Myth Buster Bonus
Bringing your own device (BYOD) is safe.
Myth - Personal devices may not have the same level of security controls as corporate-owned devices, potentially exposing sensitive data to hackers. Implementing security measures like device encryption and regular security audits is crucial
Ransomware is a type of malware that encrypts your data and demands payment for the decryption key.
Fact - there are techniques that involve embedding malicious code in online advertisements. When users click on these ads, they are redirected to a site that delivers the ransomware payload)
Phishing emails are always easy to spot because they contain obvious spelling and grammar mistakes.
Myths - Suspicious links, Urgency, Generic greetings and offers that sound too good to be true. It’s always a good idea to stay vigilant and double-check any suspicious emails. If you’re ever in doubt, it’s safer to contact the supposed sender directly using a known, trusted method
Using this type of password, such as “3zekie!” or “Password1,” is secure enough for most accounts
Myth - recommended length is 12 characters or more and should include upper and lowercase letters, numbers and special characters
Cyber threats are exclusively external attacks
Myth - Insider threats, whether from negligence or malicious intent, can be just as dangerous as external threats. Implementing robust access controls and continuous employee training can help mitigate these risks
Ransomware can spread through phishing emails
Fact - Attackers use social engineering to trick individuals into clicking malicious links or downloading infected attachments
Gathering information about targets before launching an attack, is a technique used by cyber criminals called social engineering
Fact - Social Engineering is often used to gather information before launching an attack. It requires a combination of awareness, vigilance, and good security practices.
Be Cautious with Links and Attachments
Monitor Your Accounts
Report Suspicious Activity
Changing your complex password frequently is unnecessary.
Myth - Sometimes you may not be aware that your account is compromised, and a hacker may attempt to access your account more than once. By changing your password frequently, you can limit the time a hacker can spend in your account.
Regular software updates can help protect against cyber threats
Fact -Regular software updates provide security patches for vulnerabilities identified by a vendor
Antivirus software is enough to protect against ransomware.
Myth - It isn't enough, Security controls, Software updates, regular backups and users training is needed to fight against ransomware
Phishing attacks can only happen through emails.
Myth - phishing attacks can happen through other potential vectors like phone calls or text messages, even pop-up ads
Using public Wi-Fi is always safe
Myth – If it’s free, there’s always a catch! Hackers piggyback off Wi-Fi connections that require no authentication to potentially capture sensitive information like emails, messages and browsing activity. Practice using a VPN or Verify the network connection and avoid sensitive transactions.
Cybersecurity is only about protecting data
Myth - Cybersecurity encompasses protecting data, systems, networks, and even physical assets. A holistic approach is necessary to ensure comprehensive protection
Incident response plans are unnecessary for ransomware attacks
Myth - Knowing how to respond when faced with a ransomware attack is crucial for identifying the techniques used to compromise an asset.
1 - Remove internet cable
2 - Contact FTIS via Phone
Phishing and pharming redirect users to fraudulent sites that have the same logo and design as legitimate ones.
Myth - Pharming attacks can be very difficult to detect because the fake websites created by attackers often look identical to legitimate ones. These sites can have the same design, logos, and even HTTPS encryption, making it hard for users to realize they are being redirected to a fraudulent site.
While phishing typically involves tricking users into clicking on malicious links or providing information through deceptive emails or messages.
Password Checkers on sites are not always reliable
Fact - Hackers use sophisticated tools to conduct brute force attacks, cycling through common names and coupling each one with common dates and numerical patterns won’t take them long. Though “P@ssword1234” will rate as a strong password it is not the best decision.