#EightCyberSecurityTips (Summary of all eight tips)

 It's the start of my #EightCyberSecurityTips (Summary of all eight tips)

I'm seeing a big increase in cyber attacks against individuals, and very small businesses (those with 1 to 10 people in the business), so it's time to post my eight cyber security tips to help keep you all safe:

🔵 Use 2FA / MFA everywhere

🔵 Use a Password Manager (Not the one in your browser), I suggest Bitwarden or 1Password for individuals and small businesses

🔵 Make sure you have immutable backups of both local and cloud data

🔵 Ensure Android phones are protected with Anti Virus / Anti Phishing security software

🔵 Use LSD Passwords (Long Strong and Different), a password manager will help you with this

🔵 Use a proper Managed Business grade Anti Virus (not a stand alone consumer Anti Virus)

🔵 Monitoring for breached passwords (either part of your password manager or use Have I Been Pwned website)

🔵 Ensure you (and everyone else in your business) are trained on how to spot scams and to be aware of cyber risks

Over the next few weeks I'll expand on each of these individual items.

Most people and small businesses will be doing maybe one or possibly two of the above at best. But the more of these eight items that you do, the safer you, your data, and your small business will be. 

Some businesses will not be doing any of these things to protect themselves, and that means they are relying on luck. 

But it's just like going out of your house locking the front door, but leaving an upstairs window wide open. You get away with it. But it's only a matter of time. One day, you will get burgled. It's not if, but when it will happen. And cyber security is the same. Cyber criminals are the modern day house burglar.

Don't leave your cyber security down to luck, because luck always runs out.

Chris

#TheAntiVirusGuy and

#TheDataBackupGuy and

#ThePasswordGuy 

—

A bit about me:

💻 Helping Entrepreneurs, the Self Employed, Sole Traders and Small Business Owners manage their online passwords and keep their computers virus free.

💻 Really good anti virus (SentinelOne £16 or ESET £4 / £8 per month)

💻 Buzz Ambassador 

Eight simple cyber security steps for small businesses (intro)

In the last week or two I've seen a big rise in cyber attacks against individuals and small businesses. On LinkedIn alone, I've read about one small business being a victim of Ransomware, and another small business who has had their email hacked, and subsequently some of their social media accounts taken over.

It's sad to see these businesses becoming victims.

In my opinion by following eight simple cyber security steps you can make yourself a whole lot safer from the hackers and cyber criminals.

In a couple of days time I'll post a brief summary of these eight steps. Then, over the following couple of weeks I'll write eight posts expanding on each of these items in more detail.

I may then repeat the eight steps as a series of short videos.

Hopefully, by the end of these posts and videos everyone should understand how to keep themselves and their businesses a lot safer online.

Keep an eye out for the first of these post in the next couple of days.

Chris

#TheAntiVirusGuy and

#TheDataBackupGuy and

#ThePasswordGuy 

—

A bit about me:

💻 Helping Entrepreneurs, the Self Employed, Sole Traders and Small Business Owners manage their online passwords and keep their computers virus free.

💻 Really good anti virus (SentinelOne £16 or ESET £4 / £8 per month) 

💻 Buzz Ambassador 

 How Can I Manage My Online Passwords Better 

Do not reuse passwords.

Each of your online accounts should use a different password. 

Reusing the same password for multiple online accounts means that if the cyber criminals get hold of your password for one online account, they have access to all of your accounts, not just the one with the breached password.

Chris

#TheAntiVirusGuy and
#TheDataBackupGuy and
#ThePasswordGuy 

—

A bit about me:

💻 Helping Entrepreneurs, the Self Employed, Sole Traders and Small Business Owners manage their online passwords and keep their computers virus free.

💻 Really good anti virus (SentinelOne £16 or ESET £8 per month) 

💻 Really good password managers (Bitwarden £6 or 1Password £8 per month) 

💻 Buzz Ambassador 

 Is there an easy way to check for breached passwords?

Yes there is.

If you use Troy Hunt's "Have I Been Pwned" website, and you put in each of your email addresses, Troy's site will tell you who has "given away your password" in a data breach, when it happened, and what information was disclosed.

Any passwords that have been breached are no longer safe to use in connection with your email address (as that email / password combination will be for sale in "breach lists" on the dark web) and need to be changed immediately.

Have I Been Pwned website

https://haveibeenpwned.com/ 

 

Chris Moody

#TheAntiVirusGuy - Keeping your computers virus free 

#ThePasswordGuy – Making online passwords easy

 

-- 

Mobile:          07852 159092

WhatsApp:     07852 159092

 

A bit of info about me:

💻 Helping Entrepreneurs, the Self Employed Sole Traders and Small Businesses  manage their online passwords and keep their computers virus free

💻 Really good Anti Virus (SentinelOne £16 or ESET £8)

💻 Secure Data Backup
💻 Fixing the pain of remembering passwords

💻 #MHBuzz Ambassador

 I received this scam email last week. It was so clever, I thought it worthy of a blog post.

