Security Tips

Correct Way to Dispose of Old Computers October 24, 2018

old_computer_recycleGetting rid of your old computer? You can ensure its hard drive doesn’t become a treasure chest for identity thieves. Use a program that overwrites or wipes the hard drive many times. Or remove the hard drive, and physically destroy it.

 

Understand Your Hard Drive

Computers often hold personal and financial information, including:

  • passwords
  • account numbers
  • license keys or registration numbers for software programs
  • addresses and phone numbers
  • medical and prescription information
  • tax returns
  • files created automatically by browsers and operating systems

When you save a file, especially a large one, it is scattered around the hard drive in bits and pieces. When you open a file, the hard drive gathers the bits and pieces and reconstructs them.

When you delete a file, the links to reconstruct the file disappear. But the bits and pieces of the deleted file stay on your computer until they’re overwritten, and they can be retrieved with a data recovery program. To remove data from a hard drive permanently, the hard drive needs to be wiped clean.

 

How to Clean a Hard Drive

Before you clean a hard drive, save the files you want to keep to:

  • a USB drive
  • a CDRom
  • an external hard drive
  • a new computer

Check your owner’s manual, the manufacturer’s website, or its customer support service for information on how to save data and transfer it to a new computer.

Utility programs to wipe a hard drive are available both online and in stores where computers are sold. These programs generally are inexpensive; some are available on the internet for free. These programs vary:

  • Some erase the entire disk, while others allow you to select files or folders to erase.
  • Some overwrite or wipe the hard drive many times, while others overwrite it only once.

Consider using a program that overwrites or wipes the hard drive many times; otherwise, the deleted information could be retrieved. Or remove the hard drive, and physically destroy it.

If you use your home or personal computer for business purposes, check with your employer about how to manage the information on your computer that’s business-related. The law requires businesses to follow data security and disposal requirements for certain information that’s related to customers.

 

How to Dispose of Your Computer

Recycle it.

Many computer manufacturers have programs to recycle computers and components. Check their websites or call their toll-free numbers for more information. The Environmental Protection Agency (EPA) has information about electronic product recycling programs. Your local community may have a recycling program, too. Check with your county or local government, including the local landfill office for regulations.

Donate it.

Many organizations collect old computers and donate them to charities.

Resell it.

Some people and organizations buy old computers. Check online.

Remember, most computer equipment contains hazardous materials that don’t belong in a landfill. For example, many computers have heavy metals that can contaminate the earth. The EPA recommends that you check with your local health and sanitation agencies for ways to dispose of electronics safely.

This article and any information contained herein is intended for informational purposes only.  The publisher will not be responsible for errors or omissions or any damages, howsoever caused, that result from its use. 

Sources: Federal Trade Commission – Consumer Information

 

Protecting Yourself Online October 15, 2018

Though the internet has many advantages, it can also make users vulnerable to fraud, identity theft and other scams. According to a Norton Cybercrime Report, 143 million U.S. consumers were victims of cybercrime in 2017. The American Bankers Association recommends the following tips to keep you safe online:
  • membersloginKeep your computers and mobile devices up to date.  Having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats. Turn on automatic updates so you receive the newest fixes as they become available.
  • Establish passwords. A strong password is at least eight characters in length and includes a mix of upper and lowercase letters, numbers, and special characters. 
  • Watch out for phishing scams. Phishing scams use fraudulent emails and websites to trick users into disclosing private account or login information. Do not click on links or open any attachments or pop-up screens from sources you are not familiar with. 
    • Forward phishing emails to the Federal Trade Commission (FTC) at spam@uce.gov – and to the company, bank, or organization impersonated in the email. 
  • Recognize and avoid bogus website links. Cybercriminals embed malicious links to download malware onto devices and/or/ route users to bogus websites. Hover over suspicious links to view the actual URL that you are being routed to. Fraudulent links are often disguised by simple changes in the URL. For example: www.ABC-Bank.com vs ABC_Bank.com
  • Keep personal information personal. Hackers can use social media profiles to figure out your passwords and answer those security questions in the password reset tools. Lock down your privacy settings and avoid posting things like birthdays, addresses, mother’s maiden name, etc.  Be wary of requests to connect from people you do not know.
  • Secure your internet connection. Always protect your home wireless network with a password. When connecting to public Wi-Fi networks, be cautious about what information you are sending over it. Consider using a Virtual Private Network (VPN) app to secure and encrypt your communications when connecting to a public Wi-Fi network. (See the Federal Trade Commission’s tips for selecting a VPN app.)
  • Shop safely. Before shopping online, make sure the website uses secure technology. When you are at the checkout screen, verify that the web address begins with https. Also, check to see if a tiny locked padlock symbol appears on the page.
  • Read the site’s privacy policies. Though long and complex, privacy policies tell you how the site protects the personal information it collects. If you don’t see or understand a site’s privacy policy, consider doing business elsewhere.

