Getting Started With Cybersecurity

Written By Andrew Schoka

Password Managers

First, if you're not already, start using a password manager for your accounts. The one I usually recommend is LastPass, which is free for individual use, or you can subscribe to a Family plan for ~$4/month. Their app lets you store all of your passwords for all your different accounts in a single place, which saves you the risk and trouble of having to re-use passwords between accounts and remember them. It'll auto-fill your passwords for you and also helps to generate secure passwords for new websites. If you use Chrome or Safari across your devices, both of those browsers also have built-in password managers that you can set up and use. 

Two-Factor Authentication

Probably the most important step here is making sure you have two-factor authentication set up on all of your important accounts (email, bank, work, etc.). LastPass actually has a built-in way to do this with its app, but the tool I use is called Duo Mobile. 2FA prevents someone from logging into your account if they have your password and makes your accounts much more secure. It's super easy to set up, all you need is your phone. 


Data Breach Notifications

Next up is setting up alerts for when your email account shows up in a data breach. This is a free website that's pretty well-known in the security community -- it tracks and updates whenever there's a new data breach, and will send you an email if your account shows up. You can sign up for these alerts by verifying your email; whenever you receive an alert about a breach (which happens regularly, unfortunately), it's a good idea to change the passwords associated with that service/account. 

Best Practices for Your Phone & Laptop

  • Updates: The best thing you can do for your devices is to manually restart them (fully power off / power on) at least once a week. This sounds like a small thing, but it really helps ensure your devices stay up-to-date with software and security updates. 

  • Backups: You should back up all the files on your devices to a cloud storage location (like iCloud or Google Drive. It will take less than 10 minutes to set up, but will save you hours of work if you ever have to replace a file that you've lost. 

How to Spot Phishing E-Mails

It can sometimes be tough to identify scam emails, but here's a few things to look out for: 

  • Suspicious Sender Email Address: Often, the email address may look similar to a legitimate one but will have slight variations or unfamiliar domains that are easy to overlook at a glance.

  • Urgency: Phishing scams will try to convey a sense of urgency or threat to get you to act quickly without much thought. This could include warnings about account suspension, unauthorized access, or deadlines for verifying account details.

  • Generic Greeting: If an e-mail addresses you like "Dear Customer" or "Dear User", instead of using your name, that might indicate a potential scam. 

  • Requests Personal Information: Be automatically suspicious of ANY message that asks you for sensitive information. Never send your password, SSN, bank account info, or two-factor token through email. 

  • Attachments: Never open attachments from unfamiliar senders

  • Hyperlinks: Never click a link from an email from an untrusted sender. Phishing links typically try to mimic "real"websites, but often contain extra, misplaced, or misspelled words and domains. You can "hover" over a hyperlink to see the real URL that it links to. 

VPN and Home Wi-Fi Setup

There's lots of good guides out there for securing your home/SOHO network; here's one that hits most of the high points: https://www.metacompliance.com/blog/top-10-tips-to-protect-your-home-wi-fi-network/. Biggest things are to make sure you choose a long password (>10 chars) and are using WPA2 encryption (this will prevent folks like your scammer from breaking into your network without the password, which is easy to do if you're using WEP encryption). Another thing you can do on your phones/laptops is to use a VPN (I usually recommend NordVPN) anytime you're on the internet outside of your home. Super easy to set up and use, and dramatically reduces your risk of using public Wi-Fi. 

Anti-Virus Software and Security

Lastly, there's tons of good and free antivirus platforms out there -- the free AV that I usually recommend is Avast, which has plenty of features. I would make sure that Windows Defender is set up properly on your Windows machines (Apple's AV should be set up and running by default on your OSX devices), but there's no harm in downloading and setting up Avast on your devices as well. 

Andrew Schoka