Caught you watching p*rn!
Meet Jack. Last week, Jack received an email from a stranger. It said that the stranger had managed to hack into Jack’s laptop and caught him watching porn. To prove the point the stranger goes on to reveal part of Jack’s login password. Jack starts to get worried as it actually is the password he is using. The stranger demands Jack to pay £600 worth of Bitcoin to leave him alone and not to make it public. A few minutes later, Jack’s bank balance is £600 less. Some of us have seen these emails. What happens here? How to prevent being the victim?
The email Jack received is a phishing email. They were sent out to thousands if not millions of people like hoping someone will take the bait. How do they know Jack’s password? There a few different theories for this. First one, Jack has been using the same password for a long long time and he is using it across all the systems that need a password. Some of those websites/applications were breached and the stranger got hold of Jack’s password. Another theory, Jack could have been a victim of one of those phishing emails that ask you to ‘reset your password immediately’. So how to prevent this? Follow the password hygiene.
I know the Passwords are a pain in the neck. There are just too many of them and hard to remember them all. Not to mention the minimum character requirements and frequent update intervals. Makes the whole password thing even more complicated isn’t it?
As I said, I do not remember my passwords. I only remember a handful of them and the rest of them are a strange combination of letters, number and characters that I don’t dare to remember. So what’s the hygiene?
- Use passphrases when creating passwords. Use three random words or a sentence or a quote or something similar. You get the gist.
- Use a password manager. Use it to remember your passwords as well as creating new passwords and remember them for you.
- Remember to create a strong master password for the password manager. The password managers now work well with smartphones too. You won’t have to type your password.
- Use 2-Factor authentication wherever it is available. Most websites/apps now offer 2-factor method.
- If you are using the same password for a long long time across multiple services consider updating it.
- Do not use the same password across multiple apps.
Here are a few useful resources to help you.
Check if your email was part of a data breach - https://haveibeenpwned.com/
Check if your password was breached - https://haveibeenpwned.com/Pas...
Lastpass password manager - https://www.lastpass.com/
Password strength checker - https://howsecureismypassword.net/
If you need help with Security Awareness Training for your users or the board get in touch with us. We are on email@example.com and 0333 210 6181
- The Essential Cyber Hygiene for your business
- Why do you need a SIEM?
- Deadline for the Cyber Essentials Voucher
- Solving the problem of the cyber security skills gap
- Guest blog- A career in Information security or Cyber security
- Top 5 Anti-Virus Software
- Tech Jargon Buster. Understand the tech lingo so you pick the right thing for your company
- Equifax Data breach
The Essential Cyber Hygiene for your business
We hear about the Travelex, British Airways, Maersk and Equifax data breaches. Over 90% of these incidents can be prevented by following basic Cyber Hygiene for your businessMore
Why do you need a SIEM?
A SIEM is a security information event manager, which very simply means its software that manages events regarding information security, simple enough.More
Deadline for the Cyber Essentials Voucher
Any Scottish registered SME can get up to £1,000 voucher towards their Cyber Essentials certification. It is available for first-time applicants. However, the scheme is now coming to close.More
Solving the problem of the cyber security skills gap
This year, we have a lot to celebrate when it comes to our commitment to solving the problem of the cyber security skills gapMore
FOR LATEST UPDATES SUBSCRIBE HERE: