October is Cybersecurity Awareness Month. Your sensitive information is something to protect and guard as best you can. Where you store and how you delete this information is what I’d like to cover today.
Image by Pete Linforth from Pixabay
What to Shred
Your mailbox and trash are two places of interest to would-be identity thieves and fraudsters. Here are some of the must-shred items in and around your home that contain valuable personal information.
- 1. Expired IDs and expired or unused credit cards
- 2. Old prescription receipts and personal information on the label
- 3. Outdated medical records, bills, and insurance statements for you, your loved ones, and your pets
- 4. Old insurance policies and claim records that have expired
- 5. Resumes, cover letters, and any application paperwork
- 6. Old home and vehicle titles, after the sale, and after you confirm with your accountant it’s ok to shred
- 7. Tax-related documents, after you hold for 7 years, in case of audit
- 8. Travel itineraries, old hotel room keys, and old boarding passes
- 9. Cancelled checks, bank statements, and investment statements
- 10. Passwords on paper, sticky notes, etc., to access any online or offline account
- 11. Old pay stubs and remember to hold onto 3-6 months as proof of employment for loans or rental applications
- 12. Junk mail – especially pre-approved credit applications,, refinancing offers and return shipping labels
Online Safety
Small actions can make a big difference. Here are four easy steps anyone can take to boost their online safety, recommended by The National Cybersecurity Alliance.
- Use strong passwords and a password manager
- Turn on multifactor authentication
- Recognize and report scams
- Update your software
AI – a Threat and a Defense
The World Economic Forum reports that AI is not only used by cyber defense experts but also by threat actors. Generative AI is increasingly being employed to steal sensitive information.
Advanced phishing, identity theft, and zero-day exploits target unknown security flaws, according to the Forum’s Artificial Intelligence and Cybersecurity: Balancing Risks and Rewards report.
Anthropic, creator of the Claude chatbot, warns that hackers are “weaponizing” its AI, which has been used to develop malicious code affecting at least 17 organizations. The technology also helped hackers choose targets and suggested ransom amounts.
Stolen credentials allow cybercriminals to gain access, making people the weakest link. This is not necessarily due to employees’ negligence but due to the increasing ingenuity of the perpetrators themselves.
Scattered Spider, a group of hackers believed to be behind the attacks on companies including Allianz, Qantas, Marks & Spencer (M&S), Victoria’s Secret, and Whole Foods, is particularly adept at social engineering techniques. They often impersonate employees or contractors to gain access to corporate IT systems.
Deepfakes add another level of sophistication to social engineering, as British engineering firm Arup found to its detriment earlier this year. A group of criminals used AI-generated clones of the company’s senior executives on a video call to successfully trick a finance employee into transferring $25 million.
In a foiled fraud attempt at Ferrari, criminals used the AI-generated voice of CEO Benedetto Vigna, convincing all but one employee, who cleverly asked a question only the real CEO could answer. In the summer, Denmark became the first country in Europe to protect an individual’s right to their appearance and voice as part of an amendment to its copyright law.
On the defense side, ChatGPT owner OpenAI will work with the US Department of Defense to boost its AI capabilities, including cyber defense, as part of a $200 million contract.
After a surge in cyberattacks across Europe, Microsoft has offered no-cost cybersecurity services to European governments. Meanwhile, French Telco Orange announced it is creating a new defense and homeland security division to support European organizations in these areas.
Hackers targeted an IT system that enables different airlines to use the same check-in desks, causing long queues, flight delays, and cancellations in Europe this summer. These attacks may lead to international collaboration in the battle against cybercrime and may fast-track new approaches to identifying potential vulnerabilities early, before they can be exploited.
10 Ways to Protect Sensitive Information
Let me leave you with 7 ways to protect your sensitive information. It may be repetitive. I stress the importance of regular reviews in this rapidly changing environment.
- 1. Protect everything with passwords
- 2. Back up regularly
- 3. Keep business software up to date
- 4. Use a VPN
- 5. Install antivirus software
- 6. Use multifactor authentication
- 7. Communicate with trusted helpers
Communication with a vetted and trusted source is important. If, for any reason, you are unable to access your data, have you communicated with anyone to step in and act for you?
Protecting you and your sensitive information is a good fall activity! Take small steps and actions to help you move forward, even amidst changes. As always, know I am here to support you.
Reach out with any questions via Email or feel free to Book a Time with Lynn to connect via Zoom to discuss your particulars. For additional information about my work, check out @ The Living Planner or @ The Living Planner. If pre-planning is on your agenda, my book is a resource for you. The Living Planner What to Prepare Now While You Are Living © Check it out HERE.
Quote for the week: “The purpose of human life is to serve, and to show compassion and the will to help others.” — Albert Schweitzer
Protect you and your sensitive information, Lynn
#Can’tPredictCanPrepare #CareForPeopleCareForBusiness