by Dave Moore, CISSP
06/11/2023
Last week, you took my cyber-risk assessment test, covering the two extremely powerful and potentially dangerous technologies that everyone needs to know how to use: computers and the Internet. Let’s see how you fared.
Q1. What is a “browser?” Which one do you use? Why do you use that particular browser? Answer: a browser is a program that lets you look at websites. If you have ever seen a website, you were using a browser. The preferred browser for safety is Mozilla Firefox.
Q2. How do you check your email; do you use an email program, or do you go to your email provider’s website? Answer: there are two ways to check email. Either you use a dedicated email program like Outlook, Thunderbird or Apple Mail, or you visit your provider’s website, sign in and check your email there. When something goes wrong with your email, you need to know the difference.
Q3. What defines a “strong” password? Answer: as we have been taught for years, strong passwords can include upper case, lower case, numbers and special characters. Most of all, though, strong passwords will be long. 20-25 characters is not too long. You can use real words in a password, but it must be a long password. Don’t worry about memorizing it; write it down and hide it somewhere, if you need to. An example of a strong password is wallet37Transcript&coffee. There, see? That was a 25-character password, which could be easily memorized, if you needed to.
Q4. What should you do when Microsoft sends you an alert that there are problems with your computer? Answer: ignore the alert. Microsoft will never, ever send you an alert of this kind. Don’t click anything to make the alert go away, just turn off the computer. If you need to, press the power button; keep pressing and holding it in for up to 10-20 seconds, and the computer will eventually turn off.
Q5. What are the names of the antivirus and/or security programs that you use? Answer: you need to know the name of your antivirus programs, so you won’t be tricked by phony virus alert scams. If you get an alert from “Super-duper Antivirus” saying there’s a problem, and you know you use AVG Antivirus, you’ll also know the Super-duper alert is a fake.
Q6. How do you know if a wireless network is safe? Answer: the minimum requirements for a safe wireless networks are (a) WPA-2 AES encryption, (b) very long (up to 64-characters) passwords/keys, and (c) change the default network name.
Q7. You received a message saying there was a video of you online, and that you should look at it. You clicked the link, but nothing happened. What should you do, next? Answer: the message you received was a scam, trying to get you to infect your computer with malware. When you clicked the link, maybe nothing appeared on the screen, but, “behind the scenes,” bad stuff may have been installed giving crooks access to your computer. Your computer needs to be checked out.
Q8. Are your important files (documents, spreadsheets, contacts, tax returns, photos, etc.) backed up? How do you know? Answer: if you don’t know the answer to this question, that probably means your files are not backed up. That problem needs to be fixed ASAP. Check in next week when I will discuss secure backups for a few columns.
Q9. Who is responsible for Internet safety and security in your home or place of business? Answer: everyone that uses a computer is responsible for Internet safety and security. Safety and security are not IT department responsibilities, they are everyone’s responsibility. System owners (Mom and Pop, CEO’s, Boards of Directors) are ultimately accountable.
Q10. You got a phone call from your bank; they say someone hacked your account, and they need you to select a new password to recover your money. What should you do, next? Hang up immediately. Your bank will never, ever call you like that. Then, call your bank directly and tell them about the call.
Dave Moore, CISSP, has been fixing computers in Oklahoma since 1984. Founder of the non-profit Internet Safety Group Ltd, he also teaches Internet safety community training workshops. He can be reached at 405-919-9901 or www.internetsafetygroup.org