You are here

Stop.Think.Connect. Campaign Blog

How to File Your Taxes Like A Secret Agent: Be Observant, Be Untraceable, Be Secure

April 3, 2018

Top-secret agents – like Hollywood’s famous James Bond – are not the only ones with the ability to observe their surroundings and make detailed assessments of their environment without a trace. This tax season, learn to have spy-like situational awareness to protect yourself from tax fraud and similar crimes. As the name implies, situational awareness is observing what is going on around you. It sounds easy in principle, but in reality, requires practice. Even though this skill is taught to soldiers, law enforcement officers, and even trained agents, it is an important skill set for everyday people to learn as well. In an unsafe environment – which can also include the internet – being aware of a threat, being untraceable, and being secure can keep you and your loved ones safe. Follow the rules below to help you file taxes like a secret agent:

Be Observant
When online, always stay in a relaxed, alert position like a special agent. Think of a yellow streetlight at an intersection—just because you do not see a threat does not mean there is not one.

  • Do not give out your personal information, unless it is requested from a trusted entity using a secure web address. The Internal Revenue Service (IRS) does not initiate contact with taxpayers by email, text messages, phone calls, or social media. If you receive unsolicited emails claiming to be from the IRS, do not click on any links or reply. Instead, forward it to phishing@irs.gov so the IRS can investigate the hoax email. The next step is to delete it from your inbox.
  • Look out for fraudulent messages or websites claiming to be from the IRS. Exercise caution when opening suspicious email attachments. Do not open attachments or click on web links in unsolicited email messages or untrustworthy sites. Con artists who try to access your financial or personal information may use the IRS name or logo in email messages and on fake websites to bait potential victims. Ensure that you have typed www.IRS.gov into your web browser to be certain you are visiting the official IRS website.

Be Untraceable
As millions of Americans file their taxes online, cyber criminals try to trick unsuspecting people into sharing personal or financial information to cash in on your tax refund. What would Bond do to remain untraceable?

  • Only share personal information over a secured network. When utilizing Wi-Fi, ensure you join a password-protected network – avoid connecting to a network that is publicly available and doesn’t require a password. Using free, open Wi-Fi makes it easier for cyber criminals to capture and steal your information. Never prepare your tax return or conduct other online activities, such as banking and shopping, when connected to an unsecured wireless network.
  • Update your social media privacy settings and your passwords. Popular social media platforms are modifying their security settings constantly. Follow their lead and ensure your profile is on lockdown and up-to-date with the most recent privacy settings. Change your password frequently to minimize the potential for hacking.

Be Secure
Once the mission of filing your taxes is over, do not let down your guard. Secret agents do not get days off.

  • Back up your information and store your electronic tax records safely. A lot of Americans file their taxes and store them online. When preparing your tax return for electronic filing, make sure to use a strong password to protect the file. If you are working with an accountant, ask them what safety efforts they have set up to secure your data.
  • Save your tax returns: You should transfer your tax return information to a CD or flash drive and store it in a secure location just in case you are not able to access your returns online. Just like James Bond, always have a back-up plan in the case of an emergency.

Secret agents always finds ways to remain undetectable and stay a step ahead of the bad guys. The spy-like ability to observe your surroundings and make detailed assessments of your environment are skills that need practice. When completing your taxes and even throughout the year, consciously remind yourself to look out for fraudulent messages, update your social media settings, and back up your information. Stay in the relaxed, alert position by storing your information the correct way. Do that regularly, and situational awareness will not be something you have to think about intentionally, but like an agent, just something you do naturally do.

Holiday Shopping Tips

December 12, 2017

Just like food and decorations, deep discounts and bargain prices have become a huge part of the holidays. As shoppers go online to find good deals, they are also exposing themselves to cyber criminals seeking to exploit the festive season.

Scammers and spammers view the holidays as a golden opportunity to take advantage of unsuspecting online shoppers. Hackers may use tactics like preying on popular keyword searches to lure shoppers to malicious websites, with the goal of collecting financial and personal information.

To help keep you and your bank account safe, it's important to learn how to shop securely during the holidays. These simple tips from the STOP.THINK.CONNECT.TM  Campaign can help protect your personal information and transactions throughout the holiday season:

  • Watch out for deals that look too good to be true. Scammers often try to trick shoppers by offering extremely low prices on hard-to-get items. Don't open suspicious email attachments or follow unsolicited web links in email messages.
  • Consider using a credit cards instead of a debit card. There are laws to limit your liability for fraudulent credit card charges, and you may not have the same level of protection when using your debit card. Check with your providers to see what protections they provide for each card you have.
  • Avoid financial transactions on public Wi-Fi, which is often not very secure. Save your online shopping, banking, or sensitive transactions for your home network.
  • Keep your computer, browser, anti-virus, and other critical software up to date.
  • Check privacy policies. Before providing personal or financial information, check the website's privacy policy to ensure your safety.
  • Beware of fake URLs. Malicious websites look like legitimate sites, but the URL may use a variation in spelling or a different domain (e.g., .com vs .net). Also look in the address box for the "s" in https:// before any transaction. That "s" tells you that the site is taking extra measures to help secure your information.
  • Keep a record of your purchases and copies of confirmation pages in case there are unauthorized purchases on your bank statements. If there is a discrepancy, report it immediately.

For more holiday shopping tips, check our the Federal Trade Commission. The Department of Homeland Security's STOP.THINK.CONNECT. Campaign also provides advice and resources to help you stay safe online all year round.

Help Wanted: Veterans are Ideal Candidates for Cybersecurity Careers

November 8, 2017

Cyber attacks have emerged as a leading threat to our national security. Our Nation needs skilled cybersecurity professionals to defend our country from cyber criminals who threaten our security, economic stability, and American way of life.

Veterans who have served and protected our country are well positioned to transition into these crucial roles. Through their military service, they already possess many of the skills necessary to succeed at cybersecurity.

"I was surprised at how well my military background prepared me for a job in cybersecurity," said Able Green, a retired Army infantryman currently serving in the National Guard. Green works as a Program Analyst for the Department of Homeland Security's (DHS) Office of Cybersecurity & Communications.

"In the military, nothing stays the same - you're constantly adapting to change. Cybersecurity is the same way. New threats come out every day, so you're always problem solving and learning something new."

In honor of Veterans Day this November, DHS is helping U.S. veterans transition into new rewarding careers in cybersecurity, which offer competitive salaries and a rewarding role in protecting our Nation.

"Cybersecurity lets you stay in the fight," said Green. "When you're deployed, you have a strong sense of purpose about what you're doing, and I miss that feeling when I retired. As a cybersecurity professional for DHS, I've found that sense of purpose again. I'm still protecting the country, but in a different way."

Here's a look at the resources available to help veterans transition to cybersecurity careers:

"I would encourage my fellow veterans to give cybersecurity a chance, whether you're cyber savvy or not," said Green. "Go to FedVTE, try a free beginner course, and then you'll know if you can do it. I was surprised at how easy it was."

To learn more about cybersecurity education and career development, visit www.dhs.gov/topic/cybersecurity-education-career-development. To learn more about cybersecurity careers at DHS, visit www.dhs.gov/homeland-security-careers/dhs-cybersecurity.

Building Resilience into Our Nation's Critical Infrastructure

October 30, 2017

Our Nation's critical infrastructure now runs on the internet. The systems we depend on every day - like electricity, running water, traffic lights, and telecommunications systems - are all operated through digital networks, making them vulnerable to cyber attacks. As data breaches continue to make headlines, it's essential that all Americans understand their role in protecting our critical infrastructure.

Each day, people connect to our Nation's critical infrastructure without even realizing it from their smart phones, tablets, and computers. As the Department of Homeland Security transitions from October's National Cyber Security Awareness Month (NCSAM) into November's Critical Infrastructure Security and Resilience Month (CISR), we are highlighting the connection between cybersecurity and our Nation's critical infrastructure.

Critical infrastructure is the backbone of American society, and we all play a role in keeping it strong, secure, and resilient. Individual Americans can do their part by practicing good cybersecurity behaviors in their daily lives. By being vigilant about online threats, we all can help defend our Nation's critical infrastructure from cyber attacks.

The Stop.Think.Connect.TM Campaign encourages all Americans to take the following steps to help secure our critical infrastructure:

  • Read privacy policies. Make sure websites that ask for personal information (to pay a utility bill, for example) use encryption to secure their portals. Also be sure companies or vendors adhere to high.
  • Keep a clean machine. Some of your connected devices can be connected to critical infrastructure services, such as energy. Having the latest security software, web browser, and operating system are the best defenses against online threats. Keeping the software on your device up-to-date will prevent attackers from being able to take advantage of known vulnerabilities.
  • Turn on stronger authentication. Stronger authentication requires that you use your password in conjunction with an additional piece of information (commonly a one-time PIN sent to your mobile device). Even if cyber criminals have your password, they won't be able to access your account without the second piece of information. Visit www.LockDownYourLogin.com for more information on stronger authentication.
  • When in doubt, throw it out. Links in emails, tweets, posts, and online advertising are often how cyber criminals compromise your computer. If it looks suspicious, even if you know the source, it's best to delete it.
  • If you see something, say something. Report suspicious cyber activity, especially if you think it poses a threat to our critical infrastructure.

DHS works with critical infrastructure owners and operators every day to better secure our essential systems from cyber threats. The Department's CVoluntary Program supports industry in increasing cybersecurity resilience, promotes awareness and use of the NIST Cybersecurity Framework, and encourages organizations to manage cybersecurity as part of an all hazards approach to enterprise risk management. For more information, please visit www.us-cert.gov/ccubedvp.

Critical infrastructure enables our daily lives, whether we're taking a shower, using the internet, plugging in a phone, or turning on a gas stove. To learn more about protecting and securing our Nation's critical infrastructure from cyber threats, please visit www.dhs.gov/cisr-month and www.dhs.gov/ncsam. For more information on what critical infrastructure is and what the 16 current sectors are, visit www.dhs.gov/what-critical-infrastructure.

The Internet Wants YOU: Consider a Career in Cybersecurity

October 24, 2017

Cybersecurity has emerged as one of the leading creators of jobs, with opportunities for careers in nearly every industry. A study by the  Center for Cyber Safety and Education estimates there will be a shortage of 1.8 million cybersecurity workers by 2022, which is why it's critical that more Americans are encouraged to pursue careers in this field.

Cybersecurity professionals play a crucial role in the United States national security. Cyber attacks from hackers, organized criminals, or state actors jeopardize the safety of Americans and put our country at risk. To combat these rising threats, our Nation needs a stronger cyber workforce of educated and dedicated cybersecurity professionals to secure our Nation's internet systems and protect our government, our companies, and our citizens.

Throughout National Cyber Security Awareness Month, the Department of Homeland Security (DHS) is bringing attention to our Nation's critical need for cybersecurity professionals. A career in cybersecurity is becoming more attractive - offering high earning potential, a wide range of job opportunities, and a rewarding role in protecting our national security.

DHS is working to develop a stronger cybersecurity workforce by promoting cybersecurity education and careers. As one of the Department's efforts, DHS partners with National Science Foundation to co-sponsor the CyberCorps® Scholarship for Service Program (SFS).

The SFS Program provides scholarships to students pursuing cybersecurity-related degrees at participating colleges and universities. Funded through grants from the National Science Foundation, these scholarships are meant to cover a full-time student's tuition and education fees as well as providing an annual stipend.

"The mentorship and guidance I received in the Scholarship for Service Program shaped my career path tremendously," said Patrick Kelly, an alumnus of the SFS Program. "I didn't even know that a career in cybersecurity was a possibility until I heard about SFS."

After completing their degree, scholarship recipients serve in a cybersecurity-related position in the government for a period equivalent to the length of their scholarship. Since 2001, the SFS program has had around 2,300 graduated with a 94% job placement rate. Scholarship recipients also get exclusive access to hiring fairs for internships and permanent hire opportunities within the government.

"Cybersecurity is an exciting and ever-changing field, with a lot of demand and opportunities for growth," said Kelly. "I couldn't be happier that I chose it as my career."

For more information about SFS awards, check out the program guidelines as well as the list of participating academic institutions. In addition to SFS, DHS provides the following resources to help promote cybersecurity careers to a wide audience, from students to veterans and beyond:

Join us in advancing a strong cybersecurity workforce during National Cyber Security Awareness Month by raising awareness about cybersecurity education and careers. Learn more at www.dhs.gov/ncsam or www.dhs.gov/StopThinkConnect.

Today's Predictions for Tomorrow's Internet

October 16, 2017

We live in a world of "smart" objects. Whether it's a fitness band to track our eating and exercise habits, an app to control the temperature in our homes, or a sensor to alert us when we need groceries, apps and connected devices are bringing a tremendous level of convenience and efficiency to our busy lives.

