Cybersecurity Tip of the Week

id = "FBMainForm_38110945" action="/cybersecurity.html" method = "post" onsubmit = "return false" >
Cybersecurity Tip of the Week Search  

 
What to do if your account is involved in a data breach
by FCNB on 



What to do if your account is involved in a data breach

The odds are against us when it comes to data breaches. Most likely than ever, one of our accounts will be breached. Here is what you should do to reduce the damage of a data breach:

Keep calm and change your password.
Log in as soon as you find out about the breach. Change the password and make sure you set up a strong and unique one.

Activate two-factor authentication if the hacked service offers you this option.
It will act as a second layer of protection, besides the initial password. Every time you log in from a new device or browser, it will request you to authenticate using a second pass code that’s unique and time sensitive. You will receive the authentication code on your mobile phone, via a special app, email or text message.

Don’t recycle your passwords.
If you were using the same password for multiple accounts, change them all. Start with the email account that was linked to the hacked account. Repeat the previous steps (new, strong and unique passwords, and activate two-factor authentication).



Comments     Permalink     Add Comment

Social media – a hackers’ favourite target
by FCNB on 


Social media – a hackers’ favourite target
(Part 2)

Last week, we reviewed the common types of cyberattacks linked to social networks.

Hackers target social media because its users usually trust their circles of friends. The result: more than 600,000 Facebook accounts are compromised every single day. Also, one in 10 social media users say they’ve been a victim of a cyberattack and the numbers are on the rise.

To avoid being a cybersecurity statistic, follow these easy steps:

  1. Don’t click on any strange links.
  2. Do not accept friends request from people you don’t know.
  3. Educate yourself about the common cyberattacks and frauds that are currently happening and learn how to protect your social media accounts.
  4. Install a safe and trusted antivirus that can protect you against malware and dangerous web locations.

Learn more about Frauds and Scams



Comments     Permalink     Add Comment

Social media – a hackers’ favourite target
by FCNB on 


Social media – a hackers’ favourite target
(Part 1)

Did you know that there are more than three billion active social networks users worldwide? This is why cyber attackers love social media.

Users that spend a lot of time on social networks are more likely to click links posted by trusted friends − a behaviour hackers use to their advantage.

Here are some of the most common types of cyberattacks directed at social media platforms:

  • Like-jacking: occurs when criminals post fake Facebook “like” buttons to webpages. Instead of “liking” the page, the user unknowingly downloads malware.
  • Link-jacking: a practice used to redirect one website’s links to another. Hackers use this to redirect users from trusted websites to malware- infected websites that hide drive-by downloads or other types of infections.
  • Phishing: the attempt to acquire personal information such as usernames, passwords, etc. by disguising itself as a trustworthy friend. Find out more about phishing here.
  • Social spam: unwanted spam content appearing on social networks and other websites with user-generated content (comments, chat, etc.). It can appear in different forms, including bulk messages, insults, hate speech, fraudulent reviews, fake friends and personally identifiable information.

Find out how these cyberattacks affects you and what you can do to protect yourself in next week’s post.



Comments     Permalink     Add Comment

Do you https?
by FCNB on 

Do you https?


When shopping or banking online make sure you’re using secure sites. Websites that start with https:// or shttp:// use higher security measures than ones that begins with http://.

To make your browsing more secure, install HTTPS Everywhere for Chrome, Firefox, Android and Opera. This free extension will encrypt your communication with major websites, thus increasing your browsing security. This will make the data you send and receive from the websites encrypted, so cyber criminals won’t be able to snoop on the information transfer and steal your data


Comments     Permalink     Add Comment

A parent's guide to protecting your kids online
by FCNB on 


A parent's guide to protecting your kids online

In recent months, a handful of New Brunswick families found out the hard way that if kids have internet access, they also have access to all the bad things that come along with the online world. Four children between the ages of eight and twelve voluntarily sent nude images or videos of themselves that were later discovered by RCMP on various unspecified free websites.   

Perhaps the only positive outcome from this story is that because it hits so close to home, it serves as a much-needed wake-up call to other parents, who will often say, “My kid wouldn’t do that” — but we’re learning that, in 2019, you may know your child, but if you don’t monitor their internet activities, you can never really be sure what they’re up to. 

