Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
For the millions of people who stay at home with friends and family during the holiday season, this is the time of year when many are tied up trying to fix their home Wi-Fi or face many technical questions.
Instead this holiday, give the gift of good safety advice. This is a great time of year when you can help each other to make changes that help your loved ones’ online safety. This doesn’t mean fixing a family printer isn’t worth your time, but sharing a few safety tips goes a long way to protect your loved ones from common Internet threats.
As someone who has covered hacks and breaches for over a decade, I think of cybersecurity as an investment that you hope never happens. No one wants to have the “oh st” moment of realizing they’ve been hacked, or that their bank accounts or online wallets have been hacked, yet many have the “it can’t happen to me” mentality without realizing it’s their account. Old-fashioned passwords may not be enough protection against today’s fraud.
Often times, spending a few minutes with friends and family can be the motivation they need to get started with online safety, and stay safe.
As for what to say to your people, I asked Rachel Tobac, CEO of SocialProof Security, a company that provides security awareness training to help people protect against cyber threats before they get caught; and Caitlin Condon, director of vulnerability intelligence at cybersecurity firm Rapid7, for their top security tips to share with friends and family. Their recommendation is to focus on the security basics that work best to keep your online accounts safe.
An important part of sharing good security advice is helping your friends and family get started using the security software and tools they need to stay safe. This way, they can learn along with you and develop new habits and habits over time.
“In many cases it is not enough to simply accept or implement security technologies; we need to help our loved ones learn how to use these technologies to build trust and confidence,” said Condon.
Set a password that keeps the password strong and unique
Tobac said: “When we go home for the holidays, our relatives often ask us for things that are not very important. It’s not a good idea to give advice to a family member about cryptocurrency — for example — if they reuse the same password for every online account they have, Tobac said.
The best password is the one you always remember, and that’s when a password manager can help. Password managers keep track of your logins, and can even create and store complex and unique passwords, so you don’t have to remember the same password across different types of internet. (Using the same password online makes both accounts vulnerable to hacking if someone guesses or steals your password.)
There are many password managers out there to choose from. Your browser may already have it, and iPhones and iPads have it their Secret program. Bitwarden it’s also an easy-to-use password manager which also allows you to access your passwords from your phone.
“It can help to sit down with loved ones, especially if they’re not very tech-savvy, and walk them through setting passwords, installing browser plugins, creating and saving new passwords — starting with financial or health areas — and logging in and out of a password manager,” Condon said.
A common risk is forgetting or losing a password that locks your password manager from outsiders, Condon said. Some people choose to have a copy of their password written down and kept somewhere in their home for safekeeping.
“In my experience, it’s less dangerous to write passwords down on paper and keep them somewhere in your house than it is to reuse simple passwords,” Condon said.
Multi-factor authentication can save the day
Passwords alone are not enough to protect your account from hackers. Some of them the biggest hacks of 2024 it was possible because corporate giants forgot to implement security requirements, such as multi-factor authentication (or MFA), allowing hackers to log in with stolen passwords.
Having a second level of security like MFA (also known as two-factor authentication) for your online accounts makes it harder for anyone with your password to gain access to your account. MFA works by sending a second code and text message to the device you own or prompting you to generate a code in an authentication app.
“Help them turn on authentication for many things, whether it’s a number, or a text message, especially important accounts – like your email account – which is the key to the security of all your other accounts,” Tobac said.
Fodya also recommended closing your phone provider’s account with MFA, because – like your email account – anyone with your phone number can log into any account connected to the Internet if you forget your password. This is why some prefer to use a built-in authentication app instead of sending a text message (which can be intercepted) to their phone.
There are many certification programs; A popular choice is Duo Mobilea simple app that generates secondary codes on the fly with a cloud backup in case you lose access to your phone.
Remember that any MFA is better than none.
Be ‘politely upset’ on the phone
“One thing that I see people struggle with on a regular basis is the volume of spam, phone calls, emails, and notifications that are designed for professional users to visit malicious websites or provide their logins and credentials,” Condon said.
In many cases, letting the phone go to voicemail can be a good way to avoid scams and scams. Even with caller ID, the phone calls make it difficult to identify the person you are talking to is legitimate.
Tobacco shows to be “incredibly polite,” a way to verify that people and companies are who they say they are when contacting them using another form of communication before providing potentially damaging information, such as credit card numbers or passwords. Tobac explained that if you get a call from your bank to check an unusual amount on your account, you can politely end the call and call back using the authorized number on your bank card.
The same goes for anyone who calls you asking for information but you don’t know who it is. You can check an organization’s website, app, or secure inbox to see for yourself before taking action.
Having the same websites bookmarked in your browser for easy access can help your family members confirm any suspicious calls in seconds.
“Help your loved ones to book the official websites they can go to to see security messages or account activity if they are concerned that there might be a problem,” Condon. “Show them how to navigate to those pages using bookmarks or browser shortcuts.”
A password manager, multi-factor authentication and being a “polite hacker” on the phone are simple, but very effective barriers to malicious hackers. Making sure the cybersecurity basics are in place (and your loved ones understand their importance) is a good place to start with friends and family, Tobac said.
“That’s the best gift you can give them,” Tobac said. “A gift that cannot be stolen.”