Americans can embrace the advantages of these new technologies while also being cautious of the risks. Our sensitive, personal information - including our banking and credit card information, personal health data, and our addresses and location information - is the fuel that makes these devices work. The more connected devices we have, the more data we are sharing about ourselves online, making it hard to control how this information is used.

Just as people lock their doors to protect their valuable possessions, Americans must also secure their connected devices to keep their sensitive personal information safe from cyber threats. During National Cyber Security Awareness Month 2017, the Department of Homeland Security (DHS) encourages you to follow these tips from the Stop.Think.Connect.TM Campaign to stay safe while using connected devices:

  • Make sure you trust the app or device. The security of apps and connected devices is often lacking, so be the vendor of the device or creator of the app is reputable. Research the product and read consumer reviews to avoid scams.
  • Know what information you're sharing. When you download an app or purchase a device make sure to read the privacy policy to know what information will be collected about you. Cyber criminals can use personal information like your bank account number, address, health information to steal your identity or money, so be sure the website or app doesn't share you data publicly.
  • Update your apps and devices. Viruses and malware exploit outdated software, so protect yourself from cyber attacks by updating your apps and devices regularly. To further increase your security, delete any apps that you rarely or no longer use.
  • Secure your home network. Cyber criminals could potentially access all your Internet-connected devices by exploiting your home Wi-Fi network. Keep these devices and your network secure by changing the factory-set password and username on your home Wi-Fi.
  • Set strong passwords. Always change default passwords, and use a different password for every account. Setting strong passwords that are long, unique, and hard to guess is one of the most important things you can do to protect your online accounts.

DHS is committed to working with the private sector to ensure  our future technologies are secure. In the Strategic Principles for Securing the Internet of Things document, DHS provides developers, manufacturers, service providers, and industrial and business-level consumers with security best practices for the development, manufacturing, implementation, and use of Internet-connected devices.

For more information on how to protect your personal information while using connected devices, please visit www.dhs.gov/ncsam or www.dhs.gov/StopThinkConnect.

Cybersecurity in the Workplace is Everyone's Responsibility

October 10, 2017

The Internet is the new storefront for many businesses in America. As companies large and small embrace the advantages of doing business online, they also experience increased risk of cyber attacks and data breaches.

An organization could experience significant financial losses, damage to its reputation, and severe interruptions to its operations from a cyber incident, which is why all businesses - including large corporations, small businesses, and startups - need to ensure their sensitive data and networks are secure.

As recent major cyber incidents have shown, cyber criminals often gain access to systems and information by exploiting human error, such as clicking on malicious links, creating weak passwords, and failing to install software patches. That's why every individual in an organization - from the custodian to the CEO, and the intern to the administrative assistant - has a role in cybersecurity.

As part of National Cyber Security Awareness Month 2017, the Department of Homeland Security (DHS) encourages businesses of all sizes to strengthen their cybersecurity defenses. Even simple behaviors can make a huge difference in the overall security of an organization.

Here are some online safety habits any employee - regardless of their role - can practice daily:

  • Use strong passwords and change them regularly.
  • Keep your usernames, passwords, or other computer/website access codes private.
  • Only open emails and attachments from people you know.
  • Do NOT install or connect any personal software or hardware to your organization's network without permission from the IT department.
  • Make electronic and physical backups or copies of all your important work.
  • When you work from home, secure your Internet connection by using a firewall, encrypting information, and hiding your Wi-Fi network.

DHS, the agency most responsible for domestic security, understands the importance of prioritizing cybersecurity awareness and training for our workforce. A good example is DHS's Transportation Security Administration (TSA), which trains new employees in cybersecurity from the minute they walk through the door.

"At TSA, we face the same cybersecurity threats that businesses fact, like phishing and social engineering," said Peter Sindt, Section Chief, Cyber Security Awareness and Outreach, TSA. "That's why we are constantly reinforcing cybersecurity awareness and best practices."

TSA uses a combination of video and classroom training, phishing exercises, and even a cybersecurity-focused app to train their employees on the latest cybersecurity threats. Their newest initiative is a cybersecurity ambassador program, in which employees in non-IT fields serve as ambassadors to help raise cybersecurity awareness among their coworkers.

To improve the cyber resiliency of your organization, leverage the CVoluntary Program Small and Midsize Business (SMB) Toolkit, which provides resources specifically designed to help small and medium sized businesses evaluate and minimize their vulnerability to cybersecurity risks. You can also take advantage of the NICE Cybersecurity Workforce Framework, which helps employers hire the most qualified cybersecurity professionals by providing a standard set of terms, tasks, and skill to define cybersecurity work.

For more information about protecting your organization from cyber threats, please visit www.dhs.gov/ncsam or www.dhs.gov/StopThinkConnect.

National Cyber Security Awareness Month 2017: Simple Steps to Online Safety

October 2, 2017

Today, the Department of Homeland Security (DHS) announces the 14th   National Cyber Security Awareness Month (NCSAM). Observed every October, NCSAM is an opportunity to raise awareness about the growing importance of cybersecurity and equip the American public with tools and resources to protect themselves online.

Every American is a valuable part of the cybersecurity chain, including our children, workers, older individuals, and students. DHS is doing its part to help American stay safer online through cybersecurity education, events, and resources. We want to empower our citizens to have the skills and knowledge they need to avoid cyber threats every day.

From connecting with friends on social networks to managing our finances online, Americans enjoy the convenience and efficiency of their digital lives, but these benefits aren't without risks. Ther personal information that we share online while banking, shopping, and posting on social media presents a huge opportunity for cyber criminals to steal our sensitive data to commit crimes.

As more online scams, frauds, and data breaches threaten our digital lives, it is critical that everyone makes cybersecurity a priority. You don't have to be technically "savvy" to stay safe online - even small actions can make a huge difference in avoiding cyber threats. To help protect yourself online, the Department of Homeland Security encourages you to follow these simple tips.

  • Lock down your login. Usernames and passwords are often not enough to protect important accounts like email, banking, and social media. Fortify your accounts by enabling the strongest authentication tools available, such as multi-factor authentication for your online accounts and fingerprint identification and security keys to lock your mobile device.
  • Keep a clean machine. Regularly update the software on your Internet-connected devices, including PCs, smartphones, and tablets, to reduce the risk of infection from malware.
  • Treat personal information like money. Information about you, such as your purchase history and location, has value - just like money. Protect your data by being cautious about how your information is collected by apps and websites.
  • Own your online presence. Control and limit who can see your information online by checking the privacy and security settings on your accounts and apps. Anything you post publicly could potentially be seen by a cyber criminal, so keep your personal information private.
  • Share with care. Think before posting about yourself and others online. Consider what a post reveals, who might see it, and how it could be perceived now and in the future.

Join us in celebrating National Cyber Security Awareness Month throughout the month of October. Please visit www.dhs.gov/national-cyber-security-awareness-month or www.dhs.gov/StopThinkConnect for more information.

This Preparedness Month, Don’t Forget About Cybersecurity!

September 8, 2017

During National Preparedness Month, Americans all over the country prepare for unexpected fires, hurricanes, tornados, floods, or human-made disasters. But there’s another threat Americans also need to be prepared to protect themselves from— cyber crime.

As the risk of cyber crime continues to increase, cyber attacks are becoming the new normal. This year has seen a number of high-profile cyber incidents, including the WannaCry and Petya ransomware attacks and the HBO and Netflix hacks. These incidents might not seem relevant to individual Americans, but, in reality, these attacks demonstrate that digital threats to our physical lives are becoming ever more severe.

Cyber crime impacts all of us, not just large corporations, and cyber criminals are only getting more sophisticated. According to the Pew Research Center, nearly two-thirds of Americans have been personally affected by a cyber crime like hijacked email accounts, fraudulent credit card charges, identity theft, and stolen sensitive information such as Social Security or financial account numbers.

Now imagine that these same cyber criminals hacked into the U.S. electric grid to cause a massive power outage. Or what if they shut down ATM networks and banking systems? The effects of physical threats, like fires and hurricanes, are easier to see, but cyber threats can have equally devastating consequences on individuals and communities.

Unlike preparing for physical threats like fires or natural disasters, the best preparedness for and defense against cyber threats is practicing safe online behaviors every day. When you are smart about your online behaviors, you not only protect yourself but also your family, community, and workplace. Be cyber prepared by practicing these simple online safety habits every day:

  • Be wary of free Wi-Fi networks. Never bank or shop over free Wi-Fi networks, which are often not secure. You risk cyber criminals gaining access to your accounts and stealing your personal information.
  • Think before you click. Don’t click on links or open email attachments you don’t trust. Look closely at the link or the sender of the message to make sure it’s legitimate. When in doubt, throw it out – ignore the link or delete the email.
  • Protect your privacy. Review the privacy settings on your social media accounts to limit who can see your information. Also, never post sensitive information – like your address, birthday, or phone number – publicly.
  • Back up your data. With threats like ransomware on the rise, it’s more important than ever to protect your valuable work, music, pictures, and other digital information by keeping back-up copies.
  • Set strong passwords: Do not use the same password twice, and choose passwords that are hard to guess and contain a combination of letters and numbers.  

If you become the victim of a malware attack, phishing scheme, or other cyber crime, contact your local law enforcement or the United States Computer Emergency Readiness Team (US-CERT) at www.us-cert.gov/forms/report.

Join us in celebrating National Preparedness Month in September and National Cyber Security Awareness Month throughout October. Please visit www.ready.gov/september, www.dhs.gov/national-cyber-security-awareness-month, or www.dhs.gov/stopthinkconnect for more information.

Back-to-School: Cyber Safety 101 for You and Your Kids

August 7, 2017

Back-to-school season is here! With summer coming to an end, it’s a hectic time for kids and parents alike. As you scramble to get all the right school supplies for your kids, don’t forget to share the importance of online safety with them, too. Talking to your children about Internet safety is just as important as talking to them about avoiding strangers and looking both ways before crossing the street.

Today’s kids are online now more than ever. A 2016 study by the Center for Cyber Safety and Education found that children in grades 4-8 spend an average of two hours per day online for reasons other than homework. As kids spend more time on the Internet, they are exposed to increased cybersecurity risks, including cyber bullying, inappropriate content, cyber predators, and scams.

As you prepare your child to go back to school, the Stop.Think.Connect.TM Campaign encourages you to take the following steps to protect your child online:

  • Help your children search safely. Unfortunately, the Internet is filled with inappropriate websites and content. To protect your kids from these online threats, install web filtering software that can limit your children’s access to certain sites, words, and images. You can also take advantage of child-safe search browsers designed specifically to protect children online.
  • Teach them good cyber etiquette. Remind your kids that posts they write and images they share online have consequences offline. Once they post something, they can’t take it back. Even if they delete it, it may still exist on other people’s computers and circulate online. Encourage your kids to be careful about the language, pictures, and videos they post. Tell them to treat others online the way they want to be treated.
  • Ask about their online activities. Just as you want to know who your kids’ friends are offline, it’s a good idea to know who they’re talking to online. Make sure you know what social media websites your children are using, and review their online contacts list to be sure their “friends” are people they actually know. Have conversations about what they do online to prevent them from being exposed to dangerous people, activities, or content.
  • Make sure they have strong privacy settings. Use privacy settings to restrict who can access and post on your child’s profile, and talk to your children about the importance of privacy online. Remind them to protect their personal information – such as their Social Security number, home address, full name, birthday, phone number, and account passwords.

Savvy Cyber Kids, a Stop.Think.Connect. Campaign partner, offers a variety of resources to help you talk to your kids about online safety, including videos, guides, books, and advice. Their Savvy Cyber Kids at Home book series helps young children learn about online safety using pictures and rhymes to make sure they are ready to start playing in cyberspace. Visit www.savvycyberkids.org for more information and resources for your family.

The Department of Homeland Security’s Stop.Think.Connect. Campaign also offers the Chatting with Kids about Being Online Booklet to help you start cybersecurity conversations with your kids. 

To learn more about how to stay safe online, please visit the Department of Homeland Security’s Stop.Think.Connect. Campaign at www.dhs.gov/stopthinkconnect.

The Stop.Think.Connect. Campaign Blog contains the latest cybersecurity news and tips to help you and your family stay safe online.

Ransomware Explained: 5 Tips to Keep You Safe

July 19, 2017

Ransomware has been making the news lately. As one example, computer systems around the globe were affected by the ransomware strain WannaCry in May 2017, making it one of the largest cyber attacks in history. The damage and disruption caused by this ransomware infection is a wake-up call to the need for stronger cybersecurity.

What is ransomware?

