Protecting Your Personal Information

I don’t have a lot of fears. I do have plenty of things that I worry about – will we ever get the kids to bed on time, what are we having for dinner, when can we take a real vacation that doesn’t involve visiting extended family… not that I don’t love my extended family, but it would be great to do something really special, just with my husband and kids, right? But none of this worry really gets me in a cold sweat. It’s more like a constant white noise going on in my mind. What does freak me out is the threat of cyber-crime. The thought that someone could get hold of my personal information and use it to impersonate me, or ransom it back to me for a price – now, that’s a scary one. Or worse, the thought that someone will trick one of my loved ones into giving them private information, and we won’t find out about it until it’s too late. I worry about that a lot, for my own family and for HealthStar’s Client base, too. So, what do I do to protect myself? Below are a few key steps that I have taken. You can do these things too, and please help any potentially vulnerable family members or community members if you have the opportunity. Sometimes, we need a little help to achieve safer and more secure private information.

 

  1. Use unique, strong passphrases for sites with sensitive information, and for your email account. Using the same password or passphrase across accounts makes it easier for bad guys to get access to multiple different sites. Most accounts use an email address as an option for a username. Once the bad guy has your email address and even one correct password, any accounts using that combination for access are at risk. Be especially careful with email account passwords, as unauthorized access to your email could add up to a big problem. For example, if I gain access to your email account, and I know you bank at Wells Fargo, I can use your email address to reset your bank password, check your email for the password reset, and then use the new password that I assigned to sign into your bank account. For information about password security, see the links at the end of this article – generally, you should choose a unique passphrase made up of several words or numbers, that isn’t easy to guess, and that isn’t in the top list of compromised passwords. For example, TrollRainbow1946Homerun. There isn’t enough word space here to get into the nitty gritty details of choosing a secure password, but choosing something along these lines will make it harder to guess, harder to hack, and might also help you choose something you can actually spell and remember. If a bad guy still gets your password, further issues can be prevented if you:
  2. Use multi-factor authentication wherever possible, especially on sensitive accounts. Multi-factor authentication is just a fancy way of saying you’ll be required to use more than one method to show that you are the owner of the account you’re accessing. For example, with my email, I have the account set to always require a second access code. I’ll sign in with my usual email address and password, and then the system will send a numeric code to my cell phone. I’m required to enter that cell phone code to complete the login. This method proves that I have access to a specific physical device, as well as access to the account password. The second access code could be a security question, a phone call that speaks a code, or an email sent to a secondary account. Using the secondary access code requiring you to have a specific device, like your cell phone, is very secure, because it’s possible someone could have unauthorized access to a second email account or could guess a secret question’s answer.
  3. Don’t sign in to unsecured networks. Wait, am I telling you not to use the popular “free wi-fi” available at so many businesses? YES. If you’re doing something that you don’t want broadcast to the bad guys, like banking, paying with a credit card, or checking your email, then don’t do it on these networks. It is too easy for someone to set up a fake second network that looks like the name of the business, and then you unwittingly sign on to the fake network, where the fake broadcaster (aka bad guy) will grab whatever you’re doing. If you’re just browsing the internet, it’s probably fine, but any personal information could be potentially picked up, so be wary.
  4. Don’t open email you aren’t expecting. Examples shown in computer training are usually overstated and obvious, but email scams can be surprisingly hard to identify. Be cautious of any email that you weren’t expecting, and don’t click on links in email or provide any personal information through an email link. For example, some popular scams copy the look of communication from banks, telling you there is a problem with your account. Instead of clicking on the link in the email, or calling the number in the email, any issue can be verified by calling your bank at the number on your card or visiting the bank’s website through a web search, NOT through the link on the email. Links in scam emails can lead to fake sites, which will collect any information you enter, possibly leading to identity theft or unauthorized access to your bank accounts or other private accounts. Also, be suspicious of poorly written email, or anything that sounds too good to be true.
  5. Be cautious of posting personal information on social media. Personally, I don’t post on social media, but I know that puts me in the minority, and possibly makes me seem overly paranoid. Lots of people are accepting of the “big brother” type intrusions that come with social media, but may not be very informed about the far-reaching implications. Information that you post is being collected in huge quantities, and you don’t always know who is at the end of that collection, or what kind of security is being applied to your personal information. Posting private information on social media can also be an invitation to criminals. Posting about a vacation? Sounds like a good time to stop by and break into your house. Posting about a new job? Sounds like a good opportunity for a LinkedIn or job hunting scam. There are very savvy criminals out there, and the less information we make available to them, the safer we will be. I’m not saying don’t use social media at all, but I do think we should all be aware that anything we post is available to both good guys and not-so-good guys, so post accordingly.
  6. Watch out for fake IT support pop-ups or phone calls. There are lots of these – you’ll get a phone call from “Microsoft” saying they need to access your computer for service. Or you might see a pop-up that says something about your computer needing support/service, or “your computer has a virus!” with a phone number for support. Once you’re on the phone, the “tech” will ask you to allow remote access to your computer, and then he or she can (here’s the bad part) copy the computer’s entire contents, or can encrypt and hold the encryption password hostage for a price, locking you out of your own data. Once you’re in this situation, there is no fix, unless you:
  7. Keep a backup of your computer, or at least back up your critical files. If you have a good backup, then you can always take your computer off the network if you get into a situation like the one above. Then, you can restore from your backup file once you’re offline. This doesn’t help save you from identity theft if the person was able to copy your computer’s contents, but it will help if your computer contents are being encrypted. Backing up sounds intimidating, but many computers have an automatic backup that can be set up, or you can back up by simply copying files to an external hard drive. An external hard drive might cost in the ballpark of $50 to $150 depending on the size – a small investment for how much trouble it might save if you lose everything! You can also use an online backup service. There are many reputable computer techs who could help with this without taking much time, which leads me to my final tip:
  8. Find a local tech that you can trust, and get comfortable with him or her. We rely on our technology for almost everything, so down time will be painful and potentially costly. Like a financial advisor or trusted auto mechanic, it is great when you already know someone you can trust when an issue with your personal technology comes up! There are lots of computer techs available to help people who aren’t comfortable with in-depth computer setup or maintenance. If you can maintain a relationship with a tech you can trust, it will be that much easier to recover in the event of a catastrophe, and it’s always nice to get advice from an expert. I have lots of backup to help me do my job, and I know I wouldn’t get much sleep if I wasn’t able to ask an expert for help when I need it!

