I received an email (from my own email address) with the subject line: “RE: You have an outstanding payment.” The body of the email states that I (a.k.a. whoever used my email address to send me the message) had obtained access to my devices, tracked my activities, and installed a Trojan virus. Allegedly, the sender had downloaded all my personal data and said they discovered I was a huge fan of a particular type of website. Then came the threat that if I did not transfer $1,750 USD to a Bitcoin account, my “adult watching activities” would be shared online.
This type of email communication is a common scam. I do not engage in “adult watching activities,” so it was easy for me to recognize it wasn’t a legitimate threat.
Still, it’s scary.
According to The Relationships in America data, 43 percent of men and 9 percent of women report watching pornography in the past week. That tells me there’s a high probability that an email demanding payment, like the one I received, might prompt a fair share of people to send money for fear of exposing their online activities.
Cybersecurity has been on my mind — and for a good reason. A #Strella team member was recently hacked on Facebook. It created a myriad of headaches resulting in the loss of her personal page, business page, and four clients due to the hacker stealing money from the credit cards tied to their ad accounts.
It’s terrifying to imagine what hackers are capable of. I asked my attorney to review my 56-page cyber policy to ensure our company and our customers are protected should a hack occur. Also, I’m drafting a cyber policy for my contractors to ensure they have minimum security protocols in place. Meanwhile, I am learning everything I can about how our remote team can help prevent attacks by cyber trolls.
You likely share many of my concerns, so I want to share some of the knowledge I’ve gained thus far.
9 Cybersecurity Best Practices
1. Separate your family and business IT Networks.
While you control your own online activity, you don’t have as much power over your family members’ actions. It may be difficult to recognize if they’ve visited an infected website. Moreover, if you’re all tied to the same network and their devices (e.g., iPhones, tablets) get infected, your work computers can also become compromised.
2. Install anti-malware or antivirus software.
I recommend Norton or McAfee, but there are dozens of software providers that help protect against fraudulent activity.
3. Turn off your computer when you’re not using it.
Small businesses are more vulnerable to attacks when leaving the computer running all the time. I’ve made it a practice to complete a full shut-down when I’m done for the day.
4. Beware of phishing scams.
Hackers have become quite skilled at sending emails that look legitimate. Avoid clicking any suspicious links because they could compromise your business email and connected accounts.
5. Enable two-factor authentication.
Use two-factor authentication, which provides an extra layer of protection against hackers, for any and all accounts that give you the option to do so. Some websites even offer multi-factor authentication, requiring multiple pieces of information to gain access to accounts.
6. Be careful about where you plug in your phone.
You should only plug your devices into physical connections you trust. Avoid plugging directly into the USB sockets in public places like airports or restaurants. There is no way to tell if someone tampered with those outlets.
7. Refrain from using public Wi-Fi.
Public Wi-Fi provides an open door to your device and data. When working in a public space, use a secure VPN or mobile hotspot to access the internet to avoid potential security issues.
8. Create “strong and long” passwords.
Many experts recommend that passwords be 12-15 characters long. Also, they advise you to change them frequently, preferably every three months.
9. Safeguard your personal information.
Synthetic ID Fraud has become a popular trend. The scammer creates a new identity (using a real person’s verifiable information — such as name, birthdate, social security number, address, etc.) and then commits fraud. To help prevent this type of fraud from happening to you, shred mail and documents that contain personal information and keep electronic passwords and other verifiable data in a safe place.
Take Cybersecurity Seriously
According to the 2021 Internet Crime Report from the FBI Internet Crime Complaint Center, there were 301,580 Internet scam complaints in 2017. In 2021, there were 846,376 complaints. That’s nearly three times the number of complaints in five years! The losses resulting from cybercrime also jumped — from $1.4 billion in 2017 to $6.9 billion in 2021.
Cybercriminals are winning. Don’t let them! Protect yourself.
What can you add to our list of cybersecurity best practices?
