Return to Headlines

10 Online Safety Tips for Cybersecurity Month

October is Cybersecurity Month, and we want to ensure you are informed about keeping your devices and personal information safe online with these 10 online safety tips.

Create strong and unique passwords for website access.  

  • Do not reuse a password for multiple sites. When required to use authentication for a website, create a new password for that site that is also strong (check for site password requirements and aim to improve the strength of the password for your account). 

Use multifactor authentication (MFA) whenever possible and appropriate.  

  • Most MFA experiences on websites will be in the form of a code received via text message that needs to be input to continue to your account on that site. MFA will reduce the risk of someone else gaining access to your information and/or impersonating you online.  

If possible, hover over a link on a web page or in an email, and make certain that the link is taking you to the site that you intend to visit.  

  • Hovering over the link is more useful than relying on the text included as the link, as the information shown while hovering over the link will be true to the site that is visited if the link is clicked. 

Look for the padlock (or https://) within the web browser address bar when visiting sites that include sensitive information and/or are transactional. 

  • The padlock (shown without a slash through it) informs visitors that communication with the site is protected by additional security. If there is no padlock, then the site does not include additional communication security and should not be used if transmitting sensitive information such as username/password, credit card information, etc. 

Do not click on a link within an email or text message if you are prompted to confirm or manage sensitive information in that message.  

  • If you receive an email or text with a link to manage and access your account, do not click on the link in the message. It is safer to open up a web browser and go directly to the website to confirm any account information that the site operator requires.  

Keep your device(s) and applications up to date. 

  • Keeping mobile device OS, mobile applications, laptop OS, laptop applications, web browsers, and anti-virus/anti-malware applications up-to-date will make certain that you have the latest security patches and bug fixes that the vendors have published. The updates may be advertised to users as a notification of a suggested update or it may be required and the user is made aware that the update will be installed with a date/time or restart. 

Do not use the "unsubscribe" link included in a message to which you did not originally subscribe.  

  • If you receive a message from a sender that you did not subscribe to or agree to receive messages from, do not use the "unsubscribe" link in the message. If this message is from a business with which you do have a relationship, go to your account settings on their site and update your preferences. If the message appears to be from a business that you do not have a relationship with, mark the message as "SPAM" and the email provider will learn to automatically send similar messages to the "junk" folder rather than your inbox. 

Utilize available security to keep your mobile device safe 

  • Use passphrase or biometric options to reduce unwanted access to your mobile device. As we use our mobile device(s) to access more sites and applications that assume trust in the holder of the device (i.e., do not prompt for re-authentication), you should secure primary access to the device using a passphrase, face id, fingerprint confirmation, etc. as provided by the mobile device manufacturer. 

Use additional caution when using public Wi-Fi.  

  • If you are using a public Wi-Fi connection for online activity, use additional safety while on that network, as they may not have the same level of security as your home or private business network Wi-Fi connections.  

Do not call a number provided in an email or text claiming to be the contact number for a business as part of an unsolicited message. 

  • If you are concerned about an issue that was brought to your attention through an unsolicited email or text message, visit the business operator's website to find customer support contact information. A phone number included in an unsolicited message may not be the legitimate number that will get you in touch with the business that you are attempting to confirm if action is required based on the unsolicited message.