(By Greg Scasny) 2020 has been one hell of a year, and it isn’t over yet. The pandemic, riots, the election, Tiger King, murder hornets, aliens… well you get the point. All this chaos and confusion is just the type of thing that cyber-criminals thrive on to try and scam you and separate you from your hard earned dollar and personal information. You need to be diligent this holiday season.
Here are some tips to keep you safer online during the craziness of 2020:
Be aware of Pandemic (Covid-19) related social engineering attempts.
- Covid 19 related scams are one of the most used social engineering scams. Fake emails (phishing), fake texts (smishing), fake social media posts and fake phone calls preying on people’s fears and misunderstandings of Covid 19 are being used by scammers on a daily basis. You need to pay extra attention to communications sent to you about Covid-19, especially if you have tested positive at any time. Never send any personal information via email or social media. When in doubt, contact your doctor or the health department if someone is contacting you regarding Covid-19 to verify.
Be aware of Election scams via social engineering.
- Just like Covid-19, the Election is another vector scammers are using to steal information that can be used for Identity Theft. You need to be very cautious of unsolicited emails, texts, social media posts and phone calls that ask for donations and information when it comes to the Elections. When in doubt, be sure to visit your candidates official website and the official website of the Supervisor of Elections for your county. Never give out information from unsolicited contact attempts.
Be aware of giveaways, quizzes and fake friend requests on social media
- If something sounds too good to be true, it probably is. You never get something for nothing. Many of the giveaways and contests on Facebook and other social media platforms are scams designed to steal your personal information. Trust me, Oprah isn’t giving away Range Rovers on Facebook.
- Be wary of getting friend requests from people you are already friends with. It is extremely easy to copy someone’s profile on Facebook and create a new account with the same name, profile pictures, etc. and these scammers will try and steal your friends lists and your personal information. Always verify, and never trust.
Passwords matter!
- I know people hear this all the time, but take this from someone who abused bad passwords for a living, passwords matter. The longer the better. Using  a pass-phrase that is long (12+ characters) and easy for you to remember is your best bet.
- Use a different password for every site. This is a pain, but extremely important. If a site you shop on is compromised and your password is exposed, the only risk to you is that single site if you use different passwords for every site. If you use the same password for every site you visit (i.e. your bank website), then a breach of one site will give the hackers access to all your sites.
- Use a password manager. There are many great options available, and even free ones like KeepassXC that are available for every platform. This makes managing secure passwords for multiple sites much easier.
Use 2 Factor authentication whenever possible.
- 2 factor authentication is the process of setting up an additional means of identifying yourself with something you have (cell phone is the most common). This makes it much more difficult for hackers to access a site or service, even if they have your legitimate password. There are many providers of 2-factor authentication, and most sites can utilize Google Authenticator (free). Try to avoid 2 factor systems that rely on SMS (texting) of your 2nd factor, as that is not a secure way to provide a second factor.
Hopefully some of these tips will help you stay safer online and avoid the scams and hackers!
Fort Myers Beach resident Greg Scasny is an expert in cyber-security and can be reached at greg@cigent.com