Prevention, not punishment
This stuff is scary, but there are effective ways of protecting kids from the darker side of this age of connectivity. Rather than punishing negative behaviour after the fact, prevent it.

How, you ask? Two approaches work.

First: Maintain an open dialogue with children about what’s acceptable online. Make yourself out to be an ally, not an enemy, so that kids feel comfortable bringing issues to you before they even begin. 

Ask kids who they’re talking to online, explain to them that adults shouldn’t be pursuing relationships with kids, talk about healthy versus unhealthy relationships, about ways to get out of uncomfortable situations online, and talk openly about what kinds of thing you do online so children know how the internet should be used. 

Second: It doesn’t get much more tangible than physically removing devices from kids’ bedrooms —especially anything with a webcam. They don’t need it! 

Prevent your child from seeing things they shouldn’t online by changing some basic security settings — monitor the settings of the device itself, as well as your ISP settings. 

Take safety a step further by plugging a cool gadget like CleanRouter or Circle into your router. These control what all other devices are able to do while on the Wi-Fi network at home: they can filter out age-inappropriate content, set internet curfews, and generally monitor what kids are doing online.

It can happen to you, but it doesn’t have to
Studies show that 60% of people under the age of 30 have created an intimate image of themselves — by the time a pic is snapped it can make its way out of your hands. If adults can fall victim to this kind of thing, kids obviously can too. 

It’s important to remind your children (and yourself!) of the legal implications of online activities — sharing intimate images without consent is illegal. 

A good guideline: Tell your kids, “Don’t do anything online that you wouldn’t do at the mall.”

*Article de blogue de Beauceron Security. Pour plus d’information, consultez : https://www.beauceronsecurity.com/blog?offset=1552065484713



Comments     Permalink     Add Comment

Identifying fraudulent emails
by FCNB on 


Identifying fraudulent emails

If you receive an official-looking email, but aren’t sure if it is valid, look out for these telltale signs of a scam:

  • Poor grammar and misspelled words.
  • You’re asked to pay money up front to be eligible for a prize.
  • You’re urged to act quickly.
  • Emails from large companies sent from a Hotmail or Gmail account. Legitimate corporations don’t use these accounts for business.
  • The email begins with “Dear Sir/Madam”.
  • “You’ve won!” even though you haven’t entered any contests.
  • You’re told to call a 1-900 number to claim your prize. There is always a charge for calling a 1-900 number.
  • Online advertising banners offering free gifts or services.
  • A job offer that sounds too good to be true.

If you’re still not sure, contact the company directly (don’t reply to the email).  Ask them if the information is legitimate.


Comments     Permalink     Add Comment

Ransomware 101
by FCNB on 


Ransomware 101

Ransomware is malicious software that encrypts all your data and either blocks your access to files or locks you out of your operating system all together. Then you get a pop-up image or message demanding you pay a ransom within a certain amount of time to gain access to your data again.  The payment is often requested in Bitcoin because it cannot be tracked.

To protect yourself against ransomware, follow these tips:

  • Back up your data regularly.
  • Don’t keep vital information only on your computer.
  • Never download or open attachments in emails from unknown senders.
  • Don’t click links in emails from unknown senders.
  • Keep your operating system, software and apps up to date at all times.
  • Use a reliable antivirus.

Learn more about Frauds and Scams



Comments     Permalink     Add Comment

My McD’s app hack points to importance of securing accounts
by FCNB on 

My McD’s app hack points to importance of securing accounts 


It’s not the first “Hamburglar” hack and it probably won’t be the last, but a recent McDonald’s app attack has some lessons to teach us about securing our accounts in the age of digital loyalty programs.  

 

What happened

A tech writer in Toronto who used the McDonald’s app learned that a scammer had broken into his My McD’s account and purchased more than 100 meals — racking up around $2K in charges. The app was linked to his debit card, and he was oblivious to it all, receiving no notifications from McDonald’s or the bank.