Ransomware is an extremely effective type of malicious software (or “malware”) that locks down a computer and takes select data “hostage.” The victim is told they won’t be able to access their files or computer until they pay a ransom to the attacker. Cyber criminals usually distribute ransomware through phishing emails or infected websites.

More than 4,000 ransomware attacks have occurred per day since January 1, 2016, making it the fastest growing malware threat. Ransomware doesn’t just target businesses and large institutions – individuals are also at risk of being victimized. That’s why it is essential that all Americans learn how to protect themselves from this significant threat.

Here are five tips to protect yourself from ransomware:

  1. Be careful opening email attachments. If you don’t know the sender, don’t trust the attachment because it could contain and activate ransomware or other malicious software.
  2. Check before clicking on links. Sometimes malicious links to criminal websites are disguised to look like legitimate links. If you see a suspicious link in an email or on a webpage, hover over it to see the full URL and make sure it leads to a legitimate website.
  3. Back up your data offline. Keep up-to-date backups of all your essential data offline. That way you’ll have extra copies in case a cyber criminal tries to steal your data.
  4. Update your devices. Ransomware usually takes advantage of outdated software or systems. Defend your data by keeping your computer and applications updated.
  5. Install security software. Security software – such as anti-virus, firewalls, and spyware removal – can help detect threats to your computer, block criminal websites, and minimize damage in case you accidentally click a malicious link.

Visit the United States Computer Emergency Readiness Team’s website, part of the Department's National Cybersecurity and Communications Integration Center, to learn more about current ransomware threats. You can also report incidents to US-CERT.

As technology advances, cyber threats like ransomware are becoming more sophisticated. Now more than ever, it’s essential that all Americans know how to keep their computers and sensitive information safe from cyber criminals. Cybersecurity isn’t just the responsibility of IT professionals – everyone can take measures to protect themselves online.

For more tips on how to stay safe online, please visit the Department of Homeland Security’s Stop.Think.Connect.™ Campaign at www.dhs.gov/stopthinkconnect.

Five Tips to Keep Your Kids Safe Online this Summer

June 12, 2017

You teach your children to wear helmets when they ride bikes and sunscreen when they’re outside, but are you also teaching them to be safe online? June is Internet Safety Month, a perfect opportunity to talk with your kids about online safety.

Summer break is here, which means kids are starting to spend more free time online and on mobile devices. Children run into all sorts of risks in the cyber world, including cyberbullying, inappropriate content, online predators, and cyber criminals seeking to steal their personal information. It’s important for parents to know how to keep their children safe from these threats online. As summer vacation kicks off, the Department of Homeland Security encourages you to share these five online safety tips with your children:

  1. Don’t share too much information. Create a list of things your kids should never post or share online – like their birthday and year, full name, address, and phone number – and make sure they understand why it is important to keep this information private.
  2. Be careful about what you post. The Internet isn’t private. Once your kids share a post, picture, or video, they can’t control how others will use it, and it can never be permanently deleted. Teach them be thoughtful and cautious in what they post and share online.
  3. Only connect with people you know. “Don’t talk to strangers” is a good rule for the real world and the cyber world. Predators and stalkers can easily create fake profiles to hide their identities, so instruct your kids to only connect with friends they actually know in real life. Also check your children’s privacy settings to make sure strangers can’t see their profiles. Sometimes privacy settings get reset to default settings during program updates, so check their profiles regularly.
  4. Keep your location private. Many apps, networks, and devices have geo-tagging features which broadcast your location. This information could lead a stalker directly to your kids, so check that these features are completely off.
  5. Protect your password. Show your kids how to create strong passwords and make sure they know to never share them with anyone (except their parents or a trusted adult).

If you’d like to learn more about protecting your children online, check out the “Chatting with Kids about Being Online” Booklet from the Stop.Think.Connect.™ Campaign.

The Family Online Safety Institute (FOSI), a Stop.Think.Connect.™ Campaign National Network partner, provides a wealth of resources about being a good digital parent. On their website, you’ll find research, advice, videos, and guides to help you have impactful conversations with your kids about online safety. Visit www.FOSI.org for more information and resources for your family.

For more tips on how to stay safe online, please visit the Department of Homeland Security’s Stop.Think.Connect.™ Campaign at www.dhs.gov/stopthinkconnect.

Help Older Americans Protect Against Online Scams

May 8, 2017

Americans, young and old, are using the internet and mobile devices on a daily basis. Specifically, older Americans are increasingly utilizing mobile phones, tablets, and wearables to stay connected, informed, and involved with family and friends. This increased connectivity has many advantages, but it also presents a unique set of risks for people over 65.

May is Older Americans Month, a month that celebrates the vitality of older people and their contributions and achievements. This offers a unique opportunity to talk with the people over 65 in your life about the importance of cybersecurity.

Cyber criminals often target aging adults, believing they are more likely to fall for online scams like phishing, online fraud, and identity theft. For example, a cyber criminal may email an older American claiming to be a real financial or government organization, like their bank or the Internal Revenue Service (IRS), asking for money or for them to share their sensitive personal information. Learning how to protect your identity and personal information online – and how to spot an online scam – is just as important as understanding how to use the latest technology.

Since cyber criminals are more likely to attack aging Americans, it is critical to equip them with the knowledge to protect themselves online. The Department of Homeland Security encourages older Americans, and all citizens, to follow these three tips to be safe online:

  • Beware of “free” gifts or prizes. If something is too good to be true, then it probably is.
  • Most businesses or organizations don’t ask for your personal information over email. Beware of any requests to update or confirm your personal information.
  • It is important to add only people you know on social media sites and programs like Facebook and Skype; adding strangers could expose you and your personal information to scammers.

For more information about cybersecurity and older Americans, visit the DHS Stop.Think.Connect. Campaign’s toolkit.

The Administration for Community Living (ACL), a Stop.Think.Connect. Campaign partner, leads the national celebration of Older Americans Month (OAM) each year. The theme for OAM 2017 is “Age Out Loud,” which gives aging a new voice—one that reflects what today’s older adults have to say. For more information on OCM and how to get involved, please visit https://oam.acl.gov/.

For more tips on how to stay safe online, please visit the Department of Homeland Security’s Stop.Think.Connect. Campaign at www.dhs.gov/stopthinkconnect.

Decluttering your Digital Life

April 17, 2017

Start fresh this spring – online and offline. In addition to the traditional tasks on your spring cleaning list like tidying the closet and washing the windows, take time to create a "digital spring cleaning" list as well.

What exactly does a "digital spring cleaning" entail?

A digital spring cleaning means taking control of your digital life and the information that you share online. Similar to regular cleaning or tidying one’s home, it might seem like a daunting task at first. In reality, just a few simple steps can make a big difference in helping protect yourself online.

The Department of Homeland Security recommends that you incorporate these cyber tips into your spring cleaning routine this year:

  • Clean your machine. Update the security software on all of your devices that connect to the Internet. Keeping the software on your devices up to date will prevent attackers from taking advantage of known vulnerabilities. Also review the applications you have downloaded. If you no longer use a particular app, delete it. It’ll not only free up storage space on your device, but it will also remove permissions that app has to potentially gather your information.
  • Turn on multi-factor authentication. Enable stronger authentication on your online banking and email accounts. Turning on a two-factor authentication, such as a PIN sent to your mobile device, helps verify a user has authorized access to an account. For more information about authentication, visit the Lock Down Your Login Campaign at http://www.lockdownyourlogin.com.
  • Tidy your online reputation. Review your social media accounts and delete old photos or posts that may no longer represent who you are. As you go through your online posts, think about how they might influence others’ opinions of you. Also take the time to review the privacy settings on your online accounts. Take advantage of the privacy settings offered by major online apps and websites by limiting the amount of people who can see the information you share.

Visit and download the National Cyber Security Alliance’s "Digital Spring Cleaning Checklist" for more steps to clean up your online life.

For more tips on how to stay safe online, please visit the Department of Homeland Security’s Stop.Think.Connect. Campaign at www.dhs.gov/stopthinkconnect.

Fight Against Online Tax Fraud

March 15, 2017

Incidents of identity theft and online fraud are on the rise this time of year as millions of Americans file their taxes online. In the 2016 tax season, the IRS saw an approximate 400 percent surge in phishing and malware incidents. Sophisticated cybercriminals are actively looking to steal your identity to fraudulently claim your tax refund, making it critical to stay extra vigilant in the coming weeks.

Unfortunately, it is easier than you might think for criminals to be successful in claiming tax returns fraudulently - in most cases all they need is your name, social security number, and date of birth. During tax season, and year-round, consumers should be very cautious about sharing personal information online. Consumers should not trust any text messages, emails, or phone calls from anyone claiming to represent the IRS and asking to share personal information. The IRS does not use electronic communications, such as email, text messages and social media channels, to initiate contact with taxpayers to request personal or financial information.

The Stop.Think.Connect. Campaign encourages you take the following measures to protect yourself against online tax fraud:

  • Don't give out your personal information, unless it is to an established, trusted entity.
  • Look out for phony messages or websites claiming to be from the IRS or tax preparation services. These websites can look quite legitimate so do your due diligence in spotting a fake.
  • Beware of promises offering "free money" from inflated refunds.
  • Back up your data and store your electronic tax files securely.
  • Only share personal information over a secured network.

The IRS offers tips for filing taxes online; visit www.IRS.gov/Filing and the IRS Taxpayer Guide to Identity Theft at www.irs.gov/uac/taxpayer-guide-to-identity-theft to learn more. To report suspicious online or email phishing scams, please email phishing@irs.gov. To report phishing scams by phone, call 1-800-366-4484. If you have been a victim of identity theft in general, report such incidents to the Federal Trade Commission at www.IdentityTheft.gov.

For more tips on staying safe online, please visit the Department's Stop.Think.Connect. Campaign at www.dhs.gov/stopthinkconnect.

Strengthening Cybersecurity for Small Business

March 1, 2017

Strong small and medium-sized businesses are a critical component of our nation’s economy. Due to the sensitive consumer data small businesses house – including personal and financial account information – they have become a prime target for cyber attacks. Cybercriminals recognize that small businesses hold very valuable consumer data and often lack the resources to put in place strong cybersecurity practices, leaving them more vulnerable to attacks. For small businesses, cyber resources could mean financial resources to dedicate to cybersecurity, cybersecurity professionals capable of protecting and recovering from cyber attacks, or the necessary cybersecurity software or technology needed to protect against attacks. Lacking in any or all of these cyber resources can leave a small business very susceptible to a cyber breach.

From the start, it is imperative for small business to make cybersecurity a top priority. Not only are small and medium-sized companies at high risk of a cyber attack, but when they experience a breach, the fallout can be devastating.

It is critical for businesses to take steps to defend against a cyber attack and prepare for how to keep operations running in the event that a cyber breach does occur. Cybercriminals take advantage of the uninformed and complacent, so DHS encourages you to be proactive in strengthening your company’s cybersecurity. These measures include:

1. Installing security software. Make sure all of your organization’s computers are equipped with antivirus software and antispyware. Update the software regularly.
2. Securing your Internet. Secure your Internet connection by using a firewall, encrypt information, and password protect or hide your Wi- Fi network.
3. Having a plan. Establish security practices and policies to protect sensitive information.
4. Educating employees. Take time to educate your employees about cyber threats and how to protect against them. Hold employees accountable to the Internet security policies.
5. Using strong passwords. Require employees to use strong passwords and to change them often. Lock Down Your Login by enabling two-factor authentication on all business and personal accounts, when available.

Resources Available to Small and Medium-Sized Businesses

The government and private sector both provide various tools and resources for small and medium business owners to improve their cybersecurity. Here is a list of resources that are available to you at no cost:

For more information about cybersecurity for businesses, please visit the Stop.Think.Connect. Toolkit at www.dhs.gov/stopthinkconnect-toolkit.

A Parent’s Guide to Protecting Children Online

February 7, 2017

Parents today are confronted with an entirely new set of safety concerns for their children – online threats. Children are exposed to the Internet at a very young age. Some tablets are designed specifically for kids as young as two years old and some children in elementary school have their own smartphones. Almost from infancy, the Internet touches their lives on a daily basis.

Just as parents teach their children to look both ways before crossing the street or not talk to strangers, it is critical that parents teach their children safe online habits. As a parent, you cannot eliminate online threats – like cyberbullying, online predators, or inappropriate content – but you can teach your children how to respond when they come across these things online.

February 7 is Safer Internet Day, an international effort to raise awareness for online safety to ultimately build a better Internet for the younger generation. ConnectSafely, a non-profit partner of the Department of Homeland Security’s (DHS) Stop.Think.Connect. cybersecurity awareness campaign, leads the promotion of Safer Internet Day in the United States. In recognition of Safer Internet Day, DHS encourages all parents to follow these common sense steps to protect your children online.

