“Passport to Financial Wellness” Credit Fair is scheduled for Oct. 16-17, 2019, from 10:30 a.m. to 1:30 p.m.
Cybersecurity Awareness Facts and Tips
Week 1: Be a Cyber Champion at Work and School
Own IT. Secure IT. Protect IT.
When it comes to being cyber safe, there is no better place to start than at school and work. We spend approximately one-third of our day at the office or at school, and during that time we can be just a little more safe and aware of the digital world we live in. As work and school become more interactive, we need to set limits on what we, our co-workers and our children share online.
This year’s National Cyber Security Awareness Month changed its focus to promote personal accountability. The theme ‘Own IT. Secure. IT. Protect IT.’ encourages personal accountability, including liability, and proactive behavior with digital privacy, security best practices and knowledge of common threats.
Own your cybersecurity at work and at school by being a champion. Demonstrate to co-workers and fellow students how to own your actions online by being THE example. To do this, take full responsibility of your online habits and acknowledge the risks that you take by being involved in a digital world.
- Take possession of your privacy by not over sharing information you would not want everyone to know. Did you know you could adjust the privacy settings on your favorite social media platforms? A quick search will show your how to make the changes that will empower you to maintain your privacy while on social media. Owning your personal privacy empowers you to keep your personal life personal, your work life professional and your school life educational.
- Do not limit the scope of privacy to just your own. You should respect others’ online privacy. Did you know that discussing or sharing someone else’s social media could be a violation of your work or school policies on sexual harassment, workplace or school bullying, ethical issues, moral quandaries, fraternization and plagiarism. When in doubt, err on the side of caution whenever dealing with someone else’s privacy. Additionally, it’s very common for a company that you work for to have a policy about sharing information about your job or workplace online.
Losing your connection to the cyber world can be nerve-wracking. However, what is truly horrifying is when someone else has unobstructed access to your digital profile! To keep unwanted guests out, you have to secure your electronics.
- Set up your school and work devices to automatically lock after a set time – The shorter the time period the better.
- Use disk encryption on your device. If someone steals your device, encryption ensures they can’t reach the sensitive stuff.
- If you must leave a device in a vehicle, make sure it is completely powered off. Criminals are using new techniques to locate Bluetooth and wireless devices, which means hiding a laptop or cell phone inside a vehicle can be risky.
- Use a single administrator account to perform updates and software installations on your computer. For all other tasks, use a regular account.
- Remember this: “When in doubt, throw it out.” Stop and think before you open attachments or click links in emails, instant messages and online posts when you’re at school or work. These links are often the way cybercriminals compromise your computer (and then your organization’s network). If it looks suspicious, it is best to just delete it.
- Guard your devices. In order to prevent theft and unauthorized access, never leave your laptop or mobile device unattended in a public place.
- Secure your accounts. Use passwords that are at least 12 characters long and include a mix of letters, numbers and special characters. Do not share usernames or passwords with anyone. If it’s available, turn on two-factor authentication for an added layer of security.
- Report anything suspicious. If you experience any unusual problems with your computer or device, report it to your IT department at work, or a teacher or administrator at school.
The Five W’s
So, when it comes to school and workplace cybersecurity, remember the five W’s!
- Who: When you receive an email, consider who sent it. Was it a friend, coworker, teacher or stranger?
- What: Consider what is in the email. Is it consistent with what that person normally sends you?
- When: Did a coworker send an email at 3 a.m.? Is that normal for this person?
- Where: Where did this email originate? Check the email address of the sender and see if it matches what you know about the sender.
- Why: Why did this person send the message? Do you know them and the organization they are with, or are they trying to create a contact on the inside of your organization using social engineering?
If you follow the Own IT. Secure IT. Protect IT. method, you, too, will be a cyber-champion at your office or school!
Week 2: Shop / Financial
Do you know why National Cybersecurity Month comes at the perfect time? It’s because October is the perfect month to get you trained to stay safe while shopping online this holiday season. Remember these tips when you shop:
Do not use public Wi-Fi to do any type of financial transactions
Do not sit at your local coffee shop and purchase items through their free internet. You do not know if that wireless access point is secure or if it will be tracking all of your transactions. Most public Wi-Fi does not encrypt wireless data so your internet traffic is there for anyone to take.
