for 2019 the figure was $11.5 billion, and in 2021 it was $20 billion — which is 57X more than it was in 2015. |
| VC funding rounds are larger than ever. More than 30 cybersecurity companies raised $200 million or more in 2021. |
| The Hindu Business Line cites a report from Michael Page, a global recruiting consultancy, which states that India alone is expected to have more than 1.5 million job vacancies in cybersecurity by 2025. |
| The U.S. Bureau of Labor Statistics projects “information security analyst” will be the 10th fastest growing occupation over the next decade, with an employment growth rate of 31 percent compared to the 4 percent average growth rate for all occupations. |
| The U.S. Bureau of Labor Statistics reports African Americans make up a scant 3 percent of infosec analysts in the U.S. today. |
| CISSP (Certified Information Systems Security Professional) is the world’s premier cybersecurity certification granted by the International Information System Security Certification Consortium, also known as (ISC)². As of Jan. 2022, there are 152,632 (ISC)² members holding the CISSP certification worldwide. |
| CISOs are job-hopping faster than most — with Cybersecurity Ventures recently finding that 24 percent of Fortune 500 CEOs have been working in their roles for just one year, on average. Just 16 percent have been working in their current roles for two years, while 13 percent have lasted a whole three years. |
| Added together, the world’s internet users will spend more than 1.3 billion years of human time online in 2021, according to DataReportal. |
| More than half of U.S. consumers think biometric authentication methods are faster, more convenient and more trustworthy than passwords or PINs — but less than 10 percent are using biometric authentication. |
| Cybercrime is increasingly being directed at high net worth individuals and family offices. According to a study featured by Barclays Private Bank, more than a quarter of ultra-high-net-worth (UHNW) families, family offices and family businesses, with an average wealth of $1 billion USD, have been targeted by a cyberattack. |
| Did you know that 267 million records were breached in the UK during September 2020 alone due to cyber attacks and data breaches. |
| You should never click pop up ads as this is a popular way for cyber-criminals to infect devices. |
| Nearly half (46 percent) of Cisco 2021 Consumer Privacy Survey respondents feel they are unable to effectively protect their data today. |
Social engineering is a tactic used by attackers to manipulate individuals into disclosing sensitive information or performing actions. This can include phishing emails, phone scams, pretexting, and baiting. To protect yourself, be cautious of unsolicited emails or messages, do not click on links or provide personal information unless you are certain of the authenticity of the request, and educate yourself on the different types of social engineering tactics. Be skeptical of calls or emails that request personal or financial information and do not hesitate to hang up or delete them.
| Social Engineering Awareness Tips |
|---|
| We recommend only sharing your location temporarily or only while using the app. This will reduce the amount of data an app can collect on you and your location. However, cybercriminals are constantly finding new ways to compromise your data. It's always better to be safe than sorry. |
| Protect your reputation on social networks. What you post online stays online. Think twice before posting pictures you wouldn't want your parents or future employers to see. |
| Make sure you have the latest version of all installed software. Although Java or PDF software is commonly targeted, few actually take the time to install the latest security updates; |
| Third-party data collectors are as significant a threat to privacy as government surveillance. |
| A bot is software designed to perform whatever tasks the hacker wants it to. It is controlled by command and control to mine for bitcoins, send spam, or launch an attack as part of a distributed denial of service DDoS attack. |
| An attacker would execute a domain spoofing attack by creating a fraudulent domain made to look like a real institution site, for example. When users go to the site and enter any information, it is sent straight to hackers who could use it or sell it to someone else. |
| Perform penetration testing It's always better for you to hack yourself before an attacker does it for you. You should evaluate the security of your cloud infrastructure by simulating a cyberattack. . |