  • Create an open and honest environment with kids.
  • Have regular conversations with kids about practicing online safety.
  • Emphasize the concept of credibility to teens: not everything they see on the Internet is true and people on the Internet may not be who they appear to be.
  • Watch for changes in behavior — if your child suddenly avoids the computer, it may be a sign they are being bullied online.
  • Review security settings and privacy policies for the websites kids frequent. These settings are frequently updated so check back regularly.
  • Make sure mobile devices are secure. Use PINs and passwords, only install apps from trusted sources, and understand the privacy settings and permissions for all apps.

For more information about protecting children online, please visit the Stop.Think.Connect. “Chatting with Kids about Being Online” Booklet. For additional resources, access the Stop.Think.Connect. Toolkit at www.dhs.gov/stopthinkconnect-toolkit.

Data Privacy Day 2017: Respecting Privacy, Safeguarding Data, and Enabling Trust

January 23, 2017

Data privacy concerns are a real and rising issue for American citizens and businesses. According to a survey from the National Cyber Security Alliance, 92 percent of Internet users in the United States are worried about online privacy. Even more telling, 68 percent are more worried about not knowing how their personal information is collected online than they are worried about losing income. Technology is rapidly advancing, creating extraordinary benefits and opportunities, but also creating new risks. Americans are routinely sharing more sensitive information online than ever before including banking information, personal health behaviors and habits, and physical location data. Unfortunately, companies are also routinely experiencing data breaches, which can potentially expose the sensitive personal information consumers readily share. Just as quickly as technology advances, companies and consumers must evaluate and evolve their data privacy habits.


January 28 marks the tenth annual Data Privacy Day, an international effort to raise awareness about the importance of data privacy practices. The Department of Homeland Security encourages all Americans to weigh the benefits and risks of sharing information online, to understand how their information is being used, and to take steps to protect their identities and personal data.


In an increasingly digital age, protecting your privacy online can seem overwhelming. In reality, there are simple steps you can take to protect yourself and your information online:

  • Own your online presence. Think carefully about what you post online. Everything you put on the Internet – photos, tweets, and blogs – will be out there for people to see forever. Take ownership of your digital life by making sure that only what you want to be seen is posted.
  • Lock down your login. Always enable strong authentication for an extra layer of security beyond the password. Strong authentication is available on most major email, social media and financial accounts (e.g., multi-factor authentication that can use a one-time code texted to a mobile device). This protection helps verify that a user has authorized access to an online account. For more information about authentication, visit the Lock Down Your Login Campaign at www.lockdownyourlogin.com.
  • Secure your devices. Take advantage of lock screens, passwords, and fingerprint capabilities to secure your smartphones, tablets, and computers.

For more information and resources about Data Privacy Day and how to protect your personal information online, please visit www.dhs.gov/stopthinkconnect and www.staysafeonline.org/data-privacy-day.

Your Digital Life: Beware of What You Share

January 18, 2017


With just the click of a mouse, there is a wealth of personal information about you available online for all to see. In today’s digital world, we are sharing more information about ourselves online than ever before. Oftentimes, we provide personal information online without thinking twice about the potential consequences or risks making sensitive information available can present. Although advances in technology have brought about many benefits and opportunities, there is no doubt that they have also been beneficial to those who wish to do harm.

This January marks National Stalking Awareness Month, a national effort to raise awareness about the dangers of stalking. As we lead more digital lives – crimes that once only happened in-person – now occur partially or fully online. Stalking is one example of this in addition to online fraud, identity theft, and more.

Stalking is a pattern of repeated and unwanted attention, harassment, contact, or any other course of conduct targeted at a specific individual that results in them feeling reasonably afraid. Cyberstalking (or online stalking) follows a similar pattern, only perpetrators use technology to harass their victims. Because cyber stalkers can use personal information they find about you online to carry out their crimes, limiting the amount of information you share about yourself online is key to protecting yourself from this.

While there will always be some amount of information about you online, you do have the power to control your digital footprint. The Department of Homeland Security encourages all citizens to follow these steps when sharing personal information online:

  • Review your privacy settings. Take advantage of privacy settings offered by most social media platforms and apps that allow users to control who can see their content or personal information. Take time to review your settings and place strict limits on who can see your content.
  • Own your online presence. Think carefully about what you post online. Everything you put on the Internet – photos, tweets, and blogs – will be out there for people to see forever. Take ownership of your digital life by making sure that only what you want to be seen is posted.
  • Secure your devices. Take advantage of lock screens, passwords, and fingerprint capabilities to secure your smartphones, tablets, and computers. It only takes a minute for a criminal to steal your device, and therefore all of your sensitive information.

For more information and resources about National Stalking Awareness Month and how to protect yourself online, please visit www.stalkingawarenessmonth.org and www.dhs.gov/stopthinkconnect.

A Digital Resolution We Can All Make and Keep

December 27, 2016

As Americans prepare to ring in 2017, many will plan to make a resolution for the New Year. Many of these resolutions will include losing weight, saving money, or to spend more time with family. Given our increasingly digital lives, this year the Department of Homeland Security encourages you to make a resolution to better protect yourself online.

Our digital devices provide an extraordinary amount of convenience, allowing us to bank, shop, and connect with loved ones. However, these online activities also require us to share an unprecedented amount of sensitive information across the Internet which can put you at risk. Incorporating good online habits into your daily routine can go a long way in protecting yourself online.

We all know that New Year’s resolutions can be challenging to keep, but that is not the case for this digital resolution to protect yourself online. The Stop.Think.Connect.™ Campaign has three simple but impactful tips that you can make to ensure you are protecting yourself online in the New Year:

  • Resolve to lock down your login. Always enable strong authentication on your sensitive online accounts. A strong authentication provides an extra layer of security beyond the password that is available on most major email, social media, and financial accounts. Strong authentication (e.g., multi-factor authentication that can use a one-time code texted to a mobile device) helps verify that a user has authorized access to an online account.
  • Resolve to stay away from public Wi-Fi. Avoid online shopping, banking, and sensitive work that requires you to share passwords or credit card information while using public Wi-Fi. Most public Wi-Fi networks are not secure and do not encrypt the information you send over the Internet, leaving it vulnerable to online criminals.
  • Resolve to set strict privacy settings. Most social media platforms and apps offer privacy settings that allow users to control who can see their content or personal information. Take time to review your settings and limit who can see your content.

For more tips and information on how to stay safe online, please visit www.dhs.gov/stopthinkconnect. For more information about strong authentication, please visit the Lock Down Your Login Campaign at www.lockdownyourlogin.com.

Our Critical Infrastructure Runs on Cyber

October 31, 2016

We depend on critical infrastructure every day. Our ability to travel, to communicate with friends and family, to conduct business, to handle our finances, and even our ability to access clean, safe food and water are all reliant upon our Nation’s critical infrastructure networks and systems.

These essential services that underlie daily life in American society are increasingly being run on digital networks. Every day, people connect to the national grid without even realizing it from their smart phones, computers, and tablets. As a result, these critical systems are prime targets for cyber attacks from those seeking to cause our country harm. Seventy percent of companies responsible for the world’s power, water, and other critical functions reported at least one security breach, throughout a 12-month period, that led to disruption of service or loss of confidential information, according to the Ponemon Institute in 2014. Resilience of essential systems and assets, from power grids to banking systems, is vital to our national security, economy as well as our public health and safety.

As the Department of Homeland Security transitions from October’s National Cyber Security Awareness Month (NCSAM) into November’s Critical Infrastructure Security and Resilience Month (CISR), we focus on the critical mission of defending our Nation’s critical infrastructure from cyber threats. Each November, DHS highlights the efforts between federal, state, local, territorial, and tribal governments and private sector partners to protect and secure the infrastructure Americans rely on every day to communicate, power, transport, and otherwise support our way of life.

Every day, DHS works with critical infrastructure owners and operators to better secure our systems from cyber threats. The Department’s C3 Voluntary Program supports industry in increasing cyber resilience, promotes awareness and use of the Cybersecurity Framework, and encourages organizations to manage cybersecurity as part of an all hazards approach to enterprise risk management. For more information, please visit https://www.us-cert.gov/ccubedvp.

Just as we all rely on critical infrastructure, we all play a role in keeping it strong, secure, and resilient. We can do our part at home, at work, and in our community by being vigilant, incorporating basic cyber safety practices into our daily routines, and making sure that if we see something, we say something by reporting suspicious activities to local law enforcement. The Stop.Think.Connect.™ encourages all Americans to take the following steps to play their part in securing our critical infrastructure.

  • Keep a clean machine. Having the latest security software, web browser, and operating system are the best defenses against online threats. Keeping the software on your device up-to-date will prevent attackers from being able to take advantage of known vulnerabilities.
  • Turn on stronger authentication. Stronger authentication requires that you use your password in conjunction with an additional piece of information (commonly a one-time PIN sent to your mobile device). Even if cybercriminals have your password, they won’t be able to access the account without the second component if stronger authentication has been used. Visit www.LockDownYourLogin.com for more information on stronger authentication.
  • When in doubt, throw it out. Links in email, tweets, posts, and online advertising are often the way cybercriminals compromise your computer. If it looks suspicious, even if you know the source, it’s best to delete or if appropriate, mark as junk email.

Consumers play an important role in helping to secure critical infrastructure by practicing good cyber hygiene themselves and by becoming well-informed about whether the companies and organizations they do business with adhere to high cybersecurity standards. For instance, individuals should read the privacy policy of a company or vendor before purchasing a product or service from them. Also, when individuals or companies look to set up a domain name, they should take advantage of free DNS security features that are offered by domain name registration companies.

Recognizing and Combating Cybercrime

October 17, 2016

Starting from a young age, our teachers and parents teach us about crime. We learn to lock the doors at night, to say no to drugs, and to avoid talking to strangers. As we get older, we take safety measures to protect our money, our valuables, and our physical safety. However, when it comes to our online lives, many of us frequently put these same things at risk. This October marks National Cyber Security Awareness Month 2016, an opportunity to focus our attention on the importance of protecting ourselves online.

Recognizing and combating cybercrime presents a unique challenge. In a world filled with technical jargon and complicated concepts, the average person may feel overwhelmed with the idea of protecting themselves from cybercrime. However, there are quick, easy steps everyone can take – no matter their level of technical expertise – to protect themselves online. The first step in protecting yourself against cybercrime is knowing how to recognize it. Below are two common types of cybercrime and how to spot them:

  • Phishing attacks. Cybercriminals use legitimate-looking emails that encourage people to click on a link or open an attachment. The email they send can look like it is from an authentic financial institution, e-commerce site, government agency, or any other service or business. The email may also request personal information like account numbers, passwords, or Social Security numbers. Once you click on the link or open the attachment, the cybercriminal has access to your personal information, including your Social Security number, bank account information, and credit card number.
  • Identity Theft. The illegal use of someone else's personal information in order to obtain money or credit. As we all move towards online banking and shopping, we share a startling amount of personal information online. Cybercriminals are constantly looking to steal this information online. How will you know if you’ve been a victim of identity theft? You might get bills for products or services you did not purchase. Your bank account might have withdrawals you didn’t expect. You may see unauthorized charges on your credit cards. You may be unexpectedly denied for a credit application (when you believe you should qualify).

Protecting yourself from cybercrime may seem like a daunting task, but in reality it’s not. The Department of Homeland Security’s (DHS) “Identity Theft and Internet Scams Tip Card” and “Phishing Tip Card” provides easy steps you can take to protect yourself online. You can find these tip cards, along with other online safety resources, in the Stop.Think.Connect.TM Campaign’s Toolkit at www.dhs.gov/StopThinkConnect-Toolkit.

All individuals have a responsibility to protect against cybercrime, but no one can do it alone. DHS is committed to building partnerships and providing the right resources needed to fight against cybercrime through the following components.

  • The Immigration and Customs Enforcement (ICE) Homeland Security Investigations (HSI), Cyber Crimes Center (C3) provides technical services and training to help federal, state, and local law enforcement agencies across the country, and international partners, in their cyber and technical investigations. The C3 includes the Cyber Crimes Unit, the Computer Forensics Unit, and the Child Exploitations Investigations Unit.
  • The United States Secret Service (USSS) Electronic Crimes Task Force (ECTF) works to identify and locate international cyber criminals, and leverages partnerships with academia and the private sector to prevent, detect, and investigate electronic crimes, including potential terrorist attacks against critical infrastructure and financial payment systems.
  • The Transportation Security Administration (TSA) Office of Security Policy and Industry Engagement (OSPIE) Surface Division, in partnership with both their public and private sector stakeholders, manages cybersecurity risk through maintaining and enhancing continuous awareness and promoting voluntary, collaborative, and sustainable community action to critical infrastructure operations within the Nation’s surface transportation systems.
  • The United States Coast Guard (USCG) works with private sector and government partners to address cyber risk and improve cybersecurity resiliency for the Nation’s ports, terminals, ships, refineries and their supporting systems.
  • The Federal Emergency Management Agency (FEMA) National Continuity Programs (NCP) works to ensure that the federal government can continue to operate during a wide range of potential threats and emergencies, including cyber events. FEMA and the DHS Office of Cybersecurity and Communications (CS&C) facilitate the Resilient Accord Workshop, an inter-organizational cyber security workshop designed to increase awareness and execution of continuity of operations during and after a cyber incident.

