The Bryan Police Department was selected as a City Award winner by the National Association of Town Watch for its participation in National Night Out 2019.
Cybersecurity Awareness Facts and Tips
Week 1: Be a Cyber Champion at Work and School
Own IT. Secure IT. Protect IT.
When it comes to being cyber safe, there is no better place to start than at school and work. We spend approximately one-third of our day at the office or at school, and during that time we can be just a little more safe and aware of the digital world we live in. As work and school become more interactive, we need to set limits on what we, our co-workers and our children share online.
This year’s National Cyber Security Awareness Month changed its focus to promote personal accountability. The theme ‘Own IT. Secure. IT. Protect IT.’ encourages personal accountability, including liability, and proactive behavior with digital privacy, security best practices and knowledge of common threats.
Own your cybersecurity at work and at school by being a champion. Demonstrate to co-workers and fellow students how to own your actions online by being THE example. To do this, take full responsibility of your online habits and acknowledge the risks that you take by being involved in a digital world.
- Take possession of your privacy by not over sharing information you would not want everyone to know. Did you know you could adjust the privacy settings on your favorite social media platforms? A quick search will show your how to make the changes that will empower you to maintain your privacy while on social media. Owning your personal privacy empowers you to keep your personal life personal, your work life professional and your school life educational.
- Do not limit the scope of privacy to just your own. You should respect others’ online privacy. Did you know that discussing or sharing someone else’s social media could be a violation of your work or school policies on sexual harassment, workplace or school bullying, ethical issues, moral quandaries, fraternization and plagiarism. When in doubt, err on the side of caution whenever dealing with someone else’s privacy. Additionally, it’s very common for a company that you work for to have a policy about sharing information about your job or workplace online.
Losing your connection to the cyber world can be nerve-wracking. However, what is truly horrifying is when someone else has unobstructed access to your digital profile! To keep unwanted guests out, you have to secure your electronics.
- Set up your school and work devices to automatically lock after a set time – The shorter the time period the better.
- Use disk encryption on your device. If someone steals your device, encryption ensures they can’t reach the sensitive stuff.
- If you must leave a device in a vehicle, make sure it is completely powered off. Criminals are using new techniques to locate Bluetooth and wireless devices, which means hiding a laptop or cell phone inside a vehicle can be risky.
- Use a single administrator account to perform updates and software installations on your computer. For all other tasks, use a regular account.
- Remember this: “When in doubt, throw it out.” Stop and think before you open attachments or click links in emails, instant messages and online posts when you’re at school or work. These links are often the way cybercriminals compromise your computer (and then your organization’s network). If it looks suspicious, it is best to just delete it.
- Guard your devices. In order to prevent theft and unauthorized access, never leave your laptop or mobile device unattended in a public place.
- Secure your accounts. Use passwords that are at least 12 characters long and include a mix of letters, numbers and special characters. Do not share usernames or passwords with anyone. If it’s available, turn on two-factor authentication for an added layer of security.
- Report anything suspicious. If you experience any unusual problems with your computer or device, report it to your IT department at work, or a teacher or administrator at school.
The Five W’s
So, when it comes to school and workplace cybersecurity, remember the five W’s!
- Who: When you receive an email, consider who sent it. Was it a friend, coworker, teacher or stranger?
- What: Consider what is in the email. Is it consistent with what that person normally sends you?
- When: Did a coworker send an email at 3 a.m.? Is that normal for this person?
- Where: Where did this email originate? Check the email address of the sender and see if it matches what you know about the sender.
- Why: Why did this person send the message? Do you know them and the organization they are with, or are they trying to create a contact on the inside of your organization using social engineering?
If you follow the Own IT. Secure IT. Protect IT. method, you, too, will be a cyber-champion at your office or school!
Week 2: Shop / Financial
Do you know why National Cybersecurity Month comes at the perfect time? It’s because October is the perfect month to get you trained to stay safe while shopping online this holiday season. Remember these tips when you shop:
Do not use public Wi-Fi to do any type of financial transactions
Do not sit at your local coffee shop and purchase items through their free internet. You do not know if that wireless access point is secure or if it will be tracking all of your transactions. Most public Wi-Fi does not encrypt wireless data so your internet traffic is there for anyone to take.
