Head Into Year-End with Cybersecurity Best Practices in Mind

Tips For Staying Safe Online

1. Utilize Strong and Unique Passwords: According to recent studies, over 60% of users still reuse passwords across multiple accounts, making them more vulnerable to breaches. It's essential to create strong, unique passwords for every account. Better yet, try a passphrase, which is longer, easier to remember, and exponentially harder to crack. Consider using a password manager to keep track of passwords and passphrases securely, as well as help you generate them so they’re different for each account.


2. Multi-Factor Authentication (MFA): Despite its proven effectiveness, many users still overlook the simple yet powerful security measure of adding multi-factor authentication (in addition to your password) to account access. Ensure this additional layer of protection is activated wherever available, especially for email and financial services accounts. Some examples of multi-factor authenticaion options include:
   • One-time passcode sent to your phone or email is the most common form of MFA, however it is vulnerable to a new form of fraud called “SIM Swapping.” According to Norton, “SIM swap fraud occurs when scammers take advantage of a weakness in two-factor authentication and verification and use your phone number to access your accounts. SIM swapping happens when scammers contact your mobile phone’s carrier and trick them into activating a SIM card that the fraudsters have. Once this occurs, the scammers have control over your phone number. Anyone calling or texting this number will contact the scammers’ device, not your smartphone.” All the major mobile providers offer security measures to protect against SIM swapping. Here’s an article from Experian that includes some steps to take to protect against this new form of fraud.
   • An authenticator app (such as Google Authenticator, Microsoft Authenticator, or Duo). Authenticator apps generate a one-time code but instead of sending the code to a phone number, they send a code or prompt  to the app that is installed on your device. Always be aware when you receive a prompt, especially if you were not actively logging into an account at the time. MFA fatigue is an attack method where a threat actor continually sends authentication prompts to a device in hopes the user gets tired of it and just accepts it. Many popular MFA apps/providers now require you to select a number shown on screen, or input a code to help prevent MFA fatigue attacks.
   • Physical token device. A physical authentication device that you carry with you may be convenient, but it can be lost or stolen. If you are using a physical token and it is lost or stolen, report it immediately to the provider that issued the token so they can deactivate it.
   • Biometrics (such as fingerprint, face, or retinal scan). Biometrics are more popular on mobile devices when logging into an app. However, they can be used on laptops as well with the appropriate hardware configuration.


3. Stay Informed about Scams and Phishing Attempts: Phishing attacks continue to rise. According to the Federal Trade Commission (FTC), “Phishing is a type of online scam that targets consumers by sending them an email that appears to be from a well-known source – an internet service provider, a bank, or a mortgage company, for example. It asks the consumer to provide personal identifying information. Then a scammer uses the information to open new accounts or invade the consumer’s existing accounts.” Don’t take the bait! Always double-check unexpected emails or messages that request personal information or urgent actions and verify their authenticity through official channels. Here are some tips on how to avoid phishing scams from the American Bankers Association (ABA) and the FTC.


4. Regularly Update Software and Devices: Keeping your software and devices up-to-date is pivotal in safeguarding against vulnerabilities. Cyber criminals often exploit outdated systems, so setting devices to automatically update ensures you have the latest protection against newly discovered threats.

Additional Strategies

• First, consider investing in a comprehensive endpoint security solution that offers features such as antivirus/antimalware protection, a virtual private network (VPN), and real-time threat detection and behavior monitoring. Such tools protect against traditional malware and help shield your online activities from prying eyes. Additionally they can protect against ransomware and other anomalous activity that may not be detected by basic antivirus/antimalware signatures.
• Always exercise caution when connecting to public Wi-Fi networks. These are often unsecure, making it easier for cybercriminals to intercept your data. Using a VPN when accessing public Wi-Fi can encrypt your internet traffic, keeping your information private and secure.
• Educate yourself and stay abreast of the latest cybersecurity trends. This is another effective way to shield against potential threats. Many reputable online platforms offer free webinars, courses, and articles that can expand your knowledge about online safety.
• Finally, for businesses in particular, regular security audits and employee training sessions are vital. Such practices ensure that all team members are aware of the latest threats and knowledgeable about best practices to secure sensitive company data.

How CrossFirst Bank Protects Your Data

• Network, internet, and cloud security
• 24/7 security monitoring
• Security controls and continual employee training
• Infrastructure and data center security, compliant with federal standards