Cybersecurity Tip of the Week

id = "FBMainForm_38110945" action="/cybersecurity.html" method = "post" onsubmit = "return false" >
Cybersecurity Tip of the Week Search  

 
Smart Home Safety
by FCNB on 

Smart Home Safety


Hot new gadgets claim to make your home smarter, more efficient and secure. In fact, if not properly secured, these devices can be turned against you. In November 2018, a woman was stalked by her ex-boyfriend using their smart home technology.

CBC Marketplace did an episode on how easily your security cameras, keyless door entries, virtual assistant devices (Alexa) and even baby monitors can easily be hacked if not properly secure.
We are not trying to discourage you from having these devices in your home. Our goal is to motivate you to take some security steps to ensure these types of devices are safeguarded against hackers.

The first step is to ask yourself the following questions:

  1. What are you using the devices for?
  2. Do you feel comfortable putting a camera in your home?
  3. If this technology becomes compromised, what are the risks to you and your family?
  4. What are the security measures?

Before purchasing any devices, make sure that the product is purchased from a reputable company, that they allow you to change the default password and a bonus to look for would be the ability to use two-factor authentication.

How to secure your smart home devices:

  • Create a strong and unique password for each of your devices. Do not repeat the password. Choose a password that is over 16 characters long, that has special characters and would not be easily hacked.
  • Change the password to your Wi-Fi and router.
  • Learn to spot phishing emails. Hackers are smart and could try to retrieve your password by sending you an email that looks like it’s being sent from your security camera’s company.
  • Enable two-factor authentication when available.
  • Consider installing a separate router dedicated to just your IoT devices for even better security. Alternatively connect them to a separate subnet (such as a guest network if your router permits it).

It is up to you to learn how these devices work and how to secure them properly.


Comments     Permalink     Add Comment

How to protect your data on social networks
by FCNB on 

How to protect your data on social networks

Data Privacy day (January 28th), is an opportunity to think about what we share and who we share it with on social media. It seems obvious to keep some things private, such as phone number, credit card number, mother’s maiden name, etc., but there are many other things you can do to further your protection.

  1. Check your privacy settings and consider your needs. If you use social media for work purposes, consider creating a separate account for your personal needs.
  2. Always use strong, creative, and memorable (only to you) passwords, and never share them.
  3. Keep your mobile device lock with a pin or pattern.
  4. Be sceptical of those silly quizzes you can find on social media (IQ, personality type, etc.). They may take you to an unsecure site.
  5. Wait until after you’ve return from your vacation to post about it on social media.
  6. Only accept friend requests from people you know. Even if it looks like you have friends in common, this could be a fraudster that has created a fake account trying to steal your personal information.
  7. Avoid linking your fitness apps to your social networks, such as your regular running routes. While doing fitness challenges with your friends can be motivating, you could be putting yourself at risks by publicizing when you’re not home. Share your information with friends directly, rather than in a public setting.

Learn more about Frauds and Scams

See all Cybersecurity tips

Learn more about how to Get Cyber Safe




Comments     Permalink     Add Comment

How to create unique passwords you won’t have to memorize
by FCNB on 

How to create unique passwords you won’t have to memorize

 

A strong password is the first, and one of the most important steps to protecting your personal information.

 

This CBC article gives you a great method on how to create strong and unique passwords – that you don’t have to memorize.

 

New guidance suggests the length of your password may be more important than how complicated its combination of letters and number are. Make sure that your password is at least 12 characters long.

 

Learn more about Frauds and Scams

See all Cybersecurity tips

Learn more about how to Get Cyber Safe



Comments     Permalink     Add Comment

Digital Romance
by FCNB on 

Digital Romance

Technology is changing the way we find love – with the arrival of dating apps and social networking, we can connect with more people and have more options for revealing ourselves while looking for a partner. When love is in the air, people are a little more likely to click on a risky link, or open a suspicious email.

Romance scams costs New Brunswickers $353,361 in 2018. To avoid being a statistic and having your heart broken this Valentine’s day, look out for the following red flags.

  1. Showered with Compliments:  scammers will come across as extremely eager in the beginning, raining down compliments and asking to meet.
  2. Communication method changes: Scammer will quickly move away from the dating site and start texting or emailing, in case their profile page is flagged or shut down by the site.
  3. Sad story: once they have you interested, their sad stories will begin. An accident has happened, or they need money for some kind of emergency.