Make sure the website you are visiting is secure
When shopping, don’t give any financial information unless the website is secure. The easiest way to check this is to make sure the beginning of the web address starts with “HTTPS” (the “s” stands for secure) and not “HTTP”. You may not see HTTP or HTTPS in some browsers, so you can also look for a lock symbol somewhere in the address bar. It appears on the left side of the address bar in Google Chrome, while it appears on the right side in Internet Explorer.
Update your browser
Researchers and hackers are discovering new vulnerabilities on a daily basis, and the best way to protect your computer from catching the newest virus is to make sure your internet browser is up-to-date with the latest and greatest security patch.
Research new shopping sites before making a purchase
Did a friend recommend a new place to shop online? Great! Just make sure that you do your own personal research on the website. Check reviews and listen to what other customers are saying. If other customers are having issues with the website, you will want to hold off on any purchases.
Use credit cards instead of debit cards
Credit cards and debit cards may look the same when you are holding them in your hand, but if a thief gets your information, there is a big difference. It is better to lose your credit card information than your debit card information. Why? Credit card companies are required to reimburse you for fraudulent charges under the Fair Credit Billing Act. But, if you lose your debit card, money will be withdrawn directly from your bank account and there may no way to get it back.
Read stores’ return policies
What will happen if you buy an item and it arrives damaged? Are you responsible for return shipping? Will the seller refund your money? Reading through a store’s the return policy will help you understand who is responsible when something goes wrong.
Use unique usernames and passwords at every online shop
When a hacker compromises a company and steals user data, one of the first things the attacker does is to try all of the usernames and passwords on different websites, such as your bank or your Netflix account. By setting up a unique username and password for each store you shop at online, you will make it much harder for hackers to compromise other accounts.
Use a VPN
If you are more tech-savvy and want to have your latte and use free internet, a Virtual Private Network (VPN) is a great solution. Using a VPN will encrypt your data and ensure that hackers can’t eavesdrop on your purchases. A VPN extends a private network across a public network, allowing you to connect directly to your private network. The VPN encrypts all traffic, and therefore, you can shop until your heart’s content while using free Wi-Fi.
Watch out for phishing
Phishing is an attempt to get your information, such as username and passwords. Phishing also targets your financial information. If you see an email from your bank or credit card company, don’t click on any links. Instead, open a browser and go to your company’s website. When in doubt, call your bank or your credit card company and verify if the email is legitimate. Be sure to learn how to tell the difference between a real email and one that is trying to trick you.
Keep your information as private as you can
Check your financial statements
Every week, check your financial statement to determine if any fraudulent activity has occurred on your account. Catching nefarious activity early helps you to quickly recover your accounts. If you do spot something that doesn’t look right, immediately contact your credit card company to dispute the charge. They will cancel your old card and send you a new one.
Get alerted for all credit card transactions
Sign up to receive purchase alerts from your credit card company. When you, or someone else, uses your credit card, you can immediately receive a text message listing where the purchase was made and how much was charged.
Share bad experiences
Do not let your fellow online shopper fall victim to fraud or bad services as you did. Write honest reviews, explain what happened and update your review if the issue is resolved. You could save someone from falling victim to less-than-honorable practices.
Use common sense
Listen to your gut. If you get a bat feeling or an online shopping site doesn’t look right, move on to a new retailer. Chances are, you can find what you are looking for at a different retailer that is more reputable.
Logout after shopping
Before you kick off your slippers after a long day of online shopping, be sure to log out of all the places you shopped.
Check delivery times and set up a safe delivery space
Now that all of your goodies are on the way to your home, make sure the delivery person has a safe place to put them. Thieves are increasingly targeting packages left out in the open, so choose a location that is hidden, or have our packages at the shipping facility for pickup. If you do have packages delivered to your home, bring them inside as soon as you get the delivery.