| Block IP addresses associated with suspicious behavior Using the right threat intelligence tools can alert you about impending attacks. You can learn about malicious URLs, IPs, and domains that could target your organization's network and take the required action to block them. |
| Backup Your Cloud Storage because In case of any breaches, you might want to wipe out all the data to mitigate the data loss. In some cases, employees might accidentally delete crucial company data That’s why it’s always a good idea to back up the data you store in the cloud. |
| Be overly cautious when sharing personal information, this tip applies to both the online and offline worlds Who is asking for your personal information, such as your Social Security number or credit card information |
| Implement a cyber security policy. It’s crucial for companies to not only implement a cybersecurity policy for remote workers but also ensure that employees are aware of their role in keeping company data secure. |
| Train everyone who uses computers, devices, and network about cybersecurity. You can help employees understand their risk and crucial workplace role. |
| Include provisions for security in your vendor contracts, like a plan to evaluate and update security controls, since threats change. Make the security provisions that are critical to your company non-negotiable. |
| Be careful when using social media, avoid clicking on links from unknown sources and limit personal information shared. |
| Use security awareness training to educate employees about information security risks and best practices. |
| Regularly perform security audits to assess the effectiveness of your security measures. |
| Train employees to avoid sharing sensitive information over the phone or through unsecured email. |
| Train employees to recognize and avoid phishing scams, such as emails or phone calls requesting sensitive information. |
| Train employees to be vigilant when using public Wi-Fi networks, as these networks may not be secure. |
| Know your rights to privacy in your country, both in private and at work |
| Report those unwilling or unable to produce a valid badge/pass to security |
| Be aware that almost any device can be used to record audio and/or video, including smarphones, music players, pens, etc. |
| A massive 78% of burglars say they check Facebook and Twitter for potential targets. Never share your location! |
| The biggest cause of poor cybersecurity is human error. While computers get smarter and smarter, people are still making the same fundamental errors when it comes to cybersecurity. |
| Do you use the webcam on your laptop? If you answered no, then tape over it. This may make you look a little paranoid, but it’s a logical way of being more secure. Even Facebook’s owner does it! |
| CNA Financial, one of the largest insurance companies in the U.S., reportedly paid hackers $40 million, the largest ransom ever, after a ransomware attack blocked access to the company’s network and stole its data, according to a report from Bloomberg. |
| Cryptocrime, or crimes having to do with cryptocurrencies, are predicted to cost the world $30 billion in 2025, up from an estimated $17.5 billion in 2021, according to Cybersecurity Ventures. |
| Crypto scam revenue in 2021 topped $7.7 billion, up 81 percent compared to 2020, according to the blockchain data platform Chainalysis. |
| Cybersecurity Ventures predicts the cyberinsurance market will grow from approximately $8.5 billion in 2021 to $14.8 billion in 2025, and exceed $34 billion by 2031, based on a CAGR (compound annual growth rate) of 15 percent over an 11-year period (2020 to 2031) calculated. |
| Cybersecurity Ventures tracked more than $23 billion in venture capital devoted to cybersecurity companies in 2021. |
| Cryptocrime, or crimes having to do with cryptocurrencies, are predicted to cost the world $30 billion in 2025, up from an estimated $17.5 billion in 2021, according to Cybersecurity Ventures. |
| 50 percent of large enterprises (with over 10,000 employees) were spending $1 million or more annually on security last year, with 43 percent spending $250,000 to $999,999, and just 7 percent spending under $250,000, according to Cisco. |
| Global spending on security awareness training for employees (previously one of the most underspent cybersecurity budget items) is predicted to reach $10 billion by 2027, according to Cybersecurity Ventures. |
| Cybersecurity Ventures predicts the cyberinsurance market will grow from approximately $8.5 billion in 2021 to $14.8 billion in 2025, and exceed $34 billion by 2031, based on a CAGR (compound annual growth rate) of 15 percent over an 11-year period (2020 to 2031) calculated. |
| Cybersecurity Ventures tracked more than $23 billion in venture capital devoted to cybersecurity companies in 2021. |