This article and any information contained herein is intended for informational purposes only.  The publisher will not be responsible for errors or omissions or any damages, howsoever caused, that result from its use. 

Sources: American Bankers Association

ATM Safety Tips October 9, 2018

ATM-Safety-Featured-Image1
Protecting Your ATM Card
  • Always protect your ATM card and keep it in a safe place, just like you would cash, credit cards or checks.
  • Do not leave your ATM card lying around the house or on your desk at work. No one should have access to the card but you. Immediately notify your bank if it is lost or stolen.
  • Keep your Personal Identification Number (PIN) a secret. Never write it down anywhere, especially on your ATM card.
  • Never give any information about your ATM card or PIN over the telephone. For example, if you receive a call, supposedly from your bank or possibly the police, wanting to verify your PIN, do not give that information. Notify the police immediately.
Using an ATM
  • Be aware of your surroundings, particularly at night. If you observe or sense suspicious persons or circumstances, do not use the machine at that time.
  • Have your ATM card ready and in your hand as you approach the ATM. Don’t wait to get to the ATM and then take your card out of your wallet or purse.
  • Visually inspect the ATM for possible skimming devices. Potential indicators can include sticky residue or evidence of an adhesive used by criminals to affix the device, scratches, damaged or crooked pieces, loose or extra attachments on the card slot, or noticeable resistance when pressing the keypad.
  • Be careful that no one can see you enter your PIN at the ATM. Use your other hand or body to shield the ATM keyboard as you enter your PIN into the ATM.
  • To keep your account information confidential, always take your receipts or transaction records with you.
  • Do not count or visually display any money you received from the ATM. Immediately put your money into your pocket or purse and count it later.
  • If you are using a drive-up ATM, be sure passenger windows are rolled up and all doors are locked. If you leave your car and walk to the ATM, lock your car.
Special Precautions for Using an ATM at Night
  • Park close to the ATM in a well-lighted area.
  • Take another person with you, if at all possible.
  • If the lights at the ATM are not working, don’t use it.
  • If shrubbery has overgrown or a tree blocks the view, select another ATM and notify your bank.
ATM Crime
These tips are meant to make you aware that although rare, ATM crime can happen. Preventing such a crime must be a cooperative effort between you and your bank.

This article and any information contained herein is intended for informational purposes only.  The publisher will not be responsible for errors or omissions or any damages, howsoever caused, that result from its use. 

Sources: American Bankers Association

Phish or Spam? No, it’s not what’s for dinner! October 2, 2018

phishing-1Phish or Spam? No, it’s not what’s for dinner! However, it could be a question you struggle with when deciding what types of email to report to your IT department. Potentially malicious emails make it to your inbox every day, so it’s important for you to understand the difference between a Phishing email and a Spam email.
 
This Email Seems Phishy
Phishing is the process of attempting to acquire sensitive information (such as usernames, passwords, and credit card details) by pretending to be a trustworthy entity. Most commonly, phishing emails will try to lure you into clicking on a link or opening an attachment.

Phishing emails can appear to come from reputable businesses or even departments and users from within your own organization. They often have a sense of urgency to them. Some may even use shock and intimidation to get what they want.

If you come to the conclusion you’ve been sent a phishing email, we strongly recommend that you report the email to your IT department for their review.

  • Be cautious about opening attachments or clicking on links in emails. Even your friend or family members’ accounts could be hacked. Files and links can contain malware that can weaken your computer’s security.
  • Do your own typing. If a company or organization you know sends you a link or phone number, don’t click. Use your favorite search engine to look up the website or phone number yourself. Even though a link or phone number in an email may look like the real deal, scammers can hide the true destination.
  • Make the call if you’re not sure. Do not respond to any emails that request personal or financial information. Phishers use pressure tactics and prey on fear. If you think a company, friend or family member really does need personal information from you, pick up the phone and call them yourself using the number on their website or in your address book, not the one in the email.
  • Turn on two-factor authentication. For accounts that support it, two-factor authentication requires both your password and an additional piece of information to log in to your account. The second piece could be a code sent to your phone, or a random number generated by an app or a token. This protects your account even if your password is compromised. As an extra precaution, you may want to choose more than one type of second authentication (e.g. a PIN) in case your primary method (such as a phone) is unavailable.
  • Back up your files to an external hard drive or cloud storage. Back up your files regularly to protect yourself against viruses or a ransomware attack.
  • Keep your security up to date. Use security software you trust, and make sure you set it to update automatically.