Week 3: Play
Stay cyber-safe while gaming
The internet can offer loads more fun than watching cat videos. Online gaming has its roots stretching back to the 1940 World’s Fair. That year, the Fair introduced the first computer game. For more than half of a century, electronic games gained popularity and have saturated our lives. However, this electronic wonder doesn’t come without its downsides. Adult content, violence, bullying and anonymity are all found in video games today. Criminals and plain mean people are using this platform to reach their own goals and we want you to be aware and not a victim while enjoying this pastime.
- Keep computers and game consoles in your family living area. It is easier to know what your family is doing when you are there with them.
- Make sure your computer and virus protection software have the latest updates installed, as new threats are appearing every day.
- Learn how to properly manage and use the privacy settings on your computer and game console.
- Never give your real name or location to anyone online. Teach your children to do the same.
- Play video games with your kids, so you can be familiar with them and be part of their gaming sessions.
- Get away from electronic games and break out the board games or go outside. While virtual worlds are fun, the real world isn’t too shabby, either.
- Be careful with in-app purchases. Pay-to-play and pay-to-win business models charges can accumulate quickly. Set and enforce spending limits with yourself and your family.
- Ensure you play with authorized versions of games that you purchased from reputable sources. Pirated copies of games and software could contain many sorts of malware.
- Use strong, unique passwords and two-factor authentication on all your games to ensure cyber thieves cannot gain access to your accounts.
- Watch out for frauds and cons when buying or selling video game ‘property’ in the real world.
Do you know about the ERSB Ratings?
Read and follow the Entertainment Software Rating Board (ESRB) to ensure your family is playing age-appropriate games. There are many levels to the ESRB rating system.
The safest rating is an ‘E’, which means everyone can play and enjoy the game. On the other end of the spectrum is an ‘M’ rating, which recommends the game be played by adults who are 18 and older. Each rating contains descriptors (blood and gore, drug usage, nudity, violence, etc.) that explain why the game achieved its rating.
Protect your information when traveling
Whether it’s for business or fun, traveling to different parts of the globe is an exciting adventure, and you don’t want it to be ruined by a cybersecurity incident. No one is exempt from cybercrime, and traveling can expose you to more hostile environments than at home or work.
- Make sure that your computer and antivirus software have all updates installed.
- Don’t let the digital world know that you will be away from your home and there may be no one watching it. Avoid posting on social media details about when you will be gone on a trip or pictures of yourself during your trip.
- Create stronger passwords before you go and change them once you are back home.
- When charging a device at a public USB station, make sure you use a data blocker to ensure your data isn’t stolen. Cyber thieves may add hardware to public charging stations and steal unsuspecting victims’ data.
- When using your mobile device or laptop, check your surroundings to ensure no one is shoulder surfing. Investing in a privacy screen will help protect against others sesing your screen.
- Remove sensitive data from your electronics. This ensures your data is safe if your device is lost, stolen or compromised.
- Call your credit card company and inform them where you will be traveling so they can note your account. Once you are back from your trip, monitor your statements and check for unauthorized charges.
- Avoid public Wi-Fi or use a virtual private network to ensure your anonymity when traveling.
- If you are traveling abroad, make sure you know the local laws regarding online behavior and law enforcement authorities. If you are unsure, consult the State Department website, State.gov, for information about a particular destination.
- Consider using “burner” equipment while traveling. Burner phones and computers are inexpensive replacements that can be discarded after travel or put away until your next trip.
Week 4: Connect
Dangers of Social Media
Social media is everywhere. Homes, schools and business all find a use for social media, whether it is for entertainment or to attract customers, social media is an integral part of our daily lives. However, it is not without its issues. A quick look at the media will show you people and companies learning the hard way that there is a good way and bad way to use social media.
As we look over this week’s topic of social media, we will focus on National Cybersecurity Awareness Month’s overall theme of “Own IT! Secure IT! Protect IT!”
Never click and tell: Would you tell a complete stranger about family issues or other private matters? Of course not! However, that is what many people do when they post stuff online. Although they are mainly targeting a friend or family member, anyone with access to view their account can and will read it. Make sure children understand this as well. A simple misspoken phrase can lead to harassment and cyber bullying.
