Cyber Security Awareness Tips
Washoe County Sheriff's Office Wants to Protect You against Cyber Crimes!
Tip #1
Keeping your Computer Protected with the Basics
Rule of thumb: install anti-malware protection and keep it updated. Malware still poses one of the biggest risks to you and your information. While most people have some sort of anti-virus program installed on their computers, there are still an alarming number of people who do not keep their anti-virus software current.
Just as we need new flu shots each year to protect against new strains, computers need up-to-date protection against new viruses, worms, Trojans, spyware, and other nefarious stuff. And, as malware becomes increasingly sophisticated, keeping your computer "inoculated" is the minimum level of defense you need.
Source: StaySafeOnline.org
Tip #2
Don't use the same user ID and password combinations across all systems and websites.
Rule of thumb: try and match the user ID and or the password to a specific application. Passwords are the primary way businesses and organizations grant access and by extension, prevent unauthorized access. However, passwords can also be the weakest link in the chain. And if you're like most people, to make remembering passwords easier, you use the same one across all systems. The problem with this is obvious; if a hacker can gain access to one of your passwords, chances are he/she can then access most if not all of your logins.
Source: StaySafeOnline.org
Tip #3
Make Sure Your Computer is Configured Securely
Keep in mind that a newly purchased computer may not have the right level of security for you. When you are installing your computer at home, pay attention not just to making your new system function, but also focus on making it work securely.
Configuring popular Internet applications such as your Web browser and email software is one of the most important areas to focus on. For example, settings in your Web browser such as Internet Explorer or Firefox will determine what happens when you visit Web sites on the Internet - the strongest security settings will give you the most control over what happens online but may also frustrate some people with a large number of questions ("This may not be safe, are you sure you want do this?") or the inability to do what they want to do.
Choosing the right level of security and privacy depends on the individual using the computer. Oftentimes security and privacy settings can be properly configured without any sort of special expertise by simply using the "Help" feature of your software or reading the vendor's Web site. If you are uncomfortable configuring it yourself, consult someone you know and trust for assistance or contact the vendor directly.
Source: StaySafeOnline.org
Tip #4
If Given a Choice, Never Allow an Online Business to Store your Financial Information.
Rule of thumb: forego the "ease-of-use" temptation of allowing an e-commerce site to store your financial information. Often, under the auspices of convenience, companies will offer to store your information for future transactions. This information may be stored at the servers of the business, their cloud provider, or hidden on your system somewhere. Although any data you enter is somewhat at risk, data that is entered once and then transmitted is less likely to be compromised than stored data.
Source: StaySafeOnline.org
Tip #5
While the Internet can make your life easier, it can also expose you to cyber-security threats like scams and identity theft. Here are some terms you need to know before you go online.
- PHARMING: A scheme that sends you to fake websites where hackers secretly collect personal information and passwords.
- PHISHING: Fake e-mails that appear to come from a legitimate source looking to "verify" personal or financial information.
- TROJANS: Programs that look useful, but actually cause damage to your computer.
- VIRUSES: Self-replicating programs that damage hard drives and affect the normal operation of your computer.
- SPYWARE: Malicious code that secretly watches what you do on your computer and sends the information over the Internet.
Source: NetSmartz.org
Tip #6
Auction Fraud
- Before you bid, contact the seller with any questions you have.
- Review the seller's feedback.
- Be cautious when dealing with individuals outside of your own country.
- Ensure you understand refund, return, and warranty policies.
- Determine the shipping charges before you buy.
- Be wary if the seller only accepts wire transfers or cash.
- If an escrow service is used, ensure it is legitimate.
- Consider insuring your item.
- Be cautious of unsolicited offers.
Source: FBI and NW3C
Tip #7
Counterfeit Cashier's Checks
- Inspect the cashier's check.
- Ensure the amount of the check matches in figures and words.
- Check to see that the account number is not shiny in appearance.
- Be watchful that the drawer's signature is not traced.
- Official checks are generally perforated on at least one side.