 

Spam Alert
Spam is unsolicited, unwanted email typically sent for marketing purposes. It is often trying to sell you something, such as unwanted goods or services – but, it is not asking you to take specific action. Although spam can be annoying, it is common to receive it in your business email. These types of emails do not typically need to be reported, unless you believe they pose a threat to your organization. In most cases, spam email can simply be deleted or ignored.

Note: Always follow your organization’s policy regarding what type of email to report in case it differs from the above.
 
Report phishing emails and texts.

  • Forward phishing emails to spam@uce.gov – and to the organization impersonated in the email. Your report is most effective when you include the full email header, but most email programs hide this information. To ensure the header is included, search the name of your email service with “full email header” into your favorite search engine.
  • File a report with the Federal Trade Commission at FTC.gov/complaint.
  • Visit Identitytheft.gov. Victims of phishing could become victims of identity theft; there are steps you can take to minimize your risk.
  • You can also report phishing email to reportphishing@apwg.org. The Anti-Phishing Working Group – which includes ISPs, security vendors, financial institutions and law enforcement agencies – uses these reports to fight phishing.

This article and any information contained herein is intended for informational purposes only.  The publisher will not be responsible for errors or omissions or any damages, howsoever caused, that result from its use. 

Sources: KnowB4, Federal Trade Commission

Digital Spring Cleaning April 30, 2018

The National Cyber Security Alliance (NCSA) and Better Business Bureau (BBB) are encouraging all consumers to freshen up their online lives by conducting a thorough cleaning of their cyber clutter. These easy, actionable tips from NCSA and the BBB will help you stay cyber safe and protect your personal data and identity. 

  • KEEP A CLEAN MACHINE. Ensure all software on internet-connected devices – including PCs, smartphones and tablets – is up to date to reduce risk of infection from malware.
  • LOCK DOWN YOUR LOGIN. Your usernames and passphrase are not enough to protect key accounts like email, banking and social media. Begin your spring cleaning by fortifying your online accounts and enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device.
  • DECLUTTER YOUR MOBILE LIFE. Most of us have apps we no longer use and some that need updating. Delete unused apps and keep others current, including the operating system on your mobile devices.
  • DO A DIGITAL FILE PURGE. Perform a good, thorough review of your online files. Tend to digital records, PCs, phones and any device with storage just as you do for paper files. Get started by doing the following:
      • Clean up your email: Save only those emails you really need and unsubscribe to email you no longer need/want to receive.
      • Back it up: Copy important data to a secure cloud site or another computer/drive where it can be safely stored. Passphrase protect backup drives. Always back up your files before getting rid of a device, too.
  • OWN YOUR ONLINE PRESENCE. Review the privacy and security settings on websites you use to ensure they’re at your comfort level for sharing. It’s OK to limit how and with whom you share information. 
  • digital spring cleaning_girl cleaning computer

Here are some user-friendly tips to help with the safe disposal of electronically stored data

  • KNOW WHAT DEVICES TO DIGITALLY “SHRED.” Computers and mobile phones aren’t the only devices that capture and store sensitive, personal data. External hard drives and USBs, tape drives, embedded flash memory, wearables, networking equipment and office tools like copiers, printers and fax machines all contain valuable personal information.
  • CLEAR OUT STOCKPILES. If you have a stash of old hard drives or other devices – even if they’re in a locked storage area – information still exists and could be stolen. Don’t wait: wipe and/or destroy unneeded hard drives as soon as possible.
  • EMPTY YOUR TRASH OR RECYCLE BIN ON ALL DEVICES AND BE CERTAIN TO WIPE AND OVERWRITE. Simply deleting and emptying the trash isn’t enough to completely get rid of a file. Permanently delete old files using a program that deletes the data, “wipes” it from your device and overwrites it by putting random data in place of your information ‒ that then cannot be retrieved.
    • For devices like tape drives, remove any identifying information that may be written on labels before disposal, and use embedded flash memory or networking or office equipment to perform a full factory reset and verify that no potentially sensitive information still exists on the device.
  • DECIDE WHAT TO DO WITH THE DEVICE. Simply deleting and emptying the trash isn’t enough to completely get rid of a file. Permanently delete old files using a program that deletes the data, “wipes” it from your device and overwrites it by putting random data in place of your information ‒ that then cannot be retrieved.

 

Download a Digital Declutter Checklist

 

Blog Archive

Follow Us on FacebookIcon For: Facebook Widget