National Cybersecurity Awareness Month

October is National Cybersecurity Awareness Month and it’s always good to stay on our toes when dealing with email, web surfing, phone calls, and site security.

This email includes a poster from the Department of Homeland Security and a few key reminders to help you with that task.

Some Basic Cyber Security Safety Pointers:

1. Never, ever give your password or login credentials in response to an email asking you to do so. The email may seem to be from a reputable IT company such as Microsoft and might look like “TechSupport@Microsoft.com” but it isn’t. Check the “Reply to:” address and you’ll see something like this “IgotYou@yahoo.com.”

2. An email might have a header that looks like it came from a Known source, but the “Reply to:” address looks something like “Voodo1@gmail.com”. A bogus “Reply to:” address tells you that the email is always fraudulent in nature. No one will ever contact you asking for you to send your login credentials via email or ask you to reply to an email that is linked to an external web site that asks for login credentials.

3. Beware of Phishing Support Calls. Never allow someone who calls on the phone to convince you to log on to any web site outside of you organization for any type of technical support or convince you to give them access to your computer. Those are dead give-aways for cyber fraud.

4. Beware of people who request access to network rooms or wiring closets at any of our locations. Call your local or regional Facilities representative or the IT Help Desk to ask if there is a ticket open with a valid service provider before you grant access. It’s better to turn someone away than to allow unauthorized access to our network.

5. If you receive an email from an unknown sender or an email that has an attachment that you haven’t requested and aren’t expecting, do not reply or open the attachment(s). It only takes one Virus or Trojan malware program to make for a really bad day for your company – don’t be fooled.

6. Never get duped by the gift card ploy. If you receive an email request to buy Walmart, Target or any other gift cards for anyone in the company, pick up a phone and call the sender of the email to verify the request. In nearly every case, these requests are attempts to get untraceable money. It might seem silly at first glance, but this happens frequently.

7. If you handle Accounting or HR financial functions, never consider emails to be valid requests for direct deposit changes or money transfers of any kind. Stick to established procedures always and never deviate no matter who appears to be sending you the request.

8. If something seems suspicious or makes you concerned about email security, physical site security or any other situation, make sure you take the correct measures and delete that email.