If you are planning on joining a dating site, make sure you consider the following:

  • Provide as little personal information as possible on your profile.
  • Select a profile picture you haven’t used any where else. This will prevent them from doing a google image search and finding more information about you.
  • Do some research on the person you are chatting with. You can google their name and do a reverse search on them. If they are using a stock image or someone else’s picture, you should cease communicating with them.
  • If there is a cost to signing up, read the terms and conditions and make sure you know how to cancel your account.
  • Only sign up to legitimate and reputable dating sites. Make sure to pay close attention to the website, as scammers often mimic real web addresses.
  • Never give your financial details or send money on a dating site.

As much as we all want to be swept up in the romance, remember that it is unlikely that someone will declare their undying love to you after only a few interactions.


Comments     Permalink     Add Comment

What to do if your email gets hacked
by FCNB on 

What to do if your email gets hacked

 

Do you know what to do if your email account has been hacked? Many people think that changing their password is enough – it’s not!

 

Here’s what you need to do to get everything back in order and keep hackers from gaining access to your account again:

 

  1. Change your password. The first thing you should do is to stop the hacker from getting back into your account. Change your password to a strong password.
  2. Reclaim your account. If you’re lucky, the hacker only logged into your account to send spam to your contacts. If you’re not so lucky, the hacker changed your password.  If that’s the case, you will need to reclaim your account by clicking “forgot your password” and answering your security questions (or backup email address).
  3. Change your security questions. Once you’ve reclaimed your account, take this opportunity to change your security questions.
  4. Enable two-factor authentication.
  5. Check your email settings. It is possible f or hackers to have changed your settings to forward a copy of every email to themselves, so they can watch for emails containing login information. Check your mail forwarding settings to ensure no unexpected email addresses have been added. Take a look at your email signature to make sure the hacker hasn’t added a spam signature that contains links even after you’ve locked them out. Check your ‘reply to’ email addresses, this is another item that hackers can change, in which they create an email address that is similar to yours, but instead goes straight into the hacker’s email account.
  6. Search for other compromises. Search for the word “password” in the inbox to ensure there are no records of an email that contains this type of information.  If you do find something, change the passwords to those accounts immediately.
  7. Scan your computer for malware and viruses. Run a full scan with your anti-malware program to make sure the hackers haven’t gone past your inbox.


If the hackers have sent something on your behalf, make sure to reach out to those contacted as soon as possible to let them know that your account has been hacked.

 

Learn more about Frauds and Scams

See all Cybersecurity tips

Learn more about how to Get Cyber Safe


Comments     Permalink     Add Comment

Remote Desktop Protocol
by FCNB on 

Remote Desktop Protocol

According to a public service announcement from the FBI, since 2016 there has been a rise in cyber actors exploiting the Remote Desktop Protocol to conduct malicious activities. An example of this attack is when they drop a ransomware onto a device and execute it, effectively locking your computer/device. This type of threat demands payment in bitcoin in exchange for a decryption key.

What is Remote Desktop Protocol?

Remote Desktop Protocol (RDP) is a program that is designed to allow a remote user to access a computer in a different location. For example, it allows network administrators to remotely diagnose and resolve problems individual users encounter. RDP is available for most versions of the Windows operating system.

It also allows an individual to control the resources and data of a computer over the Internet. It provides complete control over the desktop of a remote machine by transmitting input such as a mouse movement and keystrokes and sending back a graphical user interface.

For a connection to happen, the local and remote machines need to authenticate via a username and password.

How to protect yourself:

  • Having a strong password: this is always your first line of defense. For tips on how to create a strong password, click here. Apply two-factor authentication, where possible.
  • Update your RDP: outdated versions of RDP may use flawed CredSSP, the encryption mechanism, thus enabling a potential attack. To update your RDP, follow these simple steps:
    • Open windows update by clicking the Start button and type “Update” in the search box, then click on “Windows Update”.
    • Click on “Check for updates” and wait until Windows looks for the latest updates for your computer.
    • Select any pending Windows updates under the “Important and Optional” categories.
    • Click “Install updates”. Once the updates are completed, restart your computer. Repeat the steps until no more updates are available.
  • Restrict access to the default RDP: Use firewalls (both software and hardware where available) to restrict access to remote desktop listening ports (default is TCP 3389). It is highly recommended to use an RDP gateway for restricting RDP access to desktops and servers. You can also use VPN software as an alternative.