| VC funding rounds are larger than ever. More than 30 cybersecurity companies raised $200 million or more in 2021. |
| U.S.-based cybersecurity firms led the way in obtaining venture funding dollars in 2021, with Israel-based companies coming in second, according to Crunchbase. |
| A Fact Sheet published by The White House announced that IBM will train 150,000 people in cybersecurity skills over the next three years, and they will partner with more than 20 historically black colleges and universities to establish cybersecurity leadership centers to grow a more diverse cyber workforce. |
| The world’s first CISO was anointed in 1994, when financial services giant Citigroup (then Citicorp) set up a specialized cybersecurity office after suffering a series of cyberattacks from Russian hackers. |
| 100 percent of Fortune 500 companies employ a CISO or equivalent in 2022, up from 70 percent in 2018. |
| Women filled 17 percent of Fortune 500 CISO positions in 2021 (85 out of 500 companies) according to a study by Cybersecurity Ventures. |
| A recent survey of security executives found that 51 percent reported experiencing “extreme stress or burnout” during the past year, with 65 percent saying they were considering leaving their jobs because of it. |
| Cybersecurity Ventures predicts the global healthcare cybersecurity market will grow by 15 percent year-over-year over the next five years, and reach $125 billion cumulatively over a five-year period from 2020 to 2025. |
| By 2023, there will be 3X more networked devices on Earth than humans, according to a report from Cisco. And by 2022, 1 trillion networked sensors will be embedded in the world around us, with up to 45 trillion in 15 years. |
| The research team at Cybersecurity Ventures predicts the world will need to secure 338 billion lines of new software code in 2025, up from 111 billion lines of new code in 2017, based on 15 percent year-over-year growth in new code. |
| Some estimates put the size of the deep web (which is not indexed or accessible by search engines) at as much as 500 times larger than the surface web, and growing at a rate that defies quantification. The Darknet, a subset of the darkweb, or deepweb, is a place where illegal activity thrives and criminals function in perceived anonymity, according to the U.S. Department of Homeland Security. |
| Multi-factor authentication (MFA) a.k.a. two-factor authentication (2FA) should be turned on 100 percent of the time, but it may only be 50 percent effective. Hackers have spent years closely studying MFA systems, poking and prodding them to understand how they work and where they may be vulnerable — and figuring out how they can be bypassed or compromised. |
| There are 30 million small businesses in the U.S. that need to stay safe from phishing attacks, malware spying, ransomware, identity theft, major breaches and hackers who would compromise their security,” says Scott Schober, author of the popular books “Hacked Again” and “Cybersecurity Is Everybody’s Business. |
| A Better Business Bureau survey found that for small businesses — which make up more than 97 percent of total businesses in North America — the primary challenges for more than 55 percent of them in order to develop a cybersecurity plan are a lack of resources or knowledge. |
| There are currently more than 1,900 distinct hacking groups that are active today, a number that grew from 1,800 groups recorded at the end of 2019, according to The Record. |
| The modern definition of the word “hack” was first coined at MIT in April 1955, and the first known mention of computer hacking occurred in a 1963 issue of The Tech. |
| There are more than 250 hacker and cybersecurity movies from 1956 to 2022 featured in the latest edition of the “Hackers Movie Guide” published by Cybercrime Magazine. |
| One of the easiest and most effective cyber security tips to implement is to look at the passwords you use online. Are there two the same? If so change one of them immediately! Never use the same password for two different accounts. |
| The world’s first and only 7x24x365 Internet radio station devoted to cybercrime and cybersecurity, WCYB Cybercime Radio, launched live from Long Island (Northport, N.Y.) on Jul. 15, 2021 to a worldwide audience. |
Malware is a type of software specifically designed to harm a computer or network. It can take the form of viruses, worms, trojans, ransomware, and spyware. To protect yourself, use a anti-virus software and keep your device and software updated, be cautious of clicking on links or downloading attachments from unknown sources, and use a firewall to protect your device from unwanted connections.
| Malware Awareness Tips |
|---|
| Watch out for fake online persons or spoofed accounts of real people. Before accepting any financial assistance or providing any personal information, always verify the identity of the person you're connected to. |
| If you suspect your device has been infected by malware, Use Anti-Malware tools or report the issue to the National Cyber Crime Hotline for Guidance. |
| Only download software directly from manufacturers and other trusted sources. Across the web, hackers use convincing fakes (urgent update alerts, download pages, etc.) to spread malware and ransomware to unsuspecting users. |
| Don’t trust anything on the internet even legal sites could end up delivering malware. |
| While there are hundreds of legitimate sites from which digital content can be downloaded, there are thousands more that offer bonus, and harmful content, filled with malware designed to steal your financial and other personal information. |
| How badly do you need to use someone else’s computer You can never know if someone else’s computer is infected with malware, has a keylogger that tracks and stores everything you type on the keyboard or is simply unsafe. |
| Malware creators often sell their malicious code, which is often modular and comes with pre-coded targets ready to be infected. Consequently, the malware economy is kept alive through this way of doing “business”.so be aware of it. |
| The most common way that such malware can infiltrate your smartphone is through the installation of malicious apps, which may actually be malware, spyware, or adware in disguise. |
| The malware could contain anything from a banking Trojan to a bot short for robot. The banking Trojan watches your online activity to steal more details from you – often your bank account information, including your password. |
| Thieves don't always go after credit and debit cards; sometimes, they steal important government-issued identification numbers, such as driver's license numbers or Social Security numbers in attempt to assume another individual's identity. |
| Adware also known as the popup ads, clicking on adware lags your computer,mobile down or infects it with malware. refrain clicking on anything you are unaware of. |
| Protect Your Network from Ransomware protecting your business network from a ransomware attack takes a layered approach, which includes the ability to recover quickly and cybersecurity measures to keep ransomware from infecting devices on your network. |
| Monitor your computers for unauthorized personnel access, devices (like USB drives), and software. |
| IF YOU’RE ATTACKED, Limit the damage. Immediately disconnect the infected computers or devices from your network. If your data has been stolen, take steps to protect your company and notify those who might be affected. Contact the authorities |
| Use encryption for all data transmitted over the internet, including emails and instant messages. |
| Don’t plug in unknown or suspicious USB devices into your computer |
| Be suspicious of calls or emails from unknown individuals asking for information. This could be as benign as someone’s contact details. |
| Did you know? 99% of computers are vulnerable to exploit kits. Old software will always be more vulnerable that the most up to date software. |
| Ransomware can be a targeted or non-targeted attack. This is where a user will get locked out of their device and attackers will usually demand a fee for the data to be given back. |
| If you’re unfortunate enough to suffer from a ransomware attack, you should never pay the money. Even if you meet their demands, there’s no guarantee you’ll get the money back. Therefore, you should keep a backup of your data. |
| Ransomware will cost its victims more around $265 billion (USD) annually by 2031, Cybersecurity Ventures predicts, as perpetrators progressively refine their malware payloads and related extortion activities. The dollar figure is based on 30 percent year-over-year growth in damage costs over the next 10 years. |
| It is estimated that an organization suffered a ransomware attack every 11 seconds in 2021, according to Cybersecurity Ventures, and it is expected there will be a new attack on a consumer or business every two seconds by 2031. |
| Every week, an aviation actor suffers a ransomware attack somewhere in the world. |
| The Yahoo hack in 2016 is still widely considered the world’s largest data breach ever. In Sep. 2016, Yahoo said that data associated with at least 500 million accounts had been stolen. Three months later, it disclosed a second breach — the one that’s been revealed to have affected all three billion customer accounts that existed at the time. |
| The first computer virus, Creeper, was named after a Scooby-Doo cartoon show character. Creeper was written in 1971 by BBN computer programmer Bob Thomas. BBN, Bold, Beranek, and Newman, now Raytheon BBN Technologies, developed packet switching networks for ARPANET. |
| Brain is the industry standard name for a computer virus that was released in its first form in Jan. 1986, and is considered to be the first computer virus for the IBM Personal Computer (IBM PC) and compatibles. |
| Do you use the webcam on your laptop? If you answered no, then tape over it. This may make you look a little paranoid, but it’s a logical way of being more secure. Even Facebook’s owner does it! |
| Disinfect USB devices as soon as you plug them into your computer, they might contain malware |
| Avid gamer or not, don't download executables from rogue websites or torrent trackers. |
| Use an antivirus with anti-spyware capabilities or install a free adware removal tool to get rid of annoying adware. |
| Before computer hacking, there was phreaking. The “ph-” was for phone, and the phreaks liked to reverse engineer the system of tones that telecommunications companies used for long-distance dialing. |
| To protect from Ransomware Attacks, - Never click on unsafe links - Do not open suspicious email attachments - Never use unknown USB sticks - Use only known download sources - Use VPN services on public Wi-Fi networks - Leverage trusted Anti-Ransomware Softwares |
Cybersecurity is an important topic for students to understand as they navigate the digital world. Students, parents, faculty, and staff should be aware of the various types of cyber threats such as phishing, malware, social engineering, suspicious links, unverified apps and take steps to protect their personal and sensitive information.