Roll Your Own Security Awareness Training
As you might imagine, RealTime fields a fair amount of questions regarding cybersecurity that range from, “How can we be better protected?” to “I’m scared that we might be hit like that local place just was”. As part of answering this real need for our clients, RealTime is now offering an end-user training program as part of our Identity Shield Services.
However, if you are not a client (yet) or you would like to try this on your own, then you can train on some of the basics of cybersecurity awareness just by spending a little bit of time on YouTube. This is not intended to replace formalized training, but these videos can help you address the most likely threats that the average person encounters just because they use the internet and email in the course of doing their job. These tips are excellent for anyone who just wants to reduce their risks online.
[I’ve watched all of these videos and the links are current as of November 2019. They are each under four minutes and are well worth your time.]
Best single tip that I can provide to help you avoid being hooked by phishing: Microsoft, Google, Apple, Verizon, Bank of America, SSA, IRS, and thousands of legitimate businesses just like them will NEVER, ever, send an email to you asking you to confirm your password.
SUGGESTED LINKS TO YOUTUBE LEARNING
Phishing explained with some education, by SANS
https://www.youtube.com/watch?v=5RHeJAEdiEc
How to spot a phishing email, report by Fortune Magazine
https://www.youtube.com/watch?v=jfnA7UmlZkE
The best tip in this video: If the email looks suspicious, it probably is…
If you only watch one video, make it this one!
An excellent video spotting phishing scams that is well worth the almost 4 minutes of your time. Loaded with realistic examples and tips
https://www.youtube.com/watch?v=0GwWTjz6txU
BEST TIP: Think before you click.
Office 365 phishing attack types with some examples (this is not a video)
https://betanews.com/2019/04/03/office-365-phishing-attacks/
Note that these threats are not unique to Office 365 email – we’ve seen attempts against all web based email systems. Just more confirmation that if something asks you to confirm credentials, or enter your logon info to access an attachment – be wary!
Tech support scam, by USAGov
https://www.youtube.com/watch?v=UGBLjPKSUeU
If you have older parents who use email and the internet, please ask them to watch this video! I have helped too many older, and not so older people, who have been scammed in this way, including my own parents more than once.
Spot a bad URL or Link, by Symantec
https://www.youtube.com/watch?v=YIeS7sJ_Llw
Better passwords, Local CBS news report
https://www.youtube.com/watch?v=oakITDBYElw
Better password management using a password manager.
This post explains LastPass, but all the password manager applications work pretty much the same
https://lifehacker.com/the-beginners-guide-to-setting-up-lastpass-1785424440
One important detail – you want to be sure that whatever application you use has their security act together and stores the passwords properly.
Mobile device security from SANS Security Awareness