I've included a screenshot of the email. So let's analyse it.

1. The subject is designed to create an emotion and urgency (Oh ****, someones hacked my HMRC account, I better do something quick).

2. The first word of the subject isn't capitalised. Those that don't pick up on this, are more likely to fall for the scam. It's a deliberate filter.

3. If you look at the details of the sending account (circled), it's not coming from a government domain. That's a big clue. The domain is registered to a UK based company so I'm guessing their email has been hacked.

4. If you hover over the "log in" hyperlink (circled) it's also not a government website (it's claiming to be an educational site in Poland), and if you followed the link it's running some php code.

I'm sure this scam will have caught out quite a few people.

The point of this post is; never click on web links in emails without checking the senders email first, and checking the destination URL by hovering over it.

 
Chris Moody
#TheAntiVirusGuy - Keeping your computers virus free 
#ThePasswordGuy – Making online passwords easy
 
-- 
Mobile:          07852 159092
WhatsApp:   07852 159092
 
A bit of info about me:

💻 Helping Entrepreneurs, the Self Employed Sole Traders and Small Businesses  manage their online passwords and keep their computers virus free

💻 Really good Anti Virus (SentinelOne £16 or ESET £8)

💻 Secure Data Backup

💻 Fixing the pain of remembering passwords

💻 #MHBuzz Ambassador

 Do you backup your Microsoft 365 or Google Workspace data?

Do you use Microsoft 365 for your emails and file storage? Or maybe you use Google Workspace instead. Both are brilliant applications. But do you back it up?

Let’s take Microsoft 365 as an example. 

In their own service agreement, that every user has agreed to, in section 6b Microsoft say:

6b. “We strive to keep the Services up and running; however, all online services suffer occasional disruptions and outages, and Microsoft is not liable for any disruption or loss you may suffer as a result. In the event of an outage, you may not be able to retrieve Your Content or Data that you’ve stored. We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services.”

So there you have it, right from the horse’s mouth.

It’s your responsibility to backup your emails, files, calendar entries, contacts, Sharepoint & Teams sites. 

Microsoft clearly state that if there is an outage, your content and data might not be there anymore.

And they recommend you back it up using third party apps or services.

Google Workspace and Dropbox is the same. It’s your job to back it up, not theirs. 

If you want to backup your Microsoft 365 or Google Workspace data, get in touch and I’ll sort it all out for you with a UK based secure backup solution.

Chris

#TheAntiVirusGuy and

#TheDataBackupGuy and

#ThePasswordGuy 

—

A bit about me:

💻 Helping Entrepreneurs, the Self Employed, Sole Traders and Small Business Owners manage their online passwords and keep their computers virus free.

💻 Really good anti virus (SentinelOne £16 or ESET £8 per month) 
💻 Secure backups of cloud data

💻 Buzz Ambassador 

 #CyberSecurityHintsAndTips - Passwords need

to be different for every online account.

We all do it, we reuse passwords. And we do it because it's hard for us humans to remember lots of different passwords.

We often have four of five passwords that we use across all our online accounts. Or alternatively we have one password, and we have a "system" where we add a couple of extra characters on the end to make it different (e.g "fb" for facebook, "li" for LinkedIn, "am" for Amazon, "pa" for Paypal).

But the cyber criminals love that, as it makes it really easy for them.

The criminals buy lists of breached usernames and passwords.

For example, the might buy the 2019 Canva breach list; 137 million users email addresses, geographic locations, names, passwords, and usernames. If you used Canva in 2019 it's very likely you are on that list (including your password).

The cyber criminals now have your username and password for Canva from 2019. But they are not interested in your Canva images.

They are working on the basis that you have used the same email address and password elsewhere. So they try that combination on Ebay, and Amazon, and Paypal, in fact anywhere they can possibly gain access to your credit / debit card or bank account.

They also use the same password to try and hack your emails.

And very often they strike lucky, because we have reused passwords.

My advice is to start having completely different passwords for each online account.

You can get a very good password manager such as Bitwarden for free, although I recommend the Bitwarden Personal Premium version for ten dollars a year. This password manager will generate passwords, remember them, and fill them in, so you never have to think up, remember, or type in a password again.

Or if you are anti password managers, get a notebook, and write the passwords down in that (but make sure you keep the notebook safe).

The important bit is to stop reusing passwords.

Chris

#TheAntiVirusGuy and

#TheDataBackupGuy and

#ThePasswordGuy

—

A bit about me:

💻 Helping Entrepreneurs, the Self Employed, Sole Traders and Small Business Owners manage their online passwords and keep their computers virus free.

💻 Really good anti virus (SentinelOne £16 or ESET £8 per month)

💻 Buzz Ambassador