Cybersecurity from the Break Room to the Board Room

October 10, 2016

If a cybercriminal tried to penetrate your office network, would you be able to recognize the hack?

As companies move more of their business operations online, cybercriminals are following them and looking to take advantage of unsuspecting employees to gain access to valuable company information.

Often, the weakest link in network cybersecurity is the human using a computer for work.

You have a very important role to play in cybersecurity. As seen in our “Months to Milliseconds” video, the responsibility for cybersecurity does not fall solely on the IT department. Everyone – from the entry-level employee to the CEO – has a responsibility to implement basic best practices.

As part of National Cyber Security Awareness Month 2016, we are focused on promoting a culture of cybersecurity at work. The first step: Educate and raise awareness for all employees. Here are simple actions you can take to protect information at home, on the go and at work:

  • Make your passwords complex. Create long, complex passwords that adhere to company/agency policy and that include a combination of upper and lowercase letters, numbers, and symbols.
  • Beware of phishing emails. Do not open emails, links, or attachments from strangers. Phishing attacks use email or malicious websites to infect your machine with malware in order to collect personal and financial information.
  • Report all suspicious activity. If you notice something seems off or unusual with your computer, report it immediately to your IT department.

DHS has a number of resources to help businesses and organizations improve their cybersecurity. The C3 Voluntary Program supports industry in increasing cyber resilience, promotes awareness and use of the Cybersecurity Framework, and encourages organizations to manage cybersecurity as part of an all hazards approach. The Enhanced Cybersecurity Services (ECS) provides an intrusion prevention capability that helps U.S.-based companies protect their computer systems against unauthorized access, exploitation, and data exfiltration. Our Automated Indicator Sharing (AIS) is a free capability that enables the exchange of cyber threat indicators between the federal government and the private sector at machine speed.

Cybercriminals often prey on human error – such as employees clicking on a link in a phishing email or using a weak password – to gain access to an organization’s computer networks and information. I encourage you to take advantage of our tools and tips and help promote a culture of cybersecurity in your workplace.

Everyday Steps Towards Online Safety with Stop.Think.Connect.™

October 5, 2016

October is National Cyber Security Awareness Month, which provides an opportunity to have a national conversation about the growing importance of cybersecurity and staying safe online.

There is no doubt that we are all leading increasingly digital lives. Almost everything we do now touches the Internet – from shopping and banking online, to connecting with friends and loved ones, to finding our way around a new town or city. However, there may be uncertainty among many Americans over how to best protect themselves online. Advances in technology have dramatically changed the way Americans lead their lives for the better but also pose a new set of security risks. Identity theft, phishing attempts, and cyberbullying are just a few examples of cyber incidents we now face. It is critical that all individuals make choices every day to be safer online.

Protecting yourself online may seem like a daunting task, but in reality it is not. There are simple, every day steps you can take to secure your online life. You don’t have to be a computer expert to take measures to stay safe online.

The Department of Homeland Security encourages you to follow these three simple steps below.

  • Enable stronger authentication. Always enable stronger authentication for an extra layer of security beyond the password that is available on most major email, social media and financial accounts. Stronger authentication (e.g., multi-factor authentication that can use a one-time code texted to a mobile device) helps verify that a user has authorized access to an online account. For more information about authentication, visit the new Lock Down Your Login Campaign at https://www.lockdownyourlogin.com.
  • Keep a clean machine. Install updates for apps and update the security software on all of your Internet-connected devices as soon as updates are available. Keeping the software up to date will prevent cybercriminals from being able to take advantage of known vulnerabilities.
  • Use long and strong passwords. Create strong passwords with eight or more characters and a combination of upper and lowercase letters, numbers, and symbols.

Join us in recognizing National Cyber Security Awareness Month throughout the month of October. Please visit www.dhs.gov/national-cyber-security-awareness-month or www.dhs.gov/StopThinkConnect for more information.

Get Ready for National Cyber Security Awareness Month

September 27, 2016

October is National Cyber Security Awareness Month (NCSAM). Now just days away, NCSAM is a good opportunity to recognize how much our daily lives depend upon the Internet and spread the word about steps we can all take to be safer online.

We all have a responsibility to be safe online. You don’t have to be in IT or be a technical expert to help create a safer and more secure Internet. By taking simple steps when you are online, like enabling a stronger authentication on your sensitive online accounts, being thoughtful about what emails you open and links you click, and setting strong passwords, you can play your role in creating a safer and more secure Internet.

Thousands of people will participate in this year’s NCSAM events and efforts. October may be just around the corner, but there is still plenty of time for you to get involved as well. Here are three ways you can get involved in NCSAM today:

  1. Spread the #CyberAware message on social media.
    • Use the NCSAM 2016 hashtag #CyberAware in your social media messages before and during the month. Start by sharing this sample post on Twitter: “October is National #CyberAware Month! Find out how to get involved at www.dhs.gov/national-cyber-security-awareness-month
  2. Organize a #CyberAware event.
    • Raise awareness for cyber within your company or community by hosting a cyber event during October. Download and print cyber materials from the Stop.Think.Connect.™ Toolkit (including prepared presentations and tip cards) to start an online safety discussion.
  3. Join the Campaign.

To learn more about NCSAM and the Stop.Think.Connect. Campaign, please visit www.dhs.gov/StopThinkConnect and www.dhs.gov/National-Cyber-Security-Awareness-Month.

A Cyber Checklist for College Students

August 22, 2016

Encouragement to study hard, get good grades, and look to the future. Warnings against drugs and alcohol. Lessons on how to do laundry. These are the conversations college students are having with their parents before returning to school. But discussions about safe online behavior may not be as common. College students are leading more digital lives than ever before. Their mobile devices are never far from their hands, and there seems to be an app to help them with anything and everything. Students use the Internet for almost everything they do – from ordering food to their dorm, finding their next roommate, tracking their health and fitness routines, calling a taxicab to pick them up, and even to help them find their next date or social activity. Today’s students are constantly connected to the online world.

As they return to campus for the new school year, it’s important to remember to take steps to be cyber secure. Cybersecurity may not be something that is on the traditional “back-to-school checklist,” but given the digital lifestyle of today’s students, it needs to be. Increasingly digital lives bring many benefits, but also pose an entirely new set of risks. Students and all Americans can stay safe online by following the tips in the cyber checklist below. The Department of Homeland Security’s Stop.Think.Connect.™ Campaign encourages you to share this checklist with your family and friends.

Stop.Think.Connect. Campaign’s Back-to-School Cyber Checklist

  • Secure your devices and accounts.
    • Enable multi-factor authentication on all sensitive accounts, such as ones that hold financial or health information. Multi-factor authentication (e.g. a one-time code texted to a mobile device) helps verify a user has authorized access to an online account, providing an added layer of security beyond the password.
    • To prevent theft and unauthorized access or loss of your mobile devices, never leave them unattended in a public place, like a classroom or cafeteria.
    • Always update the security software on your mobile devices. Keeping the software on your devices up to date will prevent attackers from taking advantage of known vulnerabilities.
  • Protect yourself against online scams.
    • Links in email, tweets, and online posts are often the way cybercriminals compromise your computer. If it looks suspicious, even if you know the source, it’s best to delete it.
    • Be wary of emails or texts that offer something that sounds too good to be true, implores you to act immediately, or asks for personal information. As newly independent young adults, students are prime targets for cybercriminals who are looking to take advantage of their inexperience and desire to support themselves financially.
    • Guard your personal information carefully from cyber criminals. Keep Social Security numbers, account numbers, and passwords private, as well as specific information about yourself, such as your full name, class schedules/locations, campus address, and birthday.
  • Preventing and responding to cyberbullying.
    • With this increased connectivity, bullying or harassment that previously only occurred in-person now occurs online. Though the conversation about cyberbullying typically surrounds younger students, it can happen to anyone, at any age.
    • If you do experience cyberbullying, it is best to not respond to the bully. Instead, tell a trusted adult, and block them on social media.
    • Limit the amount of personal information you post online, and use privacy settings to avoid sharing information widely.

For more information and tips for staying safe year-round, please visit DHS.gov/StopThinkConnect.

Beware of Olympic Cyber Scams

July 25, 2016

As the 2016 Summer Olympic Games quickly approach, athletes across the globe are preparing to compete and hopefully bring a medal back to their home country.

However, athletes aren’t the only ones gearing up for the Olympics – cybercriminals are busy looking to exploit excitement around the Olympics to take advantage of unsuspecting consumers and steal their money and personal information.

These ‘cyber pickpockets’ will use a variety of tactics to try and trick people into handing their money over online, making it critical to stay extremely vigilant. Hackers and identity thieves have been known to exploit high profile events like the Olympics through use of phishing emails and websites to target people looking to purchase tickets, merchandise, or stream video online. The Better Business Bureau found that during the 2014 Winter Olympics in Sochi, a search on eBay for “Sochi 2014” found 5,693 results, some of which were fraudulent, even including a fake “Olympic Torch Sochi 2014” for $7,000.

The Stop.Think.Connect.™ Campaign encourages you to be on the lookout for the following common scams during the Olympics season and throughout the year:

  • Phishing emails: Scammers use emails to collect personal and financial information or infect your machine with malware and viruses. Cybercriminals use legitimate-looking emails that encourage people to click on a link or open an attachment. The email they send can look like it is from an authentic, Olympics-related organization or legitimate retailer.
    • How to protect yourself: When in doubt, throw it out. Links in email and online posts are often the way cybercriminals compromise your computer. If it looks suspicious – even if you know the source – it’s best to delete or, if appropriate, mark it as “junk email.” Contact the company directly (via phone) to check the email’s legitimacy.
  • Counterfeit merchandise: Regardless of if you are physically at the Olympic Games in Rio de Janeiro or not, scammers will try to take advantage and sell you fake merchandise and tickets online.
    • How to protect yourself: Shop only at reputable online retailers, ideally only the official Olympics website. Look for the padlock symbol or for URLs that start with “https” or “shttp.” For auction websites, be sure to check the sellers’ reviews. Also, be sure to always pay for online purchases with a credit card, which offers greater protection than a debit card.
  • “You’ve Won” scams: If you unexpectedly receive an email telling you that you have won a prize, lottery, or sweepstakes (for example, free tickets to the Olympics games), it may be an online scam. Though the person seems excited for you to collect your winnings, if they then tell you there is a fee or tax to claim the prize and request your credit card or bank account information, it’s likely a trick.
    • How to protect yourself: Think before you act. Be wary of communications that implore you to act immediately, offer something that sounds too good to be true, or ask for personal information.

To report suspected phishing attempts, consumers have three resources to use. Consumers can visit the Anti-Phishing Working Group (APWG) at www.apwg.org. In addition, the United States Computer Emergency Readiness Team (US-CERT) also collects phishing email messages and website locations to help people avoid becoming victims of phishing scams. To report suspected phishing attempts to DHS, visit www.us-cert.gov/report-phishing. Finally, consumers can visit the National Cyber Security Alliance’s Spam and Phishing page for more information on how to protect yourself against these attacks.

For more information and tips for staying safe year-round, please visit DHS.gov/StopThinkConnect.

The Real Cost of Free Wi-Fi

June 17, 2016

As warmer weather approaches, millions of Americans will be traveling on summer getaways. Regardless of where you are heading on your vacation, chances are that you will pack connected mobile devices like smartphones and tablets. Once on vacation, most travelers will connect to Wi-Fi to find local hotspots, navigate new cities and countries, and share photos of their trips with family and friends back home.

Public Wi-Fi networks can now be found almost everywhere and make it easy for anyone to connect to the Internet no matter where they are. These networks can be very convenient and offer many benefits for travelers, however, they do come with risks. Many public Wi-Fi networks are not secure, exposing you to online risks and presenting an opportunity for attackers to steal sensitive information.