If this article helps even one person keep his or her information safe and private, I’ll be pleased. There are so many people just waiting for the opportunity to sneak, steal, and destroy just to get ahead. Let’s help our vulnerable population stay out of harm’s way – tell the ones you care about to keep their private information safe!

-Beth Taylor, IT Manager
HealthStar Home Health

 

 

Want to learn more? Check out the below articles!

https://hbr.org/2017/05/why-you-really-need-to-stop-using-public-wi-fi

https://www.howtogeek.com/178696/why-using-a-public-wi-fi-network-can-be-dangerous-even-when-accessing-encrypted-websites/

https://www.us-cert.gov/ncas/current-activity/2018/03/27/Creating-and-Managing-Strong-Passwords

https://techspective.net/2018/05/23/10-best-practices-to-secure-and-protect-passwords/

https://haveibeenpwned.com/

https://www.theguardian.com/technology/2014/dec/24/cybercrime-2015-cybersecurity-ransomware-cyberwar

https://www.lifewire.com/i-just-fell-for-a-pc-support-scam-now-what-2487799

https://www.consumer.ftc.gov/articles/0346-tech-support-scams

https://www.howtogeek.com/242428/whats-the-best-way-to-back-up-my-computer/

https://www.cnet.com/how-to/easiest-ways-to-backup-your-files/

https://www.acronis.com/en-us/

https://www.sec.gov/reportspubs/investor-publications/investorpubsphishinghtm.html

https://www.techrepublic.com/blog/10-things/10-reasons-why-i-avoid-social-networking-services/

http://www.businessinsider.com/i-quit-social-media-for-one-month-it-changed-my-life-facebook-instagram-snapchat-twitter-millennial-2018-1

 

 

 

Keeping Seniors Safe Online

As caregivers, we work around the clock to ensure our senior loved ones are safe throughout the long Minnesota winter months, when interacting within the community, and also in their own home. But what about keeping seniors safe when they are surfing the World Wide Web? Are we as vigilant with their online safety? Today’s technology is a wonderful thing for so many reasons, but it also makes users vulnerable to cyber scams, spam, hackers and identity theft.

Staying in touch with long distant friends or family members is much easier through a variety of social networks. Photo albums from a family vacation are able to be created and viewed online by relatives who live far away. Videos of a new born grandchild can be shared and with such high definition that it feels like you can reach out and touch the new baby. Older adults are even using digital dating services in hopes to meet someone new to offer companionship or travel with. With all this sharing of information online, such as social media sites, it puts our senior loved ones at an increased risk and vulnerability of cyber scams that may do harm.

Studies show that many seniors in North America are interacting online in various capacities, such as online banking, social media, or emailing. Each time an account is created, detailed personal information is required and sharing any personal information can put the user at risk. Being mindful of what information is being posted on social media is also important. The risk of oversharing includes:

  • Photos posted on one social media account can show up on a different social media platform. For example, if you post a photo on Instagram or Twitter, it may also end up on Facebook if the accounts are connected. Review the privacy settings of all social media platforms to ensure protection and you are aware of exactly who can view your posts and profile.
  • When creating a profile on your social media accounts, try to minimize the amount of detailed personal information you provide. Specifics such as birthdates, a child’s name, or street address could end up being used against you by a computer hacker.
  • What seem harmless online quizzes and games also require personal information. All bits of information provided could end up in the wrong hands and put you at risk.

AARP has an online safety website with tips and interactive videos or webinars. This site teaches how to stay safe online with tips to avoid scams, learning how to create safe passwords, and even email and online searching safety tips and much more. Older adults tend to be more vulnerable to cyber-attacks for the following reasons:

  • By nature, seniors tend to be more trusting and this can open the risk to online scam.
  • Creating weak passwords. Generic passwords, such as Password123, are not strong enough.
  • The general complexity of today’s computers and mobile devices tend to frustrate older adults, but also leave them at high risk.

Practicing smart online habits will greatly decrease your chances of being targeted in a cyber scam. A daily digital experience may include shopping online, connecting with friends through social media, completing an online crossword puzzle, meeting new people in your community, managing your banking, including money transfers, catching up on the latest news or even watching a movie. Learn how to get the most out of your digital experience, safely and securely.

Through direct services and through its ethnic initiatives, HealthStar Home Health provides services in various Midwestern and Southwestern communities. HeathStar Home Health serves individuals of all ages and abilities with caring and cultural sensitivity. With services such as life and health management, mental health, home health and home help, at HealthStar we are committed to making our communities strong by enabling individuals of all ages to live more independent and fulfilling lives. Contact us today at 651-633-7300 for more information or to schedule a no-charge consultation.