Strong passwords, common sense key to online and mobile security

Fallbrook residents were reminded of the importance of using common sense and strong passwords when going online, even when using their mobile phones.

The Fallbrook Citizens' Crime Prevention Committee hosted Sgt. Mark Varnau, CATCH (Computer And Technology Crime High-Tech Response Team) law enforcement coordinator, at their April 27 meeting.

During the seminar, entitled "Cyber Threats, Trends, and Update," Varnau shared updates from the National Cyber Crime Conference on April 25 in Boston, in addition to the latest computer scams, security issues and internet crimes residents should be aware of.

One of the top security measures that Varnau stressed was passwords and security, both on personal computers and mobile devices.

"In terms of security, people use the most common percentage of passwords in America," said Varnau. "If someone is trying to hack your computer, they can run that list of passwords against your computer and probably guess your password. It's important to have long, strong and unique passwords. For example, I think it's best to pick out a phrase. If you like to fish, I would use the phrase 'I like to fish,' but typed as 'Eye lyk 2 physh#.' This will exponentially increase protection."

Varnau said that these hacks tend to happen when a computer is running idly overnight. As a way to make sure that a computer stays protected, Varnau stated it would be beneficial to turn off computers when not in use, and investing in online or separate backup programs.

"If a virus attacks your Windows program, you're stuck," he explained. "You would have to wipe your machine and reintroduce data to your machine."

Varnau suggested that residents be cautious with unsolicited email, as that could lead to ransomware being downloaded on a machine.

"When in doubt, throw it out and do not click the email," said Varnau. "Typically, ransomware comes attached to some type of email that has a photo or link. When it's clicked, it activates a program to do bad things, such as lock you out of your device by encrypting all your files. If you don't have the encryption key to decode the files, they are lost forever, which is critical if you have important data."

Traditionally, hackers using ransomware demand that computer users pay for their encryption key.

"The recipient of one ransomware attack was a small city on 12 of its computers," said Varnau. "The ransom was only $300, which the city paid. But the FBI runs these types of programs in the lab, and they have found that these kinds of malware don't leave your system. It lets you get into your files for a while, but now the hackers know that you will pay to get those files back."

Other trends to be aware of include fake alerts on non-Microsoft products, passwords being stolen, mobile platform attackers, mobile phone targeting, more tech support scams, and thumbprint and DNA pattern authentication being compromised.

"Use smartphone security like locked screens and virus protection for mobile," said Varnau. "Log out when mobile banking, and do not leave your password saved on your phone. It's important to realize that you have pocket computers now."

Varnau also explained that there is no such thing as 'free' WiFi, and logging onto free services are high risks.

"Unsecured networks invite hackers to view web traffic," he said. "I could name a network 'Starbucks 2' and people will log in thinking they are on Starbucks' WiFi. I can save all your information."

Overall, Varnau encouraged residents to be careful on the sites they visit, and not to look for risky information online.

"If you look for bad things online, bad things will find you," warned Varnau.