Posted on

How to stay safe online

Here are nine common sense core things to do: Use only strong (long) passwords Use different passwords for each website Use at least one password manager Enable multi-factor authentication (MFA) whenever available Spend a bit of money for identity theft protection – we like Lifelock, Aura, IdentityGuard, or IdentityForce Use disk or drive encryption whenever available Keep operating systems (Windows, Mac, Linux, Apple IOS, Google Android) and apps updated – updates fix bugs! Be wary of phishing and other email…

Read more

Posted on

Zero-access Encryption

Zero-access encryption is a method to protect data while it’s at rest, which happens to be how Courier encrypts your item data. Everything works unless the app leaks the master password to the Internet somehow. Hopefully this never happens, but occasionally it does. Cases in point are bugs and bad employees.

Read more

Posted on

The Traffers threat

Traffers are criminal teams who typically redirect you to malware that steals your private information. The term “Traffer” comes from the Russian word “Траффер” which translates to “worker.” In 2022 alone, over 120 such teams have been created worldwide! The most effective protection against traffers is the use of multi-factor authentication while never clicking on links inside uninvited emails or sketchy web sites. Link to full article

Read more

Posted on

3-2-1 Backup Strategy

The true value of your computer or device is not your equipment, it’s your data, like photos, documents, and music! You can easily replace stolen or broken equipment, but without a proper backup you can’t replace your important data! Since any computer can crash at any second, or be infected by malware such as ransomware, it is critically-important to have established a quality backup strategy, such as the ever-popular “3-2-1” method. Here’s how the “3-2-1” method works: Check out this…

Read more

Posted on

Tips for Two-factor Authentication

2FA, also known as “Multi-Factor Authentication” or “MFA” is technology that attempts to increase security beyond a simple logon ID and password. It does this using three concepts: knowledge – something only the user knows (like a password/PIN/secret questions) possession – something only the user has (like a one-time or hardware token) inherence – something only the user is (like a biometric scan) Logging In Most sensitive consumer-facing websites today use the following method: user enters their user ID and…

Read more

Posted on

Password Do’s and Don’ts

There are best and worst practices for handling your passwords. Here are a few examples of both: Do’s: always use a quality password manager that can generate new hard-to-crack passwords consider who you’re willing to trust with your most-personal data audit password strength often delete unused or forgotten accounts always use longer passwords with at least 12-16 characters which are much harder to crack change passwords for critical sites at least annually never use public WiFi networks without a good…

Read more

Posted on

Beware “Zero-day” malware

Malware, aka "malicious software", are nefarious programs created by cybercriminals designed to somehow violate your privacy, or cause you damage or other hassle. There are at least nine major categories of malware: Spyware — spies on your to steal your sensitive information Ransomware — blocks access to your files then extorts money from you Viruses — infects your files and/or programs Worms — infects the system files Trojan horses — misrepresents itself to appear useful Adware — forces advertising on…

Read more

Posted on

Beware Banking on a Windows PC

The vast majority of viruses and other malware is written for the most-popular PC operating system: Windows. As of 10/28/19 GlobalStats reports that 72.9% of desktop PCs run Windows, followed by 21.1% that run Apple’s OSX. Best practice is to never log on to your banking website if you run a Windows PC. Instead, build a “Live CD” (or use a USB flash drive for quicker startup) that boots it with a less-popular operating system like Linux. You can then…

Read more

Posted on

Beware tricky new scam: ‘Vishing’

Even security pros are falling for ‘Phishing’s evil twin: Voice-assisted phishing, aka ‘Vishing.’ This scam often involves a human being on the phone with you, typically ‘reporting’ something like fraud to you then asking you to verify personal and account-related details like home address, social security number, PIN number, etc. Bottom-line: always disregard the caller’s caller-ID, even if it matches your bank or creditor’s numbers — since caller-ID is easily faked. Best practice if you’re worried — hang up, then…

Read more