3 Steps to Protecting Yourself From Cybercrime In 2020
Protecting yourself from cybercrime in 2020 may be the last of your worries at this point. We’ve experienced the Coronavirus (COVID-19) pandemic, violence, riots, unemployment at near record highs, mass layoffs, and the year is barely halfway over. Unfortunately, now more than ever, we face an increased risk from cybercrime. With desperate times both behind us and ahead, criminals will do whatever they can to gain the upper hand. As the President & CEO of The Penn Group, I have a front row seat to the uptick in cybercrime activity. Now more than ever, it is critically important that you take some basic precautions to keep you and your family safe. Here are 3 Steps to Protecting Yourself From Cybercrime In 2020.
Step 1: Freeze Your Credit
Step 1 to protecting yourself from cybercrime in 2020: Freeze Your Credit. In the United States, there are 3 major credit reporting agencies that keep a large log of personal information on the vast majority of Americans. Equifax, Experian and TransUnion are private companies that collect information on the financial history of borrowers. The purpose of the collection is to help gauge the risk that the borrower has to a lender. Luckily, these organizations collect this data, for the most part, in the background and without clear consent from the end user. To add some lime into the wound, once the agencies have your data, they attempt to charge you for monitoring of your credit report as a way to capitalize on miserably bad security practices. Finally, they will attempt to sell you borderline scam products and then leak your entire financial history on the internet.
Why Your Free Dark Web Scan Doesn’t Matter
The Dark Web is the underbelly of the internet. What is really lurking down there?
If you can’t tell, I’m clearly not a fan of these organizations, but they are a pillar of the financial lending system and they are here to stay. Your credit is extremely valuable to fraudsters. In some cases, a full identity with credit information, can go for over $50 on the Dark Web. That is big money for a criminal who may have thousands of these records in possession. During a period of record low interest rates, cybercriminals will attempt to hijack your credit. Thankfully, the US Federal Government passed a law that went into effect in 2018 allowing you to place a free security freeze on your credit.
Placing a security freeze will prevent a criminal from utilizing your credit to buy anything on loan without first unfreezing your credit. You can temporarily unfreeze your credit anytime you need to use it. Credit freezes do not block your use of credit cards. It is highly recommended that you freeze your credit right away, unless you’re planning on making a credit purchase within the next 24 hours.
How to Freeze Your Credit:
Step 2: Protect Your Email at all costs
Step 2 to protecting yourself from cybercrime in 2020: Protect Your Email at All Costs. A few days ago, I was trying to get into my bank account. It was an account that I rarely use, and I forgot the stupid email and password combination to get into the account. Embarrassed, I clicked forgot password and was prompted to put my email address in to recover my password. I received an email and went on my way, but I was reminded of a very grim security reality. If a criminal gets into your email, they can get into virtually any of your accounts that are signed up with that email. Most forgot password systems, depending on the company, do not provide any secondary form of authentication when updating a password. If they have access to your email, they can change your passwords at will, then suppress the emailed notifications letting you know that the password was changed. This can be extremely difficult to rectify and can cost precious time. My recommendation for 2020 is to keep your email secure at all cost. That means using a unique, strong passphrase that is easy for you to remember but very difficult to guess. A strong passphrase, coupled with a multi-factor authentication method, like a hard token or Google Authenticator, is a must. For the best security, avoid using SMS text message codes, as they are not entirely secure.
Step 3: Use A Password Manager
Step 3 to protecting yourself from cybercrime in 2020: Use A Password Manager. The average consumer has over 100 user accounts and passwords to remember. Spreadsheets, pen and paper, small pocketbooks, and Post It notes have been the go-to methods to keeping track of passwords for years. The problem is, the security challenges with these hack methods are endless. For example: what would happen if a criminal got access to the spreadsheet that has all of your usernames and passwords in it? They would have access to all of your accounts. You might be quick to point out that it can be nearly impossible to remember all of your usernames and passwords. I agree, it is very difficult. Plus, password requirements continue to become more annoying, and less secure. Yes, I’m talking to you, IT manager who thinks a 15-character password with high entropy, with a Greek letter requirement, and an every 10-day change policy is secure. It isn’t. While it is time-consuming for a computer to hack a requirement like this, it is near impossible for the end user to meet the demands over time. Users will eventually resort to using the same passwords for more than one account, defeating the purpose. The reason for this: if a credential is leaked on the dark web, and it almost certainly will be, then a criminal will have access to all accounts using that password.
The solution to all of this is to use a password manager like LastPass. A password manager can provide a reasonably secure way to manage end user passwords. It is important to enable multi-factor authentication on a password manager to ensure maximum security. Last Pass offers a free version, which I use, and paid versions.
2020 is a year few of us will forget. With criminals on the move, it is important to protect your passwords by using a password manager, enforce strong security with your email accounts, and to freeze your credit. By completing these steps, you significantly increase your security posture, and help to thwart potential threats from impacting your personal wealth.
Austin Harman is the President & CEO of The Penn Group. He currently holds the coveted CISSP certification, in conjunction with the CCSP, CAP, and Security+ certifications from ISC2 and CompTIA respectively. He resides in Columbus, Ohio.