Phin Security

3 Things You Can Do to Be More Cyber Secure | EP 021

The episode "3 Things You Can Do to Be More Cyber Secure" from Gone Phishing emphasizes that everyone is vulnerable to cybercrime due to unique human vulnerabilities, highlights the pervasive nature of social engineering scams targeting individuals daily, and stresses the interconnected risks between personal and work environments, especially in the context of remote work and shared devices.

Welcome to Gone Phishing, a show diving into the cybersecurity threats that surround our highly connected lives. Every human is different. Every person has unique vulnerabilities that expose them to potentially successful social engineering. On this show, we'll discuss human vulnerability and how it relates to unique individuals.

Why Should You Care About Cybersecurity?

Many people believe they are not important enough to be targeted by cybercriminals. They may think, "I don't have enough money or information to steal, so why would anyone target me?" However, this perception is incorrect. Everyone is vulnerable to cybercrime, regardless of their perceived importance or technical expertise.

Human vulnerability management is about recognizing social engineering attempts—when someone tries to steal information, access, or money from you or your business. The goal is to understand these attempts so you can stop them.

If you've ever had money stolen from your bank account, your identity stolen, or been impersonated, you've experienced forms of social engineering. These threats can affect every aspect of your life, not just your organization.

Key Points:

  1. 1.

    Everyone is Vulnerable

    • All individuals, regardless of technical skill, can fall victim to cybercrime.
    • Even cybersecurity experts can make mistakes or be targeted.
    • Sometimes, identity theft happens due to breaches at companies you interact with, not because of your own actions.
  2. 2.

    Scams Are Everywhere

    • Scams target individuals daily, not just organizations.
    • Common examples include scam calls from the IRS or other institutions.
    • You can be swept up in a breach through no fault of your own if a service you use is compromised.
    • Being connected to the internet makes everyone a potential target.
  3. 3.

    Work and Personal Life Are Interconnected

    • Risks can cross between your work and personal environments, especially with remote work and shared devices.
    • Personal devices on work networks (and vice versa) can introduce vulnerabilities.
    • Recent breaches often result from employees working from home and using vulnerable personal devices.
    • There is little separation between work and personal life in today's interconnected world.

What Can You Do to Be More Cyber Secure?

Here are three practical steps you can take to improve your cybersecurity:

  1. 1.

    Use a Password Manager

    • Avoid storing passwords in unsecured places like Google Docs, Word documents, or on paper.
    • Password managers can securely store and rotate your passwords.
    • Even with past breaches at some password manager companies, using a reputable password manager is generally safer than managing passwords yourself.
  2. 2.

    Always Use Multifactor Authentication (MFA)

    • Enable MFA on every account you have.
    • Any form of MFA (text message, app, fingerprint, etc.) greatly increases your account security.
    • MFA requires an attacker to have access to a second form of authentication, making unauthorized access much more difficult.
  3. 3.

    Learn to Recognize Phishing Emails

    • Hover over links before clicking to check if they lead to legitimate websites.
    • If unsure about an email (e.g., from your bank), contact the institution directly or log in through their official website, not through links in the email.
    • Phishing emails are designed to create urgency and prompt you to act without thinking—be cautious and verify before responding.

If you consistently follow these three steps—using a password manager, enabling multifactor authentication, and recognizing phishing emails—you will be significantly more secure than the average individual.

Thank you for joining this episode of Gone Phishing. Stay safe and secure in our interconnected world!