Learn more about Frauds and Scams

See all Cybersecurity tips

Learn more about how to Get Cyber Safe


Comments     Permalink     Add Comment

Interesting facts about the Internet
by FCNB on 

Interesting facts about the Internet

 

  • A single Google query uses 1,000 computers and takes 0.2 seconds to retrieve an answer.
  • The inventor of the modern world wide web, Tim Berners-Lee, was knighted by Queen Elizabeth.
  • The GIF format was invented by Steve Wilke, an engineer at Compuserve in 1987.
  • The first spam email was sent in 1978 over ARPNET by a man named Gary Thuerk, whom has been nicknamed ‘The Father of Spam’. He was selling computers.
  • Online daters spend an average of $243 per year on online dating.
  • We now spend more time browsing the web on mobile devices than desktop computers.
  • Researchers are debating on whether or not to recognize Internet addiction as a mental disorder. In China, there are treatment camps for Internet addicts.
  • LOL used to mean “lots of love” before “laughing out loud” took its place.

 

Learn more about Frauds and Scams

See all Cybersecurity tips

Learn more about how to Get Cyber Safe




Comments     Permalink     Add Comment

Baby it's cold outside - Layer up
by FCNB on 

Baby it’s cold outside – Layer up

Layering up your login also known as multi-factor authentication (also known as two-factor authentication), which is a free feature available n the settings of your favorite social networks, banking site, etc.

What is multi-factor authentication?

Multi-factor authentication is an additional layer of protection beyond your password. It significantly decreases the risk of a hacker accessing your online accounts by combining your password with a second factor, like your mobile phone.

There are dozens of options you can choose from to protect your accounts, but most websites rely only on a few.

Here are the top three types of multi-factor authentication options:

  1. Password: A strong password is your first layer of defense. With this in place, you’re ready to add an extra layer of protection.
  2. Fingerprint ID: Available on most smartphones and many laptops, fingerprint scanning is a great way to keep your device locked only to you.
  3. Single-use code: A single use code is either sent to your phone or your email address, which generally, only you have access to. 

This extra layer of protection will keep you warm through the cold winter months and all year long.




Comments     Permalink     Add Comment

New Year’s Cybersecurity Resolutions
by FCNB on 

New Year’s Cybersecurity Resolutions

Happy New Year! It’s the time of year when we feel the need to turn over a new leaf and create a list of goals. To help you out, we went ahead and created a list to set you on the right cybersecurity track!

1. Set better passwords: Having a strong password is your first line of defence! It can be very tempting to use a simple combination for every account, but choosing a strong and unique password should take priority. If you are having a hard time with keeping track of all your passwords, research a good and reputable password manager software. Make sure to never use personal information in your passwords, such as your date of birth, social insurance number, etc.

2. Public Wi-Fi: When it comes to public Wi-Fi, there is no such thing as secure Wi-Fi. Even if your local coffee shop claims it is secure, Wi-Fi networks lack encryption. Private online activity, such as online banking or shopping, should be done at home or when using a VPN that will guarantee you a safe Wi-Fi connection.

3. Secure your social media: While social media is great at connecting us with our loved ones, it is also a great way for scammers to collect your personal information and catch you in a scam – if you aren’t careful. Be mindful of what you post and make sure to set your settings to private on all your social networks. 

4. Don’t skip your updates: Protect your personal information, files and money from malware by installing updates to your devices, apps and antivirus as they become available. You can set software to ‘auto-update’ so you do not miss out on the latest security features.

5. Know the trending frauds: Frauds and scams evolve all the time. Knowing the signs to watch for will help you be better prepared and avoid falling for scams. Sign up for our fraud alerts to receive notifications right in your inbox.

Start the year off right by keeping your personal information safe from cybercriminals.



Comments     Permalink     Add Comment

The Trojan horse of software
by FCNB on 

The Trojan horse of software


The Trojan horse is a story most people know. Soldiers hid inside of a giant wooden horse and invaded the enemy’s castle from the inside by bursting out of it. Even though this story happened in about 500 B.C., the Trojan horse is still active today and you may be its next victim if you’re not careful.

 

Trojan horse or Trojan viruses are a type of computer software that hides itself as trustworthy software. It usually hides in fake antivirus tools or software to speed up or clean your computer. In reality, this software is creating a backdoor to let malicious user have access to your computer. This can let them see sensitive or personal information such as passwords, usernames, bank cards and more.

 

 

The best way to protect yourself from Trojan viruses is to avoid downloading software from software providers that are not trusted. Software providers will never urge you to download their software for an emergency. It is also essential to have a strong anti-virus and keep all of your software up to date.

 

When your software isn’t up to date, it gives these programs an easy way to exploit your computer and its weaknesses. Follow these steps and you may prevent being victimized by the next Trojan horse.

 

Learn more about Frauds and Scams

See all Cybersecurity tips

Learn more about how to Get Cyber Safe




Comments     Permalink     Add Comment

 
RSS Feed


2017 © Financial and Consumer Services Commission