Too much of a good thing: Sharing too much information about positive things can also be bad. Imagine you are going on your dream vacation. You check in at the airport, take a selfie at the boarding gate and post that selfie online with comment saying “Gone to Tahiti for two weeks! Dogs are boarded and I am getting on the plane!” What kind of responses will you get from this? One response that you don’t want is a “friend” of a friend seeing that your house will be empty for two weeks – it’s a great time for them to get in there and clean you out.
Update privacy settings: A way to keep gossip-seekers away from your account is to update your privacy settings. Locking down your account will keep many, but not all, people away from private comments. If you need to communicate privately, it is best to get off the computer and have an old-fashioned conversation with the other person.
Create strong, unique passphrases: With anything in the cyber world, a good start is to create a strong 12-character or longer password. Don’t reuse passwords on multiple websites; each password should be unique to website or program it is associated with. If you have trouble remembering passwords, research using password vaults to simplify this process.
Turn on multi-factor authentication: Learn how to activate two-factor authentication on all of your social media accounts, so that cyber criminals cannot log in without your authorization.
Play hard to get with strangers: If you get a message from someone you know, be wary! Scammers use individuals’ trust and naivety against them. People posing as friends of friends or distant relatives can have ulterior motives. Set clear boundaries with strangers and never give out your information. Remember, while the communication may be in a virtual world, that stranger is living in ours. It can bring the same consequences as talking to a stranger in person.
Update your security software, web browsers and operating systems: Hackers use faults in old programs to gain access to computers. The producers of the software learn which exploit the hackers are using and create updates to stop the intrusions. If you don’t keep your software up to date, hackers have a wider surface area they can use to gain access to your computer. This will help when a “friend” shares something with you that is potentially dangerous.
However, not all dangers from social media come from strangers. Research shows that addiction to cell phones and social media is on the rise. Addiction causes the individual anxiety when they are not able to access social media; it invades your work and personal time. People can also experience less life satisfaction and general unhappiness. If you feel like you need help reach out to someone and discuss what issues you are having.
How to OWN IT! SECURE IT! PROTECT IT!
Take control of your Facebook profile and information by being aware of these five hidden dangers of using Facebook. Before you even use Facebook, understand that it is not very safe.
First, Facebook shares your information with third parties, like advertisers. Facebook makes lots of money by gathering as much info about you as possible, and then uses it to attract advertisers. The more personal info you give out, the more money Facebook can take in.
The second hidden danger of Facebook involves your privacy settings. Every time Facebook redesigns its website, your privacy settings revert to an unsafe default mode – essentially making all of your information public. These redesigns happen about twice a year, and Facebook does not always notify you when they make changes. So, periodically click on the Privacy Settings button and make sure yours are what you think they are.
The third hidden danger of Facebook is ads. Beware of clicking on those ads on the side of the page. Some contain malicious software. One of these malware ads told Facebook users to download anti-virus software, but it was really a virus. Stay safe and ignore the ads.
The fourth hidden danger? Your Facebook friends can unknowingly make you vulnerable on Facebook. Let’s say your friend’s profile was hacked. The scammer can use their account or email address to send you malware. One of the most popular scams is called the 419 Scam. With the 419 Scam, you’ll get a message that says, “Help. I was mugged. I’m hurt. Please send money.” You think it’s a legitimate message from a friend, but it’s really a lie to get your cash.
The fifth hidden danger of Facebook are fake profiles created by scammers. In fact, a recent study found that 40 percent of all Facebook profiles are fake – set up by imposters. If you have hundreds of Facebook friends, do you really know them all? Do you trust every one of them with your personal info or letting them know you’re out of town or even out to eat? Probably not. So take your home address, phone number, last name, birth year and phone number off of your profile NOW. Unless you have a burglar alarm and it’s activated, don’t tell anyone, “Hey, I’m off to the grocery store.” By the time you get back, you could have been robbed.
In the News
- Protect your online data with these tips from the City of Bryan (KBTX, Sept. 19, 2019)
- City of Bryan Update on WTAW (WTAW, Oct. 3, 2019)
On the Radio
- City of Bryan CIO Bernie Acre discusses online data and Cybersecurity Awareness Month (Access Aggieland on iHeartRadio, Sept. 29, 2019)
For the fourth straight year the City of Bryan is proud to announce its participation as a Champion of National Cybersecurity Awareness Month (NCSAM) 2019. We join an ever expanding global effort among businesses, government agencies, colleges and universities, associations, nonprofit organizations and individuals to promote the awareness of online safety and privacy.
