Myth Buster Bonus
Ransomware
Phishing
Password Security
100

Bringing your own device (BYOD) is safe.

Myth - Personal devices may not have the same level of security controls as corporate-owned devices, potentially exposing sensitive data to hackers. Implementing security measures like device encryption and regular security audits is crucial

100

Ransomware is a type of malware that encrypts your data and demands payment for the decryption key.

Fact - there are techniques that involve embedding malicious code in online advertisements. When users click on these ads, they are redirected to a site that delivers the ransomware payload)

100

Phishing emails are always easy to spot because they contain obvious spelling and grammar mistakes.

Myths - Suspicious links, Urgency, Generic greetings and offers that sound too good to be true. It’s always a good idea to stay vigilant and double-check any suspicious emails. If you’re ever in doubt, it’s safer to contact the supposed sender directly using a known, trusted method

100

Using this type of password, such as “3zekie!” or “Password1,” is secure enough for most accounts

Myth - recommended length is 12 characters or more and should include upper and lowercase letters, numbers and special characters

200

Cyber threats are exclusively external attacks

Myth - Insider threats, whether from negligence or malicious intent, can be just as dangerous as external threats. Implementing robust access controls and continuous employee training can help mitigate these risks

200

Ransomware can spread through phishing emails

Fact - Attackers use social engineering to trick individuals into clicking malicious links or downloading infected attachments

200

Gathering information about targets before launching an attack, is a technique used by cyber criminals called social engineering 

Fact - Social Engineering is often used to gather information before launching an attack. It requires a combination of awareness, vigilance, and good security practices. 

Be Cautious with Links and Attachments

Monitor Your Accounts  

Report Suspicious Activity

200

Changing your complex password frequently is unnecessary.

Myth - Sometimes you may not be aware that your account is compromised, and a hacker may attempt to access your account more than once. By changing your password frequently, you can limit the time a hacker can spend in your account.

300

Regular software updates can help protect against cyber threats

Fact -Regular software updates provide security patches for vulnerabilities identified by a vendor 

300

Antivirus software is enough to protect against ransomware.

Myth - It isn't enough, Security controls, Software updates, regular backups and users training is needed to fight against ransomware

300

Phishing attacks can only happen through emails.

Myth - phishing attacks can happen through other potential vectors like phone calls or text messages, even pop-up ads 

300

Using public Wi-Fi is always safe 

Myth – If it’s free, there’s always a catch! Hackers piggyback off Wi-Fi connections that require no authentication to potentially capture sensitive information like emails, messages and browsing activity. Practice using a VPN or Verify the network connection and avoid sensitive transactions.

400

Cybersecurity is only about protecting data


Myth - Cybersecurity encompasses protecting data, systems, networks, and even physical assets. A holistic approach is necessary to ensure comprehensive protection

400

Incident response plans are unnecessary for ransomware attacks

Myth - Knowing how to respond when faced with a ransomware attack is crucial for identifying the techniques used to compromise an asset.

1 - Remove internet cable 

2 - Contact FTIS via Phone 

400

Phishing and pharming redirect users to fraudulent sites that have the same logo and design as legitimate ones.

Myth - Pharming attacks can be very difficult to detect because the fake websites created by attackers often look identical to legitimate ones. These sites can have the same design, logos, and even HTTPS encryption, making it hard for users to realize they are being redirected to a fraudulent site.

While phishing typically involves tricking users into clicking on malicious links or providing information through deceptive emails or messages.

400

Password Checkers on sites are not always reliable 

Fact - Hackers use sophisticated tools to conduct brute force attacks, cycling through common names and coupling each one with common dates and numerical patterns won’t take them long. Though “P@ssword1234” will rate as a strong password it is not the best decision.  

M
e
n
u