- Inspect the check for additions, deletions, or other alterations.
- Contact the financial institution on which the check was drawn to ensure legitimacy.
- Obtain the bank's telephone number from a reliable source, not from the check itself.
- Be cautious when dealing with individuals outside of your own country.
Source: FBI and NW3C
Tip #8
Credit Card Fraud
- Ensure a site is secure and reputable before providing your credit card number online.
- Don't trust a site just because it claims to be secure.
- If purchasing merchandise, ensure it is from a reputable source.
- Promptly reconcile credit card statements to avoid unauthorized charges.
- Do your research to ensure legitimacy of the individual or company.
- Beware of providing credit card information when requested through unsolicited emails.
Source: FBI and NW3C
Tip #9
Debt Elimination
- Know who you are doing business with - do your research.
- Obtain the name, address, and telephone number of the individual or company.
- Research the individual or company to ensure they are authentic.
- Contact the Better Business Bureau to determine the legitimacy of the company.
- Be cautious when dealing with individuals outside of your own country.
- Ensure you understand all terms and conditions of any agreement.
- Be wary of businesses that operate from P.O. boxes or maildrops.
- Ask for names of other customers of the individual or company and contact them.
- If it sounds too good to be true, it probably is.
Source: FBI and NW3C
Tip #10
Fraudulent DHL or UPS Emails
- Beware of individuals using the DHL or UPS logo in any email communication.
- Be suspicious when payment is requested by money transfer before the goods will be delivered.
- Remember that DHL and UPS do not generally get involved in directly collecting payment from customers.
- Fees associated with DHL or UPS transactions are only for shipping costs and never for other costs associated with online transactions.
- Contact DHL or UPS to confirm the authenticity of email communications received.
Source: FBI and NW3C
Tip #11
Employment/Business Opportunity Fraud
- Be wary of inflated claims of product effectiveness.
- Be cautious of exaggerated claims of possible earnings or profits.
- Beware when money is required up front for instructions or products.
- Be leery when the job posting claims "no experience necessary".
- Do not give your social security number when first interacting with your prospective employer.
- Be cautious when dealing with individuals outside of your own country.
- Be wary when replying to unsolicited emails for work-at-home employment.
- Research the company to ensure they are authentic.
- Contact the Better Business Bureau to determine the legitimacy of the company.
Source: FBI and NW3C
Tip #12
Escrow Services Fraud!
- Always type in the website address yourself rather than clicking on a link provided.
- A legitimate website will be unique and will not duplicate the work of other companies.
- Be cautious when a site requests payment to an "agent", instead of a corporate entity.
- Be leery of escrow sites that only accept wire transfers or e-currency.
- Be watchful of spelling errors, grammar problems, or inconsistent information.
- Beware of sites that have escrow fees that are unreasonably low.
Source: FBI and NW3C
Tip #13
Identity Theft: Minimizing your Risk!
- Protect your social security number: don't carry your social security card in your wallet and only write or give out when absolutely necessary. Never give out your social security number over the phone.
- Treat your trash and mail carefully: thieves pick through trash to capture personal information. Shred personal information whenever possible.
- Don't let your credit card out of your line of sight. A card can be duplicated within seconds without your knowledge.
- Be on guard when using the internet: use security on your computer and use only secure sites you know are safe before offering personal information.
- Verify a source before sharing information: don't give out personal information over the phone, through mail, or the internet unless you are sure they are a safe source.
- Select intricate passwords: place passwords on your credit card, bank, and phone accounts. Avoid using information like your mother's maiden name, your birth date or last four digits of your social security number.
- Safeguard your purse or wallet: protect your purse and wallet at all times. Carry only credit cards that you actually need.
- Store information in secure locations: keep personal information in secure places at home. Ask for information security procedures in your workplace or at businesses, doctors, or institutions that collect your personally identifying information. Find out if your information will be shared.
Tip #14
Stay alert for other signs of identity theft such as:
- accounts you didn't open and debts on your accounts that you can't explain.
- fraudulent or inaccurate information on your credit reports, including accounts and personal information, like your Social Security number, address(es), name or initials, and employers.
- failing to receive bills or other mail. Follow up with creditors if your bills don't arrive on time. A missing bill could mean an identity thief has taken over your account and changed your billing address to cover his tracks.
- receiving credit cards that you didn't apply for.
- being denied credit, or being offered less favorable credit terms, like a high interest rate, for no apparent reason.
- getting calls or letters from debt collectors or businesses about merchandise or services you didn't buy.
- How do you find out if your identity was stolen?
- You may find out when bill collection agencies contact you for overdue debts; debts you never incurred.
- You may find out when you apply for a mortgage or car loan and learn that problems with your credit history are holding up the loan.
- You may find out when you get something in the mail about an apartment you never rented, a house you never bought, or a job you never held.
Tip #15
Identity Theft: Defending Yourself
If you are a victim of identity theft, take the following four steps as soon as possible, and keep a record with the details of your conversations and copies of all correspondence.
- Place a fraud alert on your credit reports, and review your credit reports. This will help prevent an identity thief from opening any more accounts in your name. You only need to contact one of the three companies below to place an alert. The company you call is required to contact the other two.:
- TransUnion: 1-800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790
- Equifax: 1-800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
- Experian: 1-888-EXPERIAN (397-3742); www.experian.com; P.O. Box 9554, Allen, TX 75013
- Close the accounts that you know, or believe, have been tampered with or opened fraudulently. Call and speak with someone in the security or fraud department of each company. Follow up in writing, and include copies (NOT originals) of supporting documents.
- File a complaint with the Federal Trade Commission. By sharing your identity theft complaint with the FTC, you will provide important information that can help law enforcement officials across the nation track down identity thieves and stop them. You can file a complaint with the FTC using the online complaint form; or call the FTC's Identity Theft Hotline, toll-free: 1-877-ID-THEFT (438-4338). Be sure to call the Hotline to update your complaint if you have any additional information or problems.
- File a report with local law enforcement or law enforcement in the community where the identity theft took place. Call your local law enforcement and tell them that you want to file a report about your identity theft. Tell them that you need a copy of the Identity Theft Report (the police report with your ID Theft Complaint attached or incorporated) to dispute the fraudulent accounts and debts created by the identity thief.
Tip #16
Internet Extortion
- Security needs to be multi-layered so that numerous obstacles will be in the way of the intruder.
- Ensure security is installed at every possible entry point.
- Identify all machines connected to the Internet and assess the defense that's engaged.
- Identify whether your servers are utilizing any ports that have been known to represent insecurities.
- Ensure you are utilizing the most up-to-date patches for your software.
Source: FBI and NW3C
Tip #17
Investment Fraud
- If the "opportunity" appears too good to be true, it probably is.
- Beware of promises to make fast profits.
- Do not invest in anything unless you understand the deal.
- Don't assume a company is legitimate based on "appearance" of the website.
- Be leery when responding to investment offers received through unsolicited email.
- Be wary of investments that offer high returns at little or no risk.
- Independently verify the terms of any investment that you intend to make.
- Research the parties involved and the nature of the investment.
- Be cautious when dealing with individuals outside of your own country.
- Contact the Better Business Bureau to determine the legitimacy of the company.
Source: FBI and NW3C
Tip #18
Lottery Fraud
- If the lottery winnings appear too good to be true, they probably are.
- Be cautious when dealing with individuals outside of your own country.
- Be leery if you do not remember entering a lottery or contest.
- Be cautious if you receive a telephone call stating you are the winner in a lottery.
- Beware of lotteries that charge a fee prior to delivery of your prize.
- Be wary of demands to send additional money to be eligible for future winnings.
- It is a violation of federal law to play a foreign lottery via mail or phone.
Source: FBI and NW3C
Tip #19
Nigerian Letter or "419" Fraud
- If the "opportunity" appears too good to be true, it probably is.
- Do not reply to emails asking for personal banking information.
- Be wary of individuals representing themselves as foreign government officials.
