As technology gains a more important role in our lives, it also grows in complexity. Given how quickly technology changes, keeping up with security advice can be confusing. It seems like there is always new guidance on what you should or should not be doing. However, while the details of how to stay secure may change over time, there are fundamental things you can always do to protect yourself. Regardless of what technology you are using or where you are using it, we recommend the following four key steps. 

What Can I Do?

You: Attackers have learned that the easiest way to bypass even the most advanced security technology is by attacking you. If they want your password, credit card, or personal data, the easiest thing for them to do is to trick you into giving them this information. For example, they can call you pretending to be Microsoft tech support and claim that your computer is infected when in reality, they are just cyber criminals that want you to give them access to your computer. Perhaps they will send you an email explaining that your package could not be delivered and ask you to click on a link to confirm your mailing address when in reality, they are tricking you into visiting a malicious website that will hack into your computer. This is how attacks such as Ransomware work. Ultimately, the greatest defense against attackers is you. Be suspicious. By using common sense, you can spot and stop most attacks.

Passwords: The next step to protecting yourself involves using a strong, unique password for each of your devices and online accounts. The key words here are strong and unique. A strong password means one that cannot be easily guessed by hackers or by their automated programs. If you are tired of complex passwords that are hard to remember and difficult to type, try using a passphrase instead. Instead of a single word, use a series of words that is easy to remember, such as “Where is my coffee?” The longer your passphrase is, the stronger. A unique password means using a different password for each device and online account. This way, if one password is compromised, all of your other accounts and devices are still safe. Can’t remember all those strong, unique passwords? Don’t worry, neither can we. That is why we recommend you use a password manager, which is a specialized application for your smartphone or computer that securely stores all of your passwords in an encrypted format.

Updates/Patches: Make sure your computers, mobile devices, apps, and anything else connected to the Internet are running the latest software versions. Cyber criminals are constantly looking for new vulnerabilities in the software your devices use. When they discover vulnerabilities, they use special programs to exploit them and hack into the devices you are using. Meanwhile, the companies that created the software for these devices are hard at work fixing them by releasing updates. By ensuring your computers and mobile devices install these updates, you make it much harder for someone to hack you. If your operating systems or devices are old and no longer supported with security updates, we recommend you replace them with new ones that are up to date.

Backups: Sometimes, no matter how careful you are, you may be hacked. If that is the case, often, your only option to ensure your computer or mobile device is free of malware is to fully wipe it and rebuild it from scratch. The attacker might even prevent you from accessing your personal files, photos, and other information stored on the hacked system. Often the only way to restore all of your personal information is from backups. 

As a reminder, OIT will post email scams to the Recent Email Scams tab within the OIT System Status Center.  You can check this site to see if a suspicious email has already been reported.  If you have concerns about a specific email, you may report the email to OIT via abuse@utk.edu or contact the OIT HelpDesk.