Make sure the website you are visiting is secure
When shopping, don’t give any financial information unless the website is secure. The easiest way to check this is to make sure the beginning of the web address starts with “HTTPS” (the “s” stands for secure) and not “HTTP”. You may not see HTTP or HTTPS in some browsers, so you can also look for a lock symbol somewhere in the address bar. It appears on the left side of the address bar in Google Chrome, while it appears on the right side in Internet Explorer.
Update your browser
Researchers and hackers are discovering new vulnerabilities on a daily basis, and the best way to protect your computer from catching the newest virus is to make sure your internet browser is up-to-date with the latest and greatest security patch.
Research new shopping sites before making a purchase
Did a friend recommend a new place to shop online? Great! Just make sure that you do your own personal research on the website. Check reviews and listen to what other customers are saying. If other customers are having issues with the website, you will want to hold off on any purchases.
Use credit cards instead of debit cards
Credit cards and debit cards may look the same when you are holding them in your hand, but if a thief gets your information, there is a big difference. It is better to lose your credit card information than your debit card information. Why? Credit card companies are required to reimburse you for fraudulent charges under the Fair Credit Billing Act. But, if you lose your debit card, money will be withdrawn directly from your bank account and there may no way to get it back.
Read stores’ return policies
What will happen if you buy an item and it arrives damaged? Are you responsible for return shipping? Will the seller refund your money? Reading through a store’s the return policy will help you understand who is responsible when something goes wrong.
Use unique usernames and passwords at every online shop
When a hacker compromises a company and steals user data, one of the first things the attacker does is to try all of the usernames and passwords on different websites, such as your bank or your Netflix account. By setting up a unique username and password for each store you shop at online, you will make it much harder for hackers to compromise other accounts.
Use a VPN
If you are more tech-savvy and want to have your latte and use free internet, a Virtual Private Network (VPN) is a great solution. Using a VPN will encrypt your data and ensure that hackers can’t eavesdrop on your purchases. A VPN extends a private network across a public network, allowing you to connect directly to your private network. The VPN encrypts all traffic, and therefore, you can shop until your heart’s content while using free Wi-Fi.
Watch out for phishing
Phishing is an attempt to get your information, such as username and passwords. Phishing also targets your financial information. If you see an email from your bank or credit card company, don’t click on any links. Instead, open a browser and go to your company’s website. When in doubt, call your bank or your credit card company and verify if the email is legitimate. Be sure to learn how to tell the difference between a real email and one that is trying to trick you.
Keep your information as private as you can
Check your financial statements
Every week, check your financial statement to determine if any fraudulent activity has occurred on your account. Catching nefarious activity early helps you to quickly recover your accounts. If you do spot something that doesn’t look right, immediately contact your credit card company to dispute the charge. They will cancel your old card and send you a new one.
Get alerted for all credit card transactions
Sign up to receive purchase alerts from your credit card company. When you, or someone else, uses your credit card, you can immediately receive a text message listing where the purchase was made and how much was charged.
Share bad experiences
Do not let your fellow online shopper fall victim to fraud or bad services as you did. Write honest reviews, explain what happened and update your review if the issue is resolved. You could save someone from falling victim to less-than-honorable practices.
Use common sense
Listen to your gut. If you get a bat feeling or an online shopping site doesn’t look right, move on to a new retailer. Chances are, you can find what you are looking for at a different retailer that is more reputable.
Logout after shopping
Before you kick off your slippers after a long day of online shopping, be sure to log out of all the places you shopped.
Check delivery times and set up a safe delivery space
Now that all of your goodies are on the way to your home, make sure the delivery person has a safe place to put them. Thieves are increasingly targeting packages left out in the open, so choose a location that is hidden, or have our packages at the shipping facility for pickup. If you do have packages delivered to your home, bring them inside as soon as you get the delivery.
Week 3: Play
Week 3 content will be available during the third week of October.
Week 4: Connect
Week 4 content will be available during the final week of October.
