I keep seeing posts on social media sites for online password checkers. Good samaritans trying to share this “valuable” information with their friends. My breath catches a little more every time. I want to respond to every one of them and say, be very careful with these though! If they are not legitimate sites and you use your REAL password, they can be installing malware and getting your password all at the same time.
The route I would recommend is to:
- Never, ever use your real password
- Keep in mind that the more information you are asked to enter (e.g. name, email address), the less likely the site is legitimate, and
- Only use sites sponsored by recognizable companies; even then, however, step very carefully. A few of of my (legitimate) favorites are http://blog.kaspersky.com/password-check/ (who tells you not to use a real password) and, of course, http://www.fedex.com/us/security/protect-yourself.html
Just another way that social media has become the cyber thief’s playground…
Staying safe online is always a concern, but definitely more so around the holiday. Google “stay safe online”, however, and you are likely to get search results that will lead you to a malicious site which is exactly what you are trying to avoid! So I wanted to share a few of my favorite and trusted resources that I turn to for the latest on how to stay safe online:
- StaySafeOnline.org – Why? You can search for information based on your role…as a consumer, business, security professional, parent, or teacher.
- Stop.Think.Connect – Why? A cyber security awareness campaign evolving from the StaySafeOnline organization. This site breaks down online safety in plain English and includes videos for specific scenarios including safety tips for the home, gaming, mobile, and many more.
- OnGuardOnline.gov – Why? An even more consumer-friendly site powered by the Stop.Think.Connect campaign. Again, find the topics that are geared to your role in or use of online resources.
- AARP’s Beware of Holiday Scams post – Why? Because it is updated with the latest online scams that are epidemics this holiday season.
- US-CERT Security Tip report: Holiday Traveling with Personal Internet-Enabled Devices – Why? Because people are way too trusting with public “resources”.
These are just a few of my favorites. Start with these safe, secure sites to learn all you need to know about staying safe online.
At least once a week a friend of mine calls me in a panic after they have received indications that their email account has been hacked. Unbeknownst to them, their account has been sending out solicitations, jokes, pictures, or videos that contain nefarious links that will either distribute malware or direct the recipient to a money-making website. “What do I do?”, they all ask. My response: CHANGE YOUR PASSWORD and make it a strong password! What is a strong password is the next question and here are the suggestions I give to them:
- Never, ever use a word that appears in a dictionary or can be read. Yes, this includes your kids’ and pets’ names even though they might not be in Webster’s
- Use a combination of letters and numbers
- Throw in uppercase letters just for fun
- If allowed, sprinkle in a special character
- Replace letters for numbers, e.g. L3tt3rs4Numb3rs
- Take a favorite phrase and turn it into an initialism (yep, might want to Google that!), e.g. How Much Wood Could A Woodchuck Chuck If a Woodchuck Could Chuck Wood = HMWCAWCIAWCCW (don’t forget to add on extra numbers and special characters for more strength)
- And above all, STOP using your birthday, your kids’ birthday, or your anniversary…anyone can Google that info
Want more direction on creating a strong password? Here’s Microsoft’s Tips for Creating a Strong Password