 

It’s safe to say that no one could eat that much McDonald’s and survive, so chances are the victim’s username had been reused or compromised, the hacker guessed it or otherwise accessed it, then traded it on the dark web to be exploited by multiple criminals.  

 

A PR nightmare for Mickey D’s

This looks bad on McDonald’s — especially since similar things have happened in other areas including Quebec and Nova Scotia involving the same app. It’s likely not a widespread issue for McDonald’s specifically, though, but an illustration of what will inevitably happen more and more as these loyalty and rewards programs become more common.

 

Rewards apps = easy targets

Loyalty programs and apps are attractive targets for cybercriminals: they’re easy to hack, highly profitable, and — let's face it — police don’t care about a $2K McDonald’s bill, so fraudsters can get away with it. We’re seeing many issues with rewards campaigns and users’ accounts being drained.    

 

What should companies do?

Companies could allow users to load the app with a certain amount of money, and set limits, to remove the possibility of a thief racking up a steep bill. 

 

Corporations could also set up two-factor authentication on their apps, meaning any time someone logs in from a new device that wasn’t previously using the app, it would require them to prove they are who they say they are, and not allow transactions if they can’t validate their identity.  

 

2FA? We’re lovin’ it!

Two-factor authentication often isn’t built into apps – even though it would be easy enough for these corporations to do – because companies are not subject to any regulatory requirements around security, and because customers just aren’t asking for 2FA. 

 

The best way to get companies to change their behaviour in Canada is to voice your concerns. 

 

Supersize your password

If you’re using an app like this, make sure to secure your account by creating long, strong passwords, never reusing passwords, using a password manager, and using two-factor authentication where the app supports it.

 

To learn more about protecting your identity at home or at work, contact the Beauceron Security Team @ mailto:info@beauceronsecurity.com or 1-877-516-9245 and check out our blog on 7 Reasons to start using a password manager today!

 

*Blog post from Beauceron Security, for more information visit: https://www.beauceronsecurity.com/blog?offset=1552065484713

 

Learn more about Frauds and Scams

See all Cybersecurity tips

Learn more about how to Get Cyber Safe


Comments     Permalink     Add Comment

Recognize when you're being played
by FCNB on 


Recognize when you’re being played

It’s okay to be (a little) paranoid. Being aware of what’s going on, online and offline, can help keep you from being compromised.

Here are a few simple rules to live by online:

  • Don’t give your money or personal information to strangers on the Internet.
  • If it looks fishy, stay away.
  • If someone asks for your confidential information, don’t give it to them.
  • A healthy dose of skepticism is a good thing.

Social engineering is using deception and manipulation to get you to give up confidential or personal information, usually passwords, banking information or access to your computer.  The information may be used to commit fraud or to access your computer and install harmful software.

How it can happen:

An email from a friend with an attachment that you just have to check out!  Because it comes from a friend, you’re less likely to be skeptical and more likely to download the attachment that may have malicious software included!

An email from your bank saying there is an urgent problem with your account, with a link to log in. 

A contractor your company works with asks for private company information that grants access into your system.Protect yourself, and your company, by slowing down. Think first, and then act. 

Scammers try to get you worked up so you’ll act before having time to think about what you’re doing.  Delete any emails that ask for personal or financial information, logins or passwords, and don’t download attachments you’re not expecting.



Comments     Permalink     Add Comment

Less spam, fewer problems
by FCNB on 


Less spam, fewer problems

Is spam clogging up your inbox? If so, there are a couple of things you can do to weed out most of it and keep your inbox and device safe:

  • Be careful where you submit your email address.
  • Unsubscribe from any unnecessary newsletters.
  • Use filters and mark emails as spam to help your email provider block it more effectively.
  • Never click on links in spam emails.
  • Never unsubscribe from spam emails.
  • Never download or open attachments in spam emails.
  • Disable the automatic downloading of HTML graphics in your email settings.
  • Create completely separate email accounts with different purposes.
  • Do not list your email account on social media.

Don’t forget, spam campaigns are still one of the main ways cyber criminals attack, so the less spam you have, the more secure you are.



Comments     Permalink     Add Comment

 
RSS Feed


2017 © Financial and Consumer Services Commission