- Be cautious when dealing with individuals outside of your own country.
- Beware when asked to assist in placing large sums of money in overseas bank accounts.
- Do not believe the promise of large sums of money for your cooperation.
- Guard your account information carefully.
- Be cautious when additional fees are requested to further the transaction.
Source: FBI and NW3C
Tip #20
Phishing/Spoofing
- Be suspicious of any unsolicited email requesting personal information.
- Avoid filling out forms in email messages that ask for personal information.
- Always compare the link in the email to the link that you are actually directed to.
- Log on to the official website, instead of "linking" to it from an unsolicited email.
- Contact the actual business that supposedly sent the email to verify if the email is genuine.
Source: FBI and NW3C
Tip #21
Ponzi and Pyramid Schemes
- Beware of promises to make fast profits.
- Exercise diligence in selecting investments.
- Be vigilant in researching with whom you choose to invest.
- Make sure you fully understand the investment prior to investing.
- Be wary when you are required to bring in subsequent investors.
- Independently verify the legitimacy of any investment.
- If the "opportunity" appears too good to be true, it probably is.
- Beware of references given by the promoter.
Source: FBI and NW3C
Tip #22
Reshipping Fraud
- Be cautious if you are asked to ship packages to an "overseas home office."
- Be cautious when dealing with individuals outside of your own country.
- Be leery if the individual states that his country will not allow direct business shipments from the United States.
- Be wary if the "ship to" address is yours but the name on the package is not.
- Never provide your personal information to strangers in a chat room.
- Don't accept packages that you didn't order.
- If you receive packages that you didn't order, either refuse them upon delivery or contact the company where the package is from.
Source: FBI and NW3C
Tip #23
Third Party Receiver of Funds Fraud
- Do not agree to accept and wire payments for auctions that you did not post.
- Be leery if the individual states that his country makes receiving these types of funds difficult.
- Be cautious when the job posting claims "no experience necessary".
- Be cautious when dealing with individuals outside of your own country.
Source: FBI and NW3C
Tip #24
Online Gaming Tips for Parents
- Let your kids know they can come to you if they feel uncomfortable when playing a game.
- Participate in the game with your kids.
- Make sure your kid knows how to block and/or report a cyber bully. Tell them to keep a record of the conversation if they are being harassed and encourage them not to engage the bully.
- Make sure your child's user name does not give away their name, location, gender, age, or any other personal information. (Examples: beach01, book2).
- Make sure your kids use an avatar, not an actual picture of themselves.
- If your kids are playing a game that features live voice chat, make sure they are disguising their voice. If the game does not have this feature, do not let them use voice chat.
- Limit their time playing games.
- Make sure your kids know that they may not send out any materials to fellow gamers that contain private information and/or data.
- Use built-in parental controls on your Web browser.
- Don't let your children download anything without your permission. This includes cheat programs that may claim to help your child perform better in the game, but really could be carrying malware.
Source: StaySafeOnline.org
Tip #25
Online Gaming Tips for Children
- If another player is making you feel uncomfortable, tell a trusted adult.
- Learn how to block and/or report another player if they are making you uncomfortable. Keep a record of what the other player said, but do not engage them.
- Never reveal your real name, location, gender, age, or any other personal information. Keep your user name vague.
- Use an avatar rather than an actual picture of yourself.
- Do not present yourself as dating material.
- Do not use voice chat when playing an online game, unless there is a feature that allows you to disguise your voice.
- Do not use a web-cam while playing an online game.
- Put a time limit on yourself for game playing.
- Do not accept downloads from strangers. This includes cheat programs that may claim to help you perform better in the game, but really could be carrying malware.
- Do not send out materials to fellow gamers that contains personal information and/or data.
- Do not meet a stranger from your gaming world in person. People are not always who they say they are.
