ALERT – Be Cyber Aware

Given the situation in Ukraine, everyone needs to be aware of cyber security and take some actions to be more secure.

You will probably notice applications and websites forcing you to login in again or change your password. This happened to me at Kroger this morning. That app NEVER makes me log in, it’s always there at the ready. Not only did I have to log in again, I was forced to change my password since my password wasn’t working. I know I had the correct password, I just reset it a week ago. The process of resetting the password required a code sent to my phone or email. Perhaps all this is coincidence or Kroger is actually proactive, protecting its app and IT infrastructure. It’s a smart move if it is planned – the Kroger app houses payment information and other data that shows purchasing activity; something that could prioritize future targets for a cyber terrorist.

Is it far-fetched or a little paranoid to think this way? Absolutely not. These breaches and data releases happen in a series of somewhat mundane or minor inconveniences – having to accept a privacy policy or clicking on an offer in an email. Some are obvious and easy to detect as phishing or junk like the example below, others are more difficult. This morning, I had a half dozen of these phishing type emails, I usually have one a day tops.

My suggestion? Change your most vulnerable passwords. If you have an iPhone and use the password manager built into iOS, a “security recommendations” section will outline the most vulnerable sites and passwords. Other password managers (the good ones anyway) have a feature that alerts you to weak passwords, passwords you use more than once, and compromised sites.

Change your most vulnerable passwords.

And while we are on the subject of passwords, check those “log in with” options. Log in with Google, Facebook, Apple – it doesn’t hurt to go and check what you’ve given permission to in all of those applications. Personally, I wouldn’t trust Facebook to clean my bathroom floor. Apple’s can be a bit layered and complicated, Google’s is easier but still is risky if you start using this option for everything and forget what you gave permission to – and remember, if Google is compromised or has a security breach – the cyber terrorist has keys to all those sites. If you use this option for anything at all, make sure you use two factor authentication to secure the main account. Word to the wise – Facebook’s 2FA is flaky and clunky. Nothing is secure on Facebook – what you tell your “friends” or where you click “like”. Remember you are the product.

Be a little more careful and take your time when going through your email or logging into sites. See if you notice a higher volume of phishing emails or times you are forced to log back into a site or application. It’s either a hacker, or a diligient IT department decreasing the likelihood of a cyber attack or breach. It is not far fetched at all that Russia has cyber operatives trying to disrupt the world’s computer infrastructure. It’s the first thing they attacked when invading Ukraine.

Example of a REALLY BAD phishing email. As bad as this is, some people will click through on it anyway.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s