A multi-layered and far-reaching campaign held annually in October, NCSAM was created as a collaborative effort between government and industry to ensure all digital citizens have the resources needed to stay safer and more secure online while also protecting their personal information. As an official Champion, the City of Bryan recognizes its commitment to cybersecurity, online safety and privacy.
Since its original inception under leadership from the U.S. Department of Homeland Security and the National Cyber Security Alliance (NCSA), NCSAM has grown exponentially, reaching consumers, small and medium-sized businesses, corporations, educational institutions and young people across the nation. Now in its sixteenth year, NCSAM continues to build momentum and impact co-led by NCSA and the Cybersecurity and Infrastructure Agency (CISA).
Following wide success of the “Our Shared Responsibility” theme in years past, CISA and NCSA have shifted strategic focus to a message that promotes personal accountability. Driven through mass public engagement, the “Own IT. Secure. IT. Protect IT.” theme will help to encourage personal accountability and proactive behavior in digital privacy, security best practices, common cyber threats and cybersecurity careers. Here is a breakdown of the highlighted calls to action and their key messages:
- Never Click and Tell: Staying Safe on Social Media
- Update Privacy Settings
- Keep Tabs on Your Apps: Best Practices for Device Applications
- Shake Up Your Passphrase Protocol: Create Strong, Unique Passphrases
- Double Your Login Protection: Turn on Multi-factor Authentication
- Shop Safe Online
- Play Hard To Get With Strangers: How to Spot and Avoid Phish
- If You Connect, You Must Protect: Updating to the Latest Security Software, Web Browser and Operating Systems
- Stay Protected While Connected: Wi-Fi Safety
- If You Collect It, Protect It: Keeping Customer/Consumer Data and Information Safe
As part of the City of Bryan’s NCSAM efforts, you will see weekly posts helping to raise awareness and spread fact-based knowledge on the importance of online safety, both at work and at home. These tips will be shared on this webpage and on our official social media pages including Facebook, Twitter, and Instagram.
For more information about NCSAM 2018, the Champion program and how to participate in a wide variety of activities, visit staysafeonline.org/ncsam. You can also follow and use the official NCSAM hashtags #CyberAware and #BeCyberSmart on social media throughout the month.
NCSA is the nation’s leading nonprofit, public-private partnership promoting cybersecurity and privacy education and awareness. NCSA works with a broad array of stakeholders in government, industry and civil society. NCSA’s primary partners are DHS and NCSA’s Board of Directors, which includes representatives from ADP; Aetna; AT&T Services Inc.; Bank of America; CDK Global, LLC; Cisco; Comcast Corporation; ESET North America; Facebook; Google; Intel Corporation; Logical Operations; Marriott International; Mastercard; Microsoft Corporation; Mimecast; NXP Semiconductors; Raytheon; RSA, the Security Division of EMC; Salesforce; Symantec Corporation; TeleSign; Visa and Wells Fargo. NCSA’s core efforts include National Cyber Security Awareness Month (October); Data Privacy Day (Jan. 28); STOP. THINK. CONNECT™; and CyberSecure My Business™, which offers webinars, web resources and workshops to help businesses be resistant to and resilient from cyberattacks. For more information on NCSA, please visit staysafeonline.org/about.
About STOP. THINK. CONNECT.
STOP. THINK. CONNECT.™ is the global online safety awareness campaign to help all digital citizens stay safer and more secure online. The message was created by an unprecedented coalition of private companies, nonprofits and government organizations with leadership provided by NCSA and the APWG. The campaign was launched in October of 2010 by the STOP. THINK. CONNECT.™ Messaging Convention in partnership with the U.S. government, including the White House. NCSA, in partnership with the APWG, continues to lead the campaign. DHS leads the federal engagement in the campaign. Learn how to get involved by following STOP. THINK. CONNECT.™ on Facebook and Twitter and visiting stopthinkconnect.org.