In this blog, I've created some memes to add some humor whilst spreading cyber security awareness. While developers can try hard enough to produce a secure application, it is of no use if the end users are careless in their part. As users, we must protect our data and online accounts to the best of our ability.
Note that this blog is also meant to be suitable for audiences who do not have a technical background, that's why I've tried to keep it as simple as possible. However, you can read more about these topics if you wish to gain in-depth understanding.
1. Update, update, update!
A vulnerability is a weakness in a software that can be exploited by attackers. When developers figure out these vulnerabilities, they patch them and release updates for you to install. As an end user, it is your responsibility to make sure that the services you use are up to date. Turning on automatic system updates will make this task easier.
2. AV & F
Anti-virus is a software that helps to block known malware and viruses. It is recommended to use only one AV on your device.
A Firewall filters incoming & outgoing traffic from the internet to screen out malicious traffic. While Operating systems come with a built-in firewall, you can also purchase external firewalls (like Palo Alto) as per your needs. You can also configure advanced settings in the firewall based on what services and ports you want to use.
3. $tr0ng P@$$w0rd$
I can't emphasize this enough. Today almost all the services and applications we use require us to create an account. It is very important to create strong and complicated passwords to protect your account from unauthorized access. Your password should be at least 20 characters long. If you have trouble remembering passwords, use a password manager (like LastPass) instead. It will generate complicated passwords for you and keep them in one place.
4. MFA
Multi-factor authentication provides an added layer of security to your account by requiring multiple credentials using login. Even if an attacker gets access to your password, he/she would also require something like an OTP or a PIN to authenticate into your account. Almost every application has an option of enabling 2FA/MFA, so make use of it.
5. Phishing vs legitimate email
Given the number of phishing scams going on nowadays, it is extremely essential to be able to differentiate between a fake and a legitimate email. A phishing email may steal your credentials by redirecting you to a fake website that looks exactly like the original.
You can go through this link for information regarding how to differentiate between the two.
6. Protect PII
PII stands for Personal Identifiable Information. It is used to identify or locate an individual. Some examples of PII are: Name, Date of birth, Phone number, Address and Social Security Number. An attacker may use this information to gain leverage upon you or impersonate you.
Therefore, it is recommended to share minimal information on social media.
7. Backup
In a circumstance where your data is corrupted, it is beneficial to have one or more backups in a different media (hard disk, USB drive) and in cloud storage. This way, you'll be able to restore your important data. The frequency of backups would depend upon how often you update your data. Now, while you have a copy of your data on external media, make sure to encrypt & protect it. In case of cloud storage, you can use MFA on your account for additional security.
8. Public Wi-Fi
An underrated step is to connect to a VPN while browsing over public Wi-Fi. When you're in a public place (like Airport, coffee shop), your communication might be intercepted by an attacker (Man-in-the-middle). While it's always better to avoid connecting to a public Wi-Fi, there could be a situation where you absolutely need to. That's when you should use a VPN.
Note that this blog is also meant to be suitable for audiences who do not have a technical background, that's why I've tried to keep it as simple as possible. However, you can read more about these topics if you wish to gain in-depth understanding.
1. Update, update, update!
A vulnerability is a weakness in a software that can be exploited by attackers. When developers figure out these vulnerabilities, they patch them and release updates for you to install. As an end user, it is your responsibility to make sure that the services you use are up to date. Turning on automatic system updates will make this task easier.
2. AV & F
Anti-virus is a software that helps to block known malware and viruses. It is recommended to use only one AV on your device.
A Firewall filters incoming & outgoing traffic from the internet to screen out malicious traffic. While Operating systems come with a built-in firewall, you can also purchase external firewalls (like Palo Alto) as per your needs. You can also configure advanced settings in the firewall based on what services and ports you want to use.
3. $tr0ng P@$$w0rd$
I can't emphasize this enough. Today almost all the services and applications we use require us to create an account. It is very important to create strong and complicated passwords to protect your account from unauthorized access. Your password should be at least 20 characters long. If you have trouble remembering passwords, use a password manager (like LastPass) instead. It will generate complicated passwords for you and keep them in one place.
4. MFA
Multi-factor authentication provides an added layer of security to your account by requiring multiple credentials using login. Even if an attacker gets access to your password, he/she would also require something like an OTP or a PIN to authenticate into your account. Almost every application has an option of enabling 2FA/MFA, so make use of it.
5. Phishing vs legitimate email
Given the number of phishing scams going on nowadays, it is extremely essential to be able to differentiate between a fake and a legitimate email. A phishing email may steal your credentials by redirecting you to a fake website that looks exactly like the original.
You can go through this link for information regarding how to differentiate between the two.
6. Protect PII
PII stands for Personal Identifiable Information. It is used to identify or locate an individual. Some examples of PII are: Name, Date of birth, Phone number, Address and Social Security Number. An attacker may use this information to gain leverage upon you or impersonate you.
Therefore, it is recommended to share minimal information on social media.
7. Backup
In a circumstance where your data is corrupted, it is beneficial to have one or more backups in a different media (hard disk, USB drive) and in cloud storage. This way, you'll be able to restore your important data. The frequency of backups would depend upon how often you update your data. Now, while you have a copy of your data on external media, make sure to encrypt & protect it. In case of cloud storage, you can use MFA on your account for additional security.
8. Public Wi-Fi
An underrated step is to connect to a VPN while browsing over public Wi-Fi. When you're in a public place (like Airport, coffee shop), your communication might be intercepted by an attacker (Man-in-the-middle). While it's always better to avoid connecting to a public Wi-Fi, there could be a situation where you absolutely need to. That's when you should use a VPN.
