KnowBe4 Tip:Put that badge away!
If you leave the workplace for a lunch break, or run some errands on the way home, chances are you have seen other peoples’ badges.
Can you think of how many different organizations’ badges you recognize in your area?
Is there a picture on the badge? If so, do you know where its located? How big is the picture?
Does the badge have a color to it, or is it just white? Where is the persons name located?
With all that information, do you think you could make one that looked similar?
Badge security – Do’s and Don’ts
If your organization has a formal policy on proper badge use and wearing, please refer to that policy.
DO: wear your badge at all times while inside the building.
DONT: wear or expose your badge while you are in public places.
DO: immediately report when you have lost your badge, or if your badge has been stolen.
DONT: let others use your badge if they have forgotten theirs.
With technology advancing and image creation/editing becoming commonplace, it is increasingly easy for attackers to replicate the look and feel of security badges.
Attackers can take a picture of you, and within hours have a very similar looking badge with their name and picture on it which they use to walk into your building.
When you wear your badge in public, you are also advertising where you work… attackers can better target an organization, or spear phish an individual if they know their name and where they work.
So the next time you leave for lunch break, or leave the office… just put your ID in your purse, or pocket so that others cannot easily gather that information from you.
Always remember to follow your organization’s security policies when it comes to suspicious events. If your organization does not have a specific policy regarding these situations, escalate ANY suspicious events to the IT or Security department.
Security is a team effort. Every employee has a responsibility to the organization to report these events.
Stop Look Think – Don’t be fooled!
How to Protect Yourself from Phishing Attacks
Note: teachers and staff are strongly urged to stay off of shopping sites and social networks while using District supplied laptops or desktops (this is especially true when using devices outside of the District). These types of sites promote computer viruses, along with types of malware, spyware,and ransomeware that could negatively impact your computer and jeopardize your data.
The tax and vacation seasons are a prime time for phishing attacks. Scammers will attempt to gain access to your personal information, eg., credit/debit card information, bank account information, your social security number, etc., by posing as legitimate companies or sites, emails, or even telephone contacts. Scammers can even hold your data hostage, i.e., “ransomeware”; in this case, the user’s data is encrypted and held hostage. In order to decrypt the data, a ransome is demanded by the scammers.
The attached post lists nine tips from Kapersky Labs, a leading anti-virus company, to protect yourself from phishing attacks.
Symantec Corp., manufacturer of Norton Antivirus, has a lot of useful information concerning cyber security, virus protection, and child internet safety on their Internet Security website.
Microsoft also has a very good tutorial and FAQ on ransomeware.
Google has found a way to keep their employees from getting phished. Check out:
How to Avoid Being Scammed
To avoid being scammed or — perhaps, worse — having your phone number added to additional robocall lists, follow these tips from the BBB:
- Do not answer calls from numbers you do not recognize (duh).
- If you do answer and are asked questions that seem to be fishing for a “yes” or “no” answer, do not respond and hang up immediately.
- Never give out any personal information over the phone when you are unsure of the caller (also obvious but worth repeating).
- Make a note of the number and report it to BBB Scam Tracker to help warn others.
- As always, check your bank and credit card statements regularly for unauthorized charges.
You can also report suspicious or unwanted calls to the FTC’s National Do Not Call Registry and register your home and mobile numbers for free to avoid or at least lessen the frequency with which you receive unsolicited calls.