In the News
- Protect your online data with these tips from the City of Bryan (KBTX, Sept. 19, 2019)
- City of Bryan Update on WTAW (WTAW, Oct. 3, 2019)
On the Radio
- City of Bryan CIO Bernie Acre discusses online data and Cybersecurity Awareness Month (Access Aggieland on iHeartRadio, Sept. 29, 2019)
For the fourth straight year the City of Bryan is proud to announce its participation as a Champion of National Cybersecurity Awareness Month (NCSAM) 2019. We join an ever expanding global effort among businesses, government agencies, colleges and universities, associations, nonprofit organizations and individuals to promote the awareness of online safety and privacy.
A multi-layered and far-reaching campaign held annually in October, NCSAM was created as a collaborative effort between government and industry to ensure all digital citizens have the resources needed to stay safer and more secure online while also protecting their personal information. As an official Champion, the City of Bryan recognizes its commitment to cybersecurity, online safety and privacy.
Since its original inception under leadership from the U.S. Department of Homeland Security and the National Cyber Security Alliance (NCSA), NCSAM has grown exponentially, reaching consumers, small and medium-sized businesses, corporations, educational institutions and young people across the nation. Now in its sixteenth year, NCSAM continues to build momentum and impact co-led by NCSA and the Cybersecurity and Infrastructure Agency (CISA).
Following wide success of the “Our Shared Responsibility” theme in years past, CISA and NCSA have shifted strategic focus to a message that promotes personal accountability. Driven through mass public engagement, the “Own IT. Secure. IT. Protect IT.” theme will help to encourage personal accountability and proactive behavior in digital privacy, security best practices, common cyber threats and cybersecurity careers. Here is a breakdown of the highlighted calls to action and their key messages:
- Never Click and Tell: Staying Safe on Social Media
- Update Privacy Settings
- Keep Tabs on Your Apps: Best Practices for Device Applications
- Shake Up Your Passphrase Protocol: Create Strong, Unique Passphrases
- Double Your Login Protection: Turn on Multi-factor Authentication
- Shop Safe Online
- Play Hard To Get With Strangers: How to Spot and Avoid Phish
- If You Connect, You Must Protect: Updating to the Latest Security Software, Web Browser and Operating Systems
- Stay Protected While Connected: Wi-Fi Safety
- If You Collect It, Protect It: Keeping Customer/Consumer Data and Information Safe
As part of the City of Bryan’s NCSAM efforts, you will see weekly posts helping to raise awareness and spread fact-based knowledge on the importance of online safety, both at work and at home. These tips will be shared on this webpage and on our official social media pages including Facebook, Twitter, and Instagram.
For more information about NCSAM 2018, the Champion program and how to participate in a wide variety of activities, visit staysafeonline.org/ncsam. You can also follow and use the official NCSAM hashtags #CyberAware and #BeCyberSmart on social media throughout the month.
NCSA is the nation’s leading nonprofit, public-private partnership promoting cybersecurity and privacy education and awareness. NCSA works with a broad array of stakeholders in government, industry and civil society. NCSA’s primary partners are DHS and NCSA’s Board of Directors, which includes representatives from ADP; Aetna; AT&T Services Inc.; Bank of America; CDK Global, LLC; Cisco; Comcast Corporation; ESET North America; Facebook; Google; Intel Corporation; Logical Operations; Marriott International; Mastercard; Microsoft Corporation; Mimecast; NXP Semiconductors; Raytheon; RSA, the Security Division of EMC; Salesforce; Symantec Corporation; TeleSign; Visa and Wells Fargo. NCSA’s core efforts include National Cyber Security Awareness Month (October); Data Privacy Day (Jan. 28); STOP. THINK. CONNECT™; and CyberSecure My Business™, which offers webinars, web resources and workshops to help businesses be resistant to and resilient from cyberattacks. For more information on NCSA, please visit staysafeonline.org/about.
About STOP. THINK. CONNECT.
STOP. THINK. CONNECT.™ is the global online safety awareness campaign to help all digital citizens stay safer and more secure online. The message was created by an unprecedented coalition of private companies, nonprofits and government organizations with leadership provided by NCSA and the APWG. The campaign was launched in October of 2010 by the STOP. THINK. CONNECT.™ Messaging Convention in partnership with the U.S. government, including the White House. NCSA, in partnership with the APWG, continues to lead the campaign. DHS leads the federal engagement in the campaign. Learn how to get involved by following STOP. THINK. CONNECT.™ on Facebook and Twitter and visiting stopthinkconnect.org.