Staying Safe, Online & Off

By Michele Cenzer, GHI Software Support Specialist, Information Technology

iStock.com/YakobchukOlena

Tips to Protect Yourself from Hackers

Target. Facebook. Home Depot. Sony. Ebay. JP Morgan. BlueCross/BlueShield. What do all these companies have in common? They have all been the victims of cybercrime in the past few years — massive amounts of personal data stolen in a matter of seconds. According to a nationwide survey by The Hartford Steam Boiler Inspection and Insurance Co., more than half of U.S. businesses (53 percent) experienced a cyberattack in 2017.

If cybercriminals can hack into some of the world’s largest companies, imagine how easily they might access your own personal computer. One of the many reasons I love working for Goodwin House Incorporated is that I have the opportunity every day to help residents and colleagues stay safe online.

The irony is, cybercriminals have learned that the easiest way to get around our computers’ defenses isn’t hacking and cracking, it’s tricking us into letting them in. They have multiple ways of manipulating us so that we give up information such as passwords or bank information. This is known as “social engineering.”  Criminals take advantage of our trust, curiosity or fear to convince us to let down your guard. They use these tactics because it is often easier to exploit our natural instincts than it is to hack our software.

What to Look For

An attack could come in the most innocent form. Perhaps you receive an email that appears to be from a friend or a company with which you do business. Maybe you see a pop-up ad that claims your computer has been compromised and urges you to call a number for help. You might get an unexpected phone call from someone claiming to be your bank or the Internal Revenue Service (IRS).  Whatever form they choose, criminals are hoping they will get you to give away personal or financial information.

Warning signs:

  • The email, phone call or pop-up ad is unexpected.
  • There is a sense of urgency. Common schemes urge you to act quickly, because your account has been compromised, your order cannot be fulfilled or you need to change your password. Sometimes, they will pretend to be a friend who needs help urgently.
  • The offer is too good, or bad, to be true. You suddenly win the lottery that you don’t remember entering. The bank is reaching out to you because your account is compromised.
  • You are asked for information that you would normally know not to give a stranger.
  • Links are either pointing to a different site than what appears or have misspellings or a different domain (e.g., welsfargo.net—notice the missing letter?).
  • It grabs your attention with “unbelievable results” or “life changing” information.

Protecting Yourself

The ideal that it could be this simple can be scary. But don’t throw your computer out too fast. There are ways to keep yourself, family and friends safe from these digital delinquents. Follow these simple rules to protect yourself:

  • When in doubt, throw it out. If an email looks suspicious, delete it or mark it as junk. Before clicking any links, hover your mouse over them to see the web address to which you’re being directed. To do this, place your pointer just over the link without clicking, you’ll be able to see if it actually sends you to the right website.
  • Don’t click. Don’t click on links from your phone or tablet. Don’t click on pop-up ads. Don’t call numbers from internet ads.
  • Think before acting. Don’t trust anything that asks you to act quickly. Be wary of anything that asks for personal or financial information. Contact the company or person directly by using information on your account statement, the company’s official website or your own address book. Don’t trust contact information in a potentially malicious communication.
  • Use unique passwords for each account. It’s best to use a strong password that is at least 12, mixed characters long and is different from all your other passwords. One technique is to focus on positive sentences that you can remember and then customize it for each account. For example, “I love my grandchildren, Katie & Sam!” becomes I<3mgc,K&S!gOoGL could be your Gmail password (the <3 is said to look like a heart its side). It’s a full 16 characters long and is easily changeable to I<3mgc,K&S!Amzn for Amazon.

Technology is supposed to make life easier, but sometimes it can be a Pandora’s Box of problems. Even the most vigilant computer user can get hacked, losing valuable files, compromising personal information and shutting down expensive hardware and software.  If that happens, here is a great article that outlines important steps to take immediately to minimize the damage. Remember, stay alert and aware online!


Michele Cenzer is a software support specialist in the GHI Information Technology department. Michele provides technical support for all areas of the organization. Her portfolio includes managing the staff cyber security awareness training program and maintaining GHI computer systems to keep them secure. Michele rejoined GHI in 2017 after returning to the DC area from several overseas postings (and one in New York City), where she polished her writing, editing and outreach skills with corporate, government and non-government organizations. She also worked at GHI some 10 years ago in the Human Resources department.