Source: StaySafeOnline.org
Tip #26
Choose strong passwords and keep them safe
Passwords are a fact of life on the Internet today - we use them for everything from ordering flowers and online banking to logging into our favorite airline Web site to see how many miles we have accumulated. The following tips can help make your online experiences secure:
- Selecting a password that cannot be easily guessed is the first step toward keeping passwords secure and away from the wrong hands. Strong passwords have eight characters or more and use a combination of letters, numbers and symbols (e.g., # $ % ! ?). Avoid using any of the following as your password: your login name, anything based on your personal information such as your last name, and words that can be found in the dictionary. Try to select especially strong, unique passwords for protecting activities like online banking.
- Keep your passwords in a safe place and try not to use the same password for every service you use online.
- Change passwords on a regular basis, at least every 90 days. This can limit the damage caused by someone who has already gained access to your account. If you notice something suspicious with one of your online accounts, one of the first steps you can take is to change your password.
Source: StaySafeOnline.org
Tip #27
Protect your children against cyberbullying
Cyber-bullying is the use of Internet technologies to tease, humiliate and harass someone.
- Spot it. A child who is being cyber-bullies may avoid using computers, appear stressed about receiving an email or text, act reluctant to attend school or social events, avoid conversations about computer use, exhibit signs of low self-esteem, have declining grades or may even stop eating or sleeping.
- Deal with it. If your child is being cyber-bullied teach them to not respond, save the evidence and report it. You should also meet with school administrators to discuss a plan of action and their cyber-bullying policy.
- Talk about it. Ask your child if anyone has ever been mean to them online, and how they responded, if they have ever said anything mean online and why, and if they know their school policy on bullying.
Source: NetSmartz.org
Tip #28
Tips to Prevent Teen Sexting
- Think about the consequences of taking, sending or forwarding sexual pictures of someone underage, even if it's you. You could get kicked out of sports teams, face humiliation, lose educational opportunities or get in trouble with the law.
- If you forward a sexual picture of someone underage, you are responsible for this image as the original sender. You could face child pornography charges, go to jail, and have to register as a sex offender.
- Never take images of yourself that you wouldn't want everyone- your classmates, teachers, family or your employers - to see.
- Before hitting send remember that you can't control where the image may travel. What you send to a boyfriend or girlfriend could easily end up with their friends, social media sites, etc.
- Report any nude pictures you receive on your cell phone to an adult you trust. Do not delete the message. Instead, get your parents, guardians, teachers and school counselors involved immediately.
Source: NetSmartz.org
Tip #29
Internet Safety Tips for Parents
- Discuss the dangers of the internet with your child and set ground rules to follow.
- Some handheld games connect to the internet. Understand the technology you bring home.
- Review safety/parental controls on your computer, search engine, email, and instant messaging.
- Monitor your child's online activity and the sites they visit.
- Keep the computer or laptop in a common area, not in your child's bedroom.
- If your children are dealing with cyber bullies or potential predators, report them immediately to an authority figure
Tip #30
Internet Safety Tips for Children
- Keep social networking site profiles set to "private."
- Do not give out personal details such as address or school information.
- Turn off your webcam after using it so it cannot be hacked.
- Do not send anyone inappropriate photos of yourself or anyone else.
Tip #31
The Northern Nevada Cyber Center Helps Keep You Protected
The Northern Nevada Cyber Center investigates technology crimes, including cyber-based terrorism, computer intrusion, internet crimes against children and cyber frauds. The Center stays in front of emerging trends, gathers and shares information and intelligence with our public and private sector partners to protect the residents of Washoe County. The Center's regional facility was built to share information, technology, and equipment between partnering agencies, reducing duplicated services and technology costs.
This specialized team of highly trained investigators includes members from the Washoe County Sheriff's Office, Nevada Attorney General's Office, Federal Bureau of Investigation, DHS Homeland Security Investigations, Identity Theft Task Force, Innocent Images Task Force, and the Internet Crimes against Children Task Force.
If you'd like more information about the Northern Nevada Cyber Center please call 785-6200.
NNCC Mission statement: To provide northern Nevada communities with effective and reliable resources in the investigation, examination, and prosecution of crimes involving the use of computers and other electronic devices.