The Stop.Think.Connect. Campaign recommends following these simple tips, when you are using public Wi-Fi networks:

  • Think before you connect. Before you connect to any public wireless hotspot – like on an airplane or in an airport, hotel, or café – be sure to confirm the name of the network and login procedures with appropriate staff to ensure that the network is legitimate. Cyber criminals can easily create a similarly-named network hoping that users will overlook which network is the legitimate one. Additionally, most hotspots are not secure and do not encrypt the information you send over the Internet, leaving it vulnerable to online criminals.
  • Avoid conducting sensitive activities. Avoid online shopping, banking, and sensitive work that requires passwords or credit card information while using public Wi-Fi. In addition, enable two-factor authentication on all sensitive accounts to add a second layer of security beyond just the password.
  • Use your mobile network connection. Your own mobile network connection, also known as your wireless hotspot, is generally more secure than using a public wireless network. Use this feature if you have it included in your mobile plan.
  • Keep software up to date. Install updates for apps and your device’s operating system as soon as they are available. Updates include patches and other fixes to strengthen the security of the apps and devices you own. Keeping the software on your mobile device up to date will prevent criminals from being able to take advantage of known vulnerabilities.

For more tips on how to stay safe while on the go, visit the Stop.Think.Connect. Toolkit to find resources including the Cybersecurity While Traveling Tip Card and the Mobile Security Tip Card.

Three Ways to Celebrate Internet Safety Month

June 10, 2016

June is Internet Safety Month. As we all know, kids are spending more and more time online as well as on their mobile devices. Children have been able to embrace technology in numerous ways, from being able to more effectively complete homework assignments to playing games online with friends. Though this increased connectivity has improved our lives in many ways, it also brings increased risks. For children and teenagers these risks include cyberbullying, online predators, and other online threats. Just like we teach our children not to talk to strangers and to look both ways before crossing the streets, it is critical we teach them about online safety and how to behave properly online.

The Stop.Think.Connect.™ Campaign, the Department of Homeland Security’s national cybersecurity awareness campaign, encourages parents to talk with their children and those in their community about the importance of online safety. Here are three ways to celebrate Internet Safety Month with your family and community:

  • Initiate the conversation. Kids look to their parents to guide them. Start conversations with your children early and regularly about practicing online safety. Find materials to help you start the discussion with your kids or students in the Stop.Think.Connect. Toolkit.
  • Create an open and honest environment. Be supportive and positive when talking to children about online safety. Create an environment with kids where they can feel comfortable coming to you, or a trusted adult, if they see something online that makes them feel uncomfortable.
  • Get your school involved. Reach out to your children’s school to see if they incorporate online safety into their curriculum. Encourage them to host an Internet Safety Month event, using ready-made resources from the Stop.Think.Connect. Toolkit.

As we all spend more and more time connected to the Internet, it is important to think about how practicing safer online habits is a year-round effort, not something to work on solely in June. Please visit the Stop.Think.Connect. Campaign at dhs.gov/stopthinkconnect for more online safety resources, tips, and information on how to get involved with the Campaign.

Owning Your Online Presence: Online Tips for Recent Graduates

May 12, 2016

In the coming weeks, millions of students across the country prepare to wrap up their studies and walk across the graduation stage. After investing a tremendous amount of time, money, and hard work in their education, most college graduates are now focused on finding a good job and starting their career.

Technology has transformed the way Americans do business, including the job search process. In the past, hard copy resumes and in-person interviews primarily drove the decision making process. In today’s world, graduates can apply for jobs online or even on their mobile device, have interviews with potential employers via video conference, and even connect with their dream company on social media websites. Recent graduates are likely accustomed to using the Internet in their everyday life, but the risks that come with that use could greatly impact their career. Making smart online decisions now can help you personally and professionally throughout your life.

Managing your online presence and owning your digital identity are key. It’s important to determine how you will portray yourself—your personal brand—online as you look for a new job or as you grow in your current one. The Department of Homeland Security’s (DHS) Stop.Think.Connect.™ Campaign offers suggestions for enhancing your online presence and avoiding potential embarrassing mistakes and security pitfalls to ensure you can have a smarter, safer online experience.

  • Manage your Online Brand. Have you checked yourself out recently online? Performing a quick search of yourself online is important to see what is being posted about you by others on the Internet. Consider setting up email alerts for searches on different variations of your name with your school(s), place(s) of employment, and other distinguishing details. For your social media accounts, regularly scan to see what pictures and content others are posting about you. Make sure to untag yourself from any questionable photos, even if it’s from college or high school, or hide them from your profile, if possible.
  • Set Up Privacy Restrictions. Your online social media network has likely expanded to include managers and colleagues who, depending on your privacy settings, may have access to your photos, comments, check-ins, and status updates. Take the time to set up the appropriate settings for the various members of your network—keep your personal and professional worlds separate by customizing what your best friends see versus what your work and peripheral friends see.
  • Think Twice Before Posting. Your former and future employers are likely on the web to find out more about you. What you say and do is visible to others, and cannot be permanently deleted. With newer digital applications, even your music preferences are visible to others. Make smart choices and think about how those online decisions might influence others’ opinions of you.

It’s important to note that these lessons apply to people of all ages – even high school students who may be applying to college, joining the military, or seeking a job. College admissions officers are likely checking an applicant’s social media accounts, making it even more important to start managing and improving your online reputation.

If you are a parent, you have an important role in protecting your child’s online reputation. Talk with your kids about the importance of thinking about what they post online. You can start the conversation by sharing this blog post with them.

Visit the Stop.Think.Connect. Campaign to find resources for how to manage your online identity and stay safe online at www.dhs.gov/stopthinkconnect.

Protect Yourself from Online Fraud this Tax Season

April 19, 2016

Tax season is prime time for cyber crime. As millions of Americans file their taxes online, cyber criminals may look to steal your personal information and cash in on your tax refund. The Internal Revenue Service (IRS) is warning Americans that they have already seen a 400% surge in tax-related phishing and malware incidents this season.

Unfortunately, filing a fraudulent tax return online is easier than you might think. Cyber criminals only need a name, date of birth, and a Social Security number. Online thieves will find creative ways to steal this information from you and find ways to break into your devices or accounts to steal your online life, including phishing scams.

This entry was originally posted on the Blog @ DHS. Read the rest of the April 19, 2016 blog.

Avoiding Online Fraud Takes More than Luck

March 15, 2016

Online fraud, and specifically “phishing,” is a growing problem for Americans and American businesses. Every day, over 80,000 people fall victim to phishing attacks. Phishing attacks use email or malicious websites to infect your machine with malware and viruses in order to collect personal and financial information. Cyber criminals use this stolen information to steal your identity, money, and personal information. Preventing yourself and your company from phishing attacks takes more than just luck. By having an understanding of a few security basics and ongoing vigilance, you can be aware of and defend yourself against these attacks.

Phishing occurs when criminals use a seemingly legitimate email to trick users into providing their sensitive personal information such as social security numbers, passwords, or credit card numbers. When users respond with the information, attackers use it to access their accounts. Cyber criminals may also attempt to lure users to click on a link or open an attachment that infects their computer with viruses or malware, creating vulnerability to attacks. Once the malware is installed, phishers can access your information to hack into your private accounts.

OnGuardOnline.gov, a partner of the Stop.Think.Connect.™ Campaign, has provided the following examples of what verbiage a phishing email may include so you can be better prepared to identify these scam emails:

  • "We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity."
  • "During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information."
  • “Our records indicate that your account was overcharged. You must send us your account information within 7 days to receive your refund.”

Delete email and text messages that ask you to confirm or provide personal information (credit card and bank account numbers, Social Security numbers, passwords, etc.). Legitimate companies don't ask for this information via email or text. Also look for poorly-worded emails. If an email “sounds” off when you read it, this could be a sign that it was not written by a legitimate source. You can also call the company’s customer service number and verify that this email is truly from them.

The Stop.Think.Connect. Campaign encourages all Americans to take the following steps to protect yourself against online scams:

  • When in doubt, throw it out: Links in email and online posts are often the way cyber criminals compromise your computer. If it looks suspicious – even if you know the source – it’s best to delete or, if appropriate, mark it as ‘junk email.’
  • Be wary of email attachments: Be cautious of email attachments from unknown sources. Many viruses can fake sender addresses, so even if a message looks like it’s from someone you know, think twice about opening any attachments – as they may be infected with malware.
  • Install and update anti-virus software: Make sure all of your computers are equipped with antivirus software, firewalls, email filters, and anti-spyware. Last year, 99.9% of data breaches reported by Verizon were a result of hackers exploiting bugs on user’s devices that had fixable patches, but just hadn’t been installed yet.
  • Think before you act: Be wary of communications that implore you to act immediately, offers something that sounds too good to be true, or asks for personal information.

How to Report Phishing Attempts

To report suspected phishing attempts, visit the Anti-Phishing Working Group (APWG) at www.apwg.org. The United States Computer Emergency Readiness Team (US-CERT) collects phishing email messages and website locations to help people avoid becoming victims of phishing scams. To report suspected phishing attempts, visit www.us-cert.gov/report-phishing.

Visit the National Cyber Security Alliance’s Spam and Phishing page for more information on how to protect yourself against these attacks.

Take Part in Safer Internet Day 2016

February 9, 2016

Today is Safer Internet Day 2016 – a worldwide effort to make the Internet a safer and better place for all. ConnectSafely.org, a DHS Stop.Think.Connect. Campaign partner, leads the Safer Internet Day effort to spread the word and engage a broad community in the day’s activities.

In our inter-connected world where we can be online anytime from almost anywhere, Americans are spending more and more time connected to the Internet. As our lives become increasingly networked, the safety and security of the Internet becomes even more important. This year’s Safer Internet Day theme – “Play your part for a better Internet” – reminds us that we all have a role to play in making the Internet safer and more secure.

"I encourage you to visit the official Safer Internet Day website for information on how to get involved, from becoming a partner to participating in events." Andy Ozment, Assistant Secretary, Office of Cybersecurity and Communications

The Stop.Think.Connect. Campaign encourages you to use Safer Internet Day as an opportunity to take stock of your personal cybersecurity habits and prioritize online safety. You don’t need to be a computer expert to protect yourself online. Start with these simple tips while using the Internet at home or on the go:

  • Set strong passwords. Use complex passwords with a combination of numbers, symbols, and letters (upper and lower case) = and use a different password for each account.
  • Be wary of public Wi-Fi. Although convenient, most public Wi-Fi networks are not secure. Don’t conduct any sensitive activities, such as online banking or shopping, while connected to public Wi-Fi.
  • Keep software updated. Running the most recent versions of your mobile operating system, security software, apps and Web browsers is among the best defenses against online threats.

To learn more about how you can participate in Safer Internet Day, please visit saferinternetday.us/get-involved-2016. For more online safety resources, please visit www.dhs.gov/stopthinkconnect.

Data Privacy Day 2016: Value Your Personal Information

February 3, 2016

Data Privacy Day is an international effort held annually on January 28 to create awareness about the importance of privacy and protecting personal information.

In today’s connected world, we’re sharing more personal information online than ever before. And it’s not only when we’re sitting at our computers: we use our mobile devices to shop, bank, conduct business, and connect with loved ones. These activities often require us to provide personal information such as our name, email address, credit card information, and other sensitive details online. But when this information falls into the wrong hands, it can be exploited and used to steal your identity and your money. As sharing personal information online becomes commonplace, it is increasingly critical to take steps to protect your personal data and privacy.

This entry was originally posted on the Blog @ DHS. Read the rest of the February 3, 2016 blog.

Are Toys Putting Your Child at Risk of Identity Theft?

December 18, 2015

This holiday season, many parents will be buying new toys and gadgets for themselves and their children. Whether parents realize it or not, more and more toys are becoming connected to the Internet and storing sensitive data about children online – potentially exposing their information to hackers and other criminals. Beyond smart phones and laptops for older children, even Internet-connected toys for toddlers and young children can carry potential risks. Recent data breaches have put a spotlight on these vulnerabilities, making it increasingly important to understand the technology you and your children are using to avoid having sensitive information stolen.

According to the Federal Trade Commission, child identity theft happens when someone uses a minor’s personal information to commit fraud. A child's personal information, such as their Social Security number or date of birth, can be used by identity thieves to apply for government benefits, open bank and credit card accounts, or apply for a loan. This could ruin a child’s credit before they even turn 18 years old.

Parents already take steps to protect their children from physical harm, such as teaching them to look both ways before crossing a street. Protecting their personal information is just as important. The Stop.Think.Connect. Campaign encourages you to take the following steps to keep your family safe online during the holidays and throughout the year:

  • Keep your child’s personal information private. Avoid sharing their name, address, telephone number, or the name of their school when using the Internet, apps, or any online devices. Remember that there is no “delete” button online: once something is posted about your child on the Internet, it remains online forever. When sharing photos or information about your children, it’s important to think about how the posts might negatively affect them years from now when they’re older.
  • Use parental controls. Take advantage of basic security settings available on the devices or apps your family uses. Limit who you’re sharing information with by reviewing the privacy settings on all accounts. Know the passwords for all of your children’s accounts, especially for social media.
  • Secure your connection. Before you share personal information on the Internet, ensure you have a secure connection. A secure websites has a lock icon in the address bar and a URL that begins with “https.”
  • Keep a clean machine. Just like your smartphone or laptop, keep any device that connects to the Internet free from viruses and malware. Update the software regularly on the device itself as well as the mobile applications you use to control the device.

If you suspect your child is a victim of the identity theft, the Federal Trade Commission has a resource to help.

For more tips on how to keep your family safe online, visit the Stop.Think.Connect. Toolkit to find resources including the Parents Tip Card, the Social Media Guide, and the Chatting with Kids about Being Online Booklet.

Holiday Travel Tips: How to Stay Cyber Safe While On-The-Go

December 15, 2015

Millions of Americans will travel near and far this holiday season to visit family, friends, and loved ones across the country. Many of these travelers will take their smartphones, laptops, tablets, and other smart devices with them. These devices offer a range of conveniences, including the ability to order gifts on-the-go, navigate unfamiliar places, and download boarding passes and other documents to travel in a paperless fashion. However, these added conveniences often come with potential threats and vulnerabilities.

Travel smart with your mobile devices by following these cybersecurity tips from DHS’s national cybersecurity awareness campaign, Stop.Think.Connect.:

  • Secure your devices. Never leave your mobile device unattended in a public place, and lock your device – with a strong passcode or password – when it is not in use.
  • Connect with caution. Although convenient during this busy holiday season, most public Wi-Fi networks are not secure. Do not conduct sensitive activities – like online shopping or banking – on public Wi-Fi. Disable automatic Wi-Fi and Bluetooth connections on your devices.
  • Think before you click. Do not click on links or email attachments unless you know the source. Cyber criminals use holiday shopping and travel scams to gain access to your information or computer systems.
  • Consider what you post. Wait to post pictures from trips and events until you return home. Posting your location also indicates that your house is empty, making it a prime target for break-ins this time of year.

Learn more about mobile security with the Stop.Think.Connect. Campaign’s Cybersecurity While Traveling tip card.

Buyers Beware: Three Steps to Avoid Cyber Monday Scams

November 25, 2015

Too full from turkey to go shopping on Black Friday? Cyber Monday allows shoppers to avoid the crowds and take advantage of great deals online from the convenience of their computer or mobile device. According to the National Retail Federation, nearly half of all holiday shopping will be done online this year. But online shoppers will find more than just big sales and deep discounts: they’ll also see an increase in cybercrime as online criminals try to get a share of the more than $630 billion expected to be spent during the holiday season.

This entry was originally posted on the Blog @ DHS. Read the rest of the November 25, 2016 blog.

Cyber Professionals Wanted: The Need for a Strong Cyber Workforce

October 30, 2015

Cyber attacks are a major threat to the United States’ national security: our networks are facing an unprecedented level of attacks from individual hackers, organized criminals, and nation state actors. To combat this rising threat, our nation needs a strong workforce of cybersecurity professionals to secure and protect our nation’s networks.

Throughout National Cyber Security Awareness Month, the Department of Homeland Security (DHS) is bringing attention to our nation’s critical need for cyber professionals. Government, academia, and industry must all work together on this endeavor, prioritizing recruiting, training, and employing cybersecurity professionals. Below are a few examples of how DHS is working towards this goal:

  • CyberCorps® Scholarship for Service Program: Provides scholarships for college students in cyber-related fields, in exchange for a commitment to for the government in a cybersecurity role.
  • National Initiative for Cybersecurity Careers and Studies (NICCS): A “one stop shop for cybersecurity careers and studies” which includes a training catalog of cybersecurity courses and promotes cyber education.
  • The National Cybersecurity Workforce Framework: Provides a common definition of cybersecurity; a comprehensive list of cybersecurity tasks; an overview of the knowledge, skills, and abilities required to perform those tasks; and tools and resources for organizations to learn how to assess their own cybersecurity workforce needs. The Framework serves as a foundation for increasing the size and capability of the U.S. cybersecurity workforce.
  • The Cybersecurity Workforce Development Toolkit: Helps employers understand an organization’s cybersecurity staffing needs. The Toolkit includes items such as templates to create cybersecurity career paths and resources to recruit and retain top cybersecurity talent.
  • The Federal Virtual Training Environment (FedVTE): Provides free, on-demand access to cybersecurity training for federal, state, local, tribal, and territorial government employees and veterans to help the workforce maintain expertise and foster operational readiness.
  • Middle and High school cybersecurity curricula: Provides free cybersecurity curricula and workshops for middle and high school teachers across the country, encouraging greater interest in Science, Technology, Engineering, and Math (STEM) fields at all ages, enabling students to learn the necessary fundamentals in high school that will give them the ability to pursue cybersecurity studies or careers.

A career in cybersecurity offers highly competitive salaries, terrific job opportunities, and a rewarding role in protecting our national security. To learn more about cybersecurity education and career development, visit www.dhs.gov/topic/cybersecurity-education-career-development. To learn more about cybersecurity careers at DHS, visit www.dhs.gov/homeland-security-careers/dhs-cybersecurity.

We also encourage you to get involved with National Cyber Security Awareness Month. Here are three simple ways for you to get help us spread the word:

For more information on National Cyber Security Awareness Month, visit www.dhs.gov/national-cyber-security-awareness-month.

Our Increasingly Digital Life

October 28, 2015

We are constantly connected. Even while we’re “offline” on vacation, or away from our computer or mobile devices, chances are we’re still connected in one way or another. More and more, the Internet touches almost all aspects of our daily lives.

This entry was originally posted on the Blog @ DHS. Read the rest of the October 28, 2015 blog.

Staying Protected While Always Connected

October 13, 2015

Most of us have developed a very close relationship with our mobile devices: we carry them with us throughout the day, check them frequently, and even sleep with them nearby at night. Although mobile devices allow us to instantly connect with friends and family, to access the internet, get directions, and make purchases, this increased convenience also comes at an increased risk.

This entry was originally posted on the Blog @ DHS. Read the rest of the October 13, 2015 blog.

DHS Kicks Off National Cyber Security Awareness Month 2015

October 1, 2015

The Department of Homeland Security (DHS) today announced the kick-off of National Cyber Security Awareness Month 2015. During this month, outreach efforts will aim to increase Americans’ understanding of basic cybersecurity practices to stay safe online and the role each of us plays in keeping cyberspace safe and secure.

“Cybersecurity is a top priority for DHS. Cyber threats are increasing in their frequency, scale, and sophistication,” said Deputy Secretary of Homeland Security Alejandro Mayorkas. “Each American is a key part of our Nation’s first line of defense and in minimizing the impact of cyber attacks. I encourage all Americans to take advantage of National Cyber Security Awareness Month as an opportunity to recognize the role they play in making the Internet safer and more secure by practicing good cyber habits at home, work, school, and on the go.”

Every day, tens of millions of Americans shop, bank, and stay in touch with friends and family online. Our Nation’s critical infrastructure systems – power grids, financial systems, and transportation systems – all rely on the Internet. This increased connectivity brings many conveniences and advantages; however, it also creates increased threats and risks to our security.

Throughout National Cyber Security Awareness Month 2015, the Department is highlighting ways cybersecurity impacts Americans in all aspects of their lives, including in their use of personal technologies and in their workplaces. Everyone has a role to play in cybersecurity, whether it’s protecting their families from identity theft, protecting their workplaces from cyber attacks, or protecting their communities from cyber predators. Here are some tips to stay safe online:

  • Set strong passwords and don’t share them with anyone;
  • Keep your operating system, browser, and other critical software optimized by installing updates;
  • Maintain an open dialogue with your family, friends, and community about Internet safety;
  • Limit the amount of personal information you post online and use privacy settings to avoid sharing information widely;
  • Be cautious about what you receive or read online—if it sounds too good to be true, it probably is; and
  • Visit www.DHS.gov/StopThinkConnect to learn more about how you can help strengthen America’s cybersecurity.

For more information about National Cyber Security Awareness Month 2015, visit www.dhs.gov/national-cyber-security-awareness-month-2015. For more information on DHS’s cybersecurity efforts, visit www.dhs.gov/cyber.

How to be Cyber Savvy in a “Smart World”

August 24, 2015

We now live in a “smart world,” where the Internet touches all aspects of our daily lives. We have wearables that track our eating, sleeping, and exercise habits. We utilize devices that provide us with a quicker route on a summer road trip. We own mechanisms that allow us to preheat our oven or adjust our thermostat on our way home from work before we even walk through the door. These types of devices are all part of our new, more connected world – commonly referred to as the Internet of Things.

The Internet of Things includes objects or devices that send or receive data automatically via the Internet. As more devices and objects become connected to the Internet – from phones and tablets to homes, vehicles, and medical devices – it is important to realize that the security of these devices is not always guaranteed.

Why Should You Care?

  • 1.8 billion: the number of smartphone users*
  • 50 billion: the number of connected devices expected by 2020 (that’s 1 person to every 7 devices)*
  • $5 trillion: the amount the IoT market is expected to grow over the next 6 years*

Though this technology brings many conveniences to our lives, it also requires that we share more information than ever. Here are three simple steps to take to secure the devices that hold your valuable personal information.

  • Keep a clean machine. Just like your smartphone or laptop, keep any device that connects to the Internet free from viruses and malware. Update the software regularly on the device itself as well as the mobile applications you use to control the device.
  • Think twice about your device. Have a solid understanding of how a device works, the nature of its connection to the Internet, and the type of information it stores and transmits.
  • Secure your network. Properly secure the wireless network you use to connect Internet-enabled devices.

For more information on the Internet of Things, please visit www.dhs.gov/stopthinkconnect.

*National Cyber Security Alliance Internet of Things Infographic

Back to School: What You & Your Kids Need to Know About Cyberbullying

August 17, 2015

We are all leading increasingly digital lives, spending more and more time online. With this increased connectivity, bullying or harassment that previously only occurred in-person now occurs online. Although the Internet brings many advantages to our everyday way of life, it also provides bullies with an additional outlet to say or do damaging things outside of face-to-face interactions. As summer comes to an end and children head back to the classroom, it is important to talk to your kids about cyberbullying. Cyberbullying includes a wide range of hurtful behavior that occurs through digital channels such as social media, text messages, emails, blogs, or instant messaging.

The Cyberbullying Research Center, a Stop.Think.Connect. National Network member, has provided a few warning signs that your child may be experiencing cyberbullying:

  • Unexpectedly avoids or stops using their device
  • Appears nervous or jumpy while on the computer or using their device
  • Seems angry, frustrated, or depressed after spending time online
  • Becomes abnormally withdrawn from usual friends and family members

The Stop.Think.Connect. Campaign encourages all parents and educators to take the following steps to help students be aware of cyberbullying and to know what to do if they come across bullying online.

  • Start conversations regularly about practicing online safety.
  • Create an open and honest environment with kids so they can feel comfortable coming to you, or a trusted adult, if they see something online that makes them feel uncomfortable.
  • Emphasize the concept of credibility to teens: not everything they see on the Internet is true, and people on the Internet may not be who they appear to be.
  • Keep your personal information private, including the names of your family members, your school, your telephone number, and your address.
  • Think twice before you post or say anything online. Once it is in cyberspace, it is out there forever.

Though the conversation around cyberbullying is typically focused on children, online bullying can actually occur to people of all ages. The Cyberbullying Research Center shared these tips for adults who are victims of cyberbullying:

  • Do not respond. Cyberbullies want you to react. If you respond angrily, the bully may feed off of that response and continue (and even escalate the severity of) the cyberbullying.
  • Record everything. Keep evidence of all content (pictures, texts, emails, tweets, status updates, etc.) that the cyberbully has sent or posted about you.
  • Talk about it. Speaking with trustworthy friends about what you are going through could be cathartic. They might have gone through similar situations might be able to give you advice.
  • Block the bully. Block the cyberbullying at its source. If you are getting incessant communications from a cyberbully, use your email, phone, or social media options to prevent that person from contacting you

For more information and resources, please visit dhs.gov/stopthinkconnect or the Cyberbullying Research Center at cyberbullying.us.

Stop.Think.Connect. Campaign Adds AARP, VA, USPS, SBA to Partner Ranks; Reaches New Milestone of 180 Partners

July 31, 2015

Today the Stop.Think.Connect. campaign announced the addition of several new members to its partner program. Over the last several months, the AARP, the Department of Veterans Affairs (VA), the United States Postal Service (USPS), and the Small Business Administration (SBA) have joined the campaign. This has enabled the Department of Homeland Security (DHS) and Stop.Think.Connect. to directly convey their online safety messages to AARP’s nearly 38 million members as well as millions more people through the campaign’s 180 partners.

This entry was originally posted on the Blog @ DHS. Read the rest of the July 31, 2015 blog.

Internet Safety Month: Top Tips to Stay Safe Online

June 17, 2015

With summer right around the corner, Americans will be spending time on their mobile devices while traveling and on vacation. According to the Pew Research Center, nearly two-thirds of Americans are now smartphone owners, and for many these devices are their main entry point to the online world. This new technology has eliminated many of the stresses that come with traveling.

Mobile applications and free Wi-Fi at hotels and restaurants allow you to find great deals on flights and hotels, avoid traffic on road trips, check email, or video chat while on vacation from almost anywhere. However, with this increased convenience and connectedness comes a responsibility to stay safe while online and on your mobile device.

This June, in honor of Internet Safety Month, the Stop.Think.Connect. Campaign encourages you to make online safety a priority. You don’t need to be an IT professional to protect yourself online: start with these simple tips to protecting yourself and your family while using the Internet at home or on the go:

  • Set strong passwords. Make your passwords complex by using a combination of numbers, symbols, and letters (upper and lower case). Click here for tips on how to choose a good password.
  • Think before you connect. Before you connect to any public wireless hotspot – like in an airport, hotel, train/bus station or café – be sure to confirm the name of the network and login procedures with appropriate staff to ensure that the network is legitimate. Anyone can set up a network and give it any name they want: even if a network is named after your hotel, it may have been set up by a hacker, so check with hotel staff to be sure. Don’t conduct sensitive activities, such as online shopping or banking, using a public wireless network.
  • Keep software updated. Running the most recent versions of your mobile operating system, security software, apps and Web browsers is among the best defenses against online threats.
  • Lock your device when you’re not using it. Even if you only step away for a few minutes, it’s enough time for someone else to steal, copy, or destroy your information.
  • Disconnect your device from the Internet when you aren't using it. The likelihood that attackers or viruses scanning the network for available devices will target you becomes much higher if your device is always connected.

Check out the Stop.Think.Connect. Campaign’s Cybersecurity While Traveling Tip Card and the Mobile Security Tip Card for more cyber tips.

Get Involved

Here are some ways to get involved with Internet Safety Month this June:

  • Summer means kids are at home and are often spending more time online. Take a few minutes to talk with your children about online safety. Find materials to help you start the conversation on DHS’s Parents and Educators Resource page.
  • Visit Stop.Think.Connect. and STCGuide.com for more resources and tips to help you stay safe online.
  • Become a Friend of the Stop.Think.Connect. Campaign by signing up for our monthly newsletter to receive the latest cyber news and tips right to your Inbox. Sign up here.

Protect Yourself Against Tax Refund Fraud

April 6, 2015

With the April 15 deadline approaching, millions of Americans are finalizing the preparation and filing of their taxes. Unfortunately, tax season is a busy time for cyber criminals and scammers as well.

This entry was originally posted on the Blog @ DHS. Read the rest of the April 6, 2015 blog.

Data Privacy Day: Keep Your Information Safe No Matter How You Get Online

January 28, 2015

Data Privacy Day, recognized each year on January 28, is an international effort focused on protecting privacy, safeguarding data, and enabling trust. Since 2008, Data Privacy Day has encouraged everyone to weigh the benefits and risks of sharing information, understand what their information can be used for, and take steps to protect themselves and their identities.

This entry was originally posted on the Blog @ DHS. Read the rest of the January 28, 2015 blog.

Be Cyber Safe this Super Bowl

January 27, 2015

The Super Bowl is the most-watched television program in America, with more than 100 million people tuning in annually. Cyber criminals, hackers, and other malicious actors may take advantage of people’s enthusiasm for the game to gain access to information or commit fraud. While fans of opposing teams may not agree on much, everyone can agree that practicing safe online behavior is a smart play. Follow these tips to protect yourself and your family:

  • Use only reputable online retailers. Looking for a ticket to the game or official Super Bowl merchandise? Make sure the retailer is legitimate and that their website provides protection for online purchases. Look for the padlock symbol near the website address or for URLs that start with "https" or "shttp."
  • Stream carefully. For those watching the game online, make sure to use a legitimate website. Questionable websites may expose your computer to malware or other security risks to your privacy or personal information.
  • Be wary of public Wi-Fi. If you’re following the game online and in a public space, be careful about public Wi-Fi networks. Don’t conduct any sensitive activities, such as online banking or shopping, while connected to public Wi-Fi.
  • Think before you act. Be wary of "too good to be true" deals. Free tickets, cheap team merchandise, cheap collectibles – if a deal sounds too good to be true, it probably is. Slow down and think twice before clicking on such deals. It’s always important to read the fine print and see if these advertisements are a genuine touchdown rather than a malicious fumble.

The Stop.Think.Connect. Campaign encourages everyone to be cyber safe every day. For more tips and resources, visit www.dhs.gov/stopthinkconnect.

Protect Yourself from Identity Theft While Traveling

December 22, 2014

With the holiday season in full swing, many Americans are doing last minute shopping or heading to see family and friends. At the same time, the holiday travel season is a peak period for hackers and thieves to prey on unsuspecting travelers. Vigilance is the key to protecting yourself from identity theft when shopping and traveling.

This entry was originally posted on the Blog @ DHS. Read the rest of the December 22, 2014 blog.

Give Yourself the Gift of Online Security

November 26, 2014

According to the National Retail Federation, 141 million people spent $57.4 billion dollars during Thanksgiving weekend last year, and consumers spent nearly $600 billion during the 2013 holiday season. The biggest shopping season of the year comes with great deals and benefits to shoppers, but it also comes with certain risks.

This entry was originally posted on the Blog @ DHS. Read the rest of the November 26, 2014 blog.

Law Enforcement Embraces New Technologies to “Fight Fire with Fire”

November 7, 2014

While most people associate the U.S. Secret Service as the elite protective agency in the world, a lesser known fact is that we are at the forefront of combating cyber crime.

This entry was originally posted on the Blog @ DHS. Read the rest of the November 7, 2014 blog.

Cybersecurity Strength in Numbers

October 28, 2014

More than 150 government, nonprofit, and academic institutions are now working together to make the Internet safer and more secure through the Department of Homeland Security’s Stop.Think.Connect. Campaign. Cybersecurity is a shared responsibility, and the Campaign’s partner program is one of the most powerful ways DHS connects with diverse audiences to share cybersecurity risks and best practices.

From large and small government organizations to national and international nonprofits to colleges and universities, the Campaign partners reach individuals of all ages, businesses of all sizes, and law enforcement professionals at all levels. Partners create a personal connection to engage their members in cybersecurity education and awareness and provide insight into their specific cyber needs.

Stop.Think.Connect. partners are not only reaching their members, but also engaging their collegial organizations. Thirteen new partners joined the Campaign in the first three weeks of October. These are BeReadyUtah, Colorado Department of Homeland Security and Emergency Management, East Central University, E-C Council Foundation, the National Association of Women Business Owners, Northern Caribbean University, the Sheriff’s Department of Sacramento County, Telecommunications Regulatory Authority Kingdom of Bahrain, Town of Queen Creek, Arizona, University Federal Credit Union, University of Texas at Arlington, the U.S. Chamber of Commerce, and the U.S. Department of Defense. Check our National Network (non-profit organizations), Cyber Awareness Coalition (government agencies), and Academic Alliance (colleges and universities) for information on these and other partners.

October is National Cyber Security Awareness Month, a coordinated opportunity for all Campaign partners to highlight the issue through cybersecurity initiatives and events. This year, Campaign partners have reached millions of individuals through their outreach efforts including social media posts, events, articles, and many other cyber activities.

We each have a role to play in building a safe and resilient cyberspace. Stop.Think.Connect. Campaign partners are pivotal in helping accomplish this goal.

Join the cybersecurity movement and help make the Internet safer for everyone. Email stopthinkconnect@dhs.gov to learn more about the Stop.Think.Connect. Campaign and how your organization can get involved.

Improving Cybersecurity for Small and Medium-Sized Businesses

October 24, 2014

One of the Department of Homeland Security’s priorities in cybersecurity is supporting small and medium-sized businesses. Like their larger counterparts, small and medium businesses frequently house sensitive personal data, and proprietary and financial information. And they are increasingly becoming targets for cyber criminals who recognize that smaller businesses may be easier to penetrate as they may lack the institutional knowledge and resources that larger companies have to protect their information.

This entry was originally posted on the Blog @ DHS. Read the rest of the October 24, 2014 blog.

Keeping Our Critical Infrastructure Cyber-Secure

October 20, 2014

We all are increasingly reliant on the Internet. Not just when we’re on a laptop or smart phone. The underlying critical infrastructure that provides essential services to all of us also is becoming more dependent on the internet.

This entry was originally posted on the Blog @ DHS. Read the rest of the October 20, 2014 blog.

Secure Development of IT Products

October 10, 2014

Information technology (IT) exists in almost all of the products that we use. IT products help us run our homes, businesses, and cities and help us to stay in touch with loved ones around the world.

This entry was originally posted on the Blog @ DHS. Read the rest of the October 10, 2014 blog

National Cyber Security Awareness Month 2014: Engaging All Americans in Online Safety

October 3, 2014

This week marks the start of National Cyber Security Awareness Month 2014, a time to reflect on our cybersecurity practices and promote greater online safety for all Americans.

This entry was originally posted on the Blog @ DHS. Read the rest of the October 3, 2014 blog

Back to School Resources for Teachers and Parents

August 20, 2014

It’s back to school season! While you scramble to get all the right school supplies for the classroom, be sure to equip your students with the tools they need for cyber safety, too. The Stop.Think.Connect. Campaign offers various resources for parents, educators, and students, including:

According to a recent survey, seven in 10 young people have been a victim of cyberbullying. To help protect children offline and online this school year, find ways to incorporate cyber safety into your lesson plans. The Campaign makes it easy for you to print out materials to teach about cyber safety inside and outside the classroom. To jumpstart your cyber safety efforts, follow these simple tips:

  • Create an open and honest environment with kids.
  • Start conversations regularly about practicing online safety.
  • Emphasize the concept of credibility to teens: not everything they see on the Internet is true, and people on the Internet may not be who they appear to be.
  • Keep your personal information private, including the names of your family members, your school, your telephone number, and your address.
  • Think twice before you post or say anything online. Once it is in cyberspace, it is out there forever.

Following and sharing these simple cybersecurity tips can help to create a better, safer atmosphere for your students this school year.

Be Cyber Safe While On the Go This Summer

August 1, 2014

It’s the last month of vacation for most families this summer. With end of summer in sight, many will be travelling to the beach, to theme parks, and even across the county or overseas. While you enjoy your last month of fun with the family, don’t forget to encourage and practice cyber safety, especially as you use your mobile devices while traveling.

Many people – kids and adults alike – access the Internet through mobile devices, such as cellphones, tablets, etc. Cybersecurity for mobile devices involves the same principles and tips around safely using home and work computers, including being cautious online and maintaining the security of your device.

The Stop.Think.Connect. Campaign recommends following these simple tips, whether you’re traveling or at home, when using digital devices and the Internet:

  • Keep software updated. Running the most recent versions of your mobile operating system, security software, apps and Web browsers is among the best defenses against malware, viruses and other online threats.
  • Keep your device secure by using a strong password to lock your smartphone or tablet.
  • Change any pre-configured default passwords on your mobile device to ones that would be difficult to guess.
  • Use your mobile device carefully; emails that can harm your computer can also harm your mobile device.
  • Use disk encryption features whenever available.
  • Enable two-step authentication when offered, and change passwords to any accounts you accessed while connected to an unfamiliar network.
  • When using a public or unsecured wireless connection (i.e. at a café or hotel), avoid using sites and apps that require personal information like log-ins.
  • Switch off your Wi-Fi and Bluetooth connections when not in use. Automatically connecting to networks can create vulnerabilities exploitable by hackers and others.
  • When banking or shopping online, use only trusted apps or websites that begin with https://.

Cybersecurity is a shared responsibility. When you take simple steps to protect yourself on the Internet, you create a safer Internet for everyone.

Stay Safe Online While Cheering on Team USA

June 26, 2014

As millions of Americans tune in to watch the World Cup and cheer on the U.S. men’s national soccer team, it’s important to stay vigilant against cyber criminals and hackers who may to try to take advantage of people’s enthusiasm to gain access to their information online.

This entry was originