Be Cautious About What You Click and Access
October 1, 2021By: Kim Shopper
Categories: High Tech, In the Community
Many of today’s cyber-attacks target individual users. The goal of the attackers is to fool you into clicking a link or file that contains malware and lets them into your system. Sometimes the messages will even come right out and ask you to divulge sensitive information under the guise of a trusted service provider or government agency. Here are some tips to help you easily spot suspicious email or web pages.
Phishing Email
Phishing emails are meant to entice users into unsafe behaviors by mimicking trusted senders. The emails are frequently crafted to appear as though they were sent from trusted businesses or government agencies. Phishing emails may appear as if they were from Amazon, AT&T, the IRS, the Treasury Department, various county governments, and a host of others.
Spotting a Phishing Email
Here are some tips on how to spot phishing emails.
- Ask yourself if you do business with whomever the sender is. If you don’t use AT&T, for example, there is probably not a problem with your account.
- Keep an eye out for misspelling and bad grammar. Many of these attacks originate from other countries and can be easy to spot.
- Look for odd domain extensions. Common extensions are .com, .org, and .gov. If you see odd extensions be wary.
- The message threatens punitive action. Some hackers will try to prompt you into unsafe behavior by threatening fines or penalties. If you think it might be a legitimate message, pick up the phone and call them to verify; don’t click any links, files, or images.
- It looks too good to be true. Like many things in life, if it looks too good to be true it generally is. Don’t click that link for a chance at a free laptop or $100 coffee shop gift card, unless you are 100% certain of the sender.
Fake URL’s
A URL is the address for a web page. Hackers frequently use web pages to deliver malicious code. They can be pretty creative about masking the addresses to their web servers. We all know that when you click on a hyperlink in a message, email, and sometimes images it will take you to a webpage. For the sake of convenience and appearance the address of the web pages are hidden. You can’t look at a link and know where it will take you.
The obvious question then is how do you protect yourself? Just remember two key words: Awareness and Context. Always be AWARE that when you click a link you are blindly trusting in the good will of whomever created the link. Always remember the CONTEXT of the media being used to present the link. Are you on a secure site for a well established business? Is it a government website? Was it an email that you were expecting? Taking the context into account will help you identify suspicious situations.
Why Is Cybersecurity Important?
As of January 2021, there are an estimated 4.66 billion active internet users worldwide - 59.5 percent of the global population. Of this total, 92.6 percent (4.32 billion) accessed the internet via mobile devices. This number will only grow, making the need to protect your digital identity and devices more important than ever.
Cybersecurity is the art of protecting networks, devices, and data from unlawful access or criminal use and the practice of guaranteeing confidentiality, integrity, and availability of information. Communication, transportation, shopping, and healthcare are just some of the things that rely on computers systems and the Internet now. Much of your personal information is stored either on your computer, smartphone, tablet or possibly on someone else’s system. Knowing how to protect the information that you have stored is of high importance not just for an individual but for an organization and those in it.
Did You Know?
- As of 2021, there is a ransomware attack every 11 seconds, up from 39 seconds in 2019.
- In 2020, there was a twofold increase in the percentage of healthcare organizations being impacted by ransomware globally and healthcare is the #1 most targeted industry in the U.S.
- The healthcare sector faced a significant number of ransomware attacks in 2020 with 560 healthcare provider facilities falling victim to ransomware, impacting over 26 million patients’ records.
- The presence of ransomware (or any malware) on a covered entity’s or business associate’s computer systems is a security incident under the HIPAA Security Rule.
- The United States Department of Health and Human Services considers Ransomware, “an impermissible disclosure of PHI” – a breach is presumed.
At North Kansas City Hospital and Meritas Health, we are commited to keeping your private health information secure and safe.
Simple Tips
- If You Connect, Protect. Whether it’s your computer, smartphone, game device, or other network devices, the best defense against viruses and malware is to update to the latest security software, web browser, and operating systems. Sign up for automatic updates, if you can, and protect your devices with anti-virus software.
- Double your login protection. Enable multi-factor authentication (MFA) to ensure that the only person who has access to your account is you. Use it for email, banking, social media, and any other service that requires logging in. If MFA is an option, enable it by using a trusted mobile device such as your smartphone, an authenticator app, or a secure token.
- Shake up your password protocol. You should consider using the longest password or passphrase permissible. Get creative and customize your standard password for different sites, which can prevent cyber criminals from gaining access to these accounts and protect you in the event of a breach. Use password managers to generate and remember different, complex passwords for each of your accounts.
- Be up to date. Keep your software updated to the latest version available. Maintain your security settings to keeping your information safe by turning on automatic updates so you don’t have to think about it, and set your security software to run regular scans.
- Watch for Phishing. The goal is to gain information about you and use your information to make unauthorized purchases or gain access to a secure system. Be suspicious of unexpected emails and always check email address sources to make sure the email is not coming from a fake website.
- Be wary of hyperlinks. Avoid clicking on hyperlinks in emails and hover over links to verify authenticity. Also ensure that URLs begin with “https.” The “s” indicates encryption is enabled to protect users’ information.