Prevention Tips

Although it may not be possible to completely avoid falling victim to cybercrime, having a tool kit of prevention methods could help your organization minimize the risk of such crimes damaging the reputation of your company or faith of your clients/customers.

Craft a Strong Password
One of the easiest steps to keeping your data safe is to craft solid login credentials. If possible, remember the password so that it doesn’t have to be written down. If you must have the password written down on hard copy somewhere, be sure to store it in a secure location, with few people who have access to it.

What are some tips for creating a strong password?

  1. Use a unique password for each of your accounts. Do not use one password for all of them.
  2. Ensure your password consists of letters, numbers, and symbols. This would make it harder for others to figure out.
  3. Avoid using common words or consecutive characters to make up your password (e.g. Do not use “password” as your password. Do not use a password such as Office111).

Two-Step Verification
Two-Step Verification is a way of authenticating and individual’s identity using two components, before he/she gains access.
The idea behind this process is that although an imposter has one piece of the victim’s identifying information, they most likely don’t have two.

Examples of information that may be used for authentication purposes:

  • Token
  • Key
  • Password
  • Pin
  • Fingerprint
  • Voice recognition

Download Attachments with Care
It’s important to always download email attachments with care, even if the email appears to be from a credible source. Although the attachment seems to have a well-known extension (e.g. .PDF, .doc, etc.), it could in fact be a Trojan.

Protect yourself by considering these steps:

  • Regularly update software patches.
  • “Go with your gut”. If something doesn’t seem right, it probably isn’t.
  • Save and scan the true source of the attachment before opening it.

Question Legitimacy of Websites
There are many websites that at first glance, look like legitimate sites. But, upon further examination, you realize it is a spoof. Opening such a site could lead to damage such as slowing down the speed of your computer or even worse, the loss of files or stolen identity. It is important to take precautionary measures when visiting websites, even if it is a site you have visited in the past.

  • Type the complete URL in the browser
  • When doing a Google/Bing search, do not open websites with names that just don’t look right
  • Question the intentions of the sender when you receive an unsolicited email to visit a particular website
  • Make sure your Anti-Spyware/Anti-Virus program is up-to-date so it can warn you of a website that looks suspicious

Case Study

The new employee trainer, Ann at Investment Management Company is discussing with the trainees tips to keep in mind as they are creating the passwords for the different work systems they will have to log into, so that the passwords are strong and not easy to figure out. She also talks about the company’s two-step verification process to ensure that only the authorized person can access the account. Lastly, she goes over determining whether or not a website is legitimate before opening it. Carl, one of the trainees states that he is curious about the company’s policy on opening attachments from co-workers and outside sources.