Cybersecurity

Don’t Get Hacked: Follow These Useful Cybersecurity Tips

If it looks fishy, it probably is

Every year since 2003, to help keep the public informed on ways to protect themselves and their data online, October has been recognized as National Cybersecurity Awareness Month. As the tech world continues to grow, so does the magnitude of cyberattacks. To help you stay vigilant, here are some useful tips to follow to increase your cybersecurity. 

Change passwords periodically and utilize passphrases

Many of us create passwords and never think to change them, or we use the same password for all of our accounts. This can make us vulnerable during data breaches. It is important to have variety in your passwords and change them periodically. The next time you create a password, use a short sentence (known as a passphrase) that will resonate with you, such as “IM!ssNYC149.” Incorporating special characters into passphrases adds to their complexity, ultimately making them harder to guess. 

Hover over links

It’s easy to just aimlessly click on links we receive, not second-guessing where it may lead us. Next time, pause and hover over the link with your cursor, or tap and hold with your finger on a smartphone to ensure the destination it’s leading you to is valid and not an attempt to embed malware on your computer, phone, or tablet.

Get rid of files you don’t need

Keeping sensitive information on your computer for long periods is never a good idea. After the information has served its purpose, delete it from your computer, or if you have it physically printed, bring it to your nearest shredder. Now if a hacker ever decides they wanted to steal your information, they’ll find themselves like sad kids in an empty candy store, considering all sensitive information will be gone.

Learn how to identify a phishing email or text message

With so many emails and text messages getting funneled in and out of your inboxes every day, it can be hard to stop and check to see if something looks “fishy”. As these messages get more sophisticated, here are a few tips on how to quickly identify fake messages:

• Generic greetings: Emails that begin with “Dear user” or “Hello INSERT COMPANY NAME member” are suspect
• Fake URL: If the web address is scrambled or looks suspicious, don’t click on anything and leave
• A sense of urgency: These messages will always sound an alarm. Take the time to think and review the message thoroughly before taking action
• Poorly written: Typos, misspellings, and incorrect grammar are common in phishing messages
• Asks for sensitive info: NEVER provide personal, credit card, or account info via email, text, or phone

Verify sender information

Protecting your data can be as simple as verifying an email you receive comes from a legitimate address. This means maybe googling the email address to locate its source. If you receive emails that look suspicious, BU community members can report it by forwarding them to abuse@bu.edu. Be sure to also periodically check out the BU Phish Bowl for an up-to-date list of the most common phishing emails.

Enable two-factor authentication

There’s nothing worse than getting hacked and not being able to do anything to protect your information. Installing a two-factor authentication app like Duo or enabling two-factor via text message verification will make it much harder for your accounts to be compromised.

Avoid opening attachments if you’re not expecting them

Curiosity can get the best of us when it comes to receiving emails or text messages with attachments. However, some of these attachments may have code embedded in them that allows cybercriminals to roam through your device in the background. Therefore, avoid any attachments with extension labels such as .exe, .scr, .vbs, .hta, .reg, or .bat.

For more information, check out the BU Information Services & Technology website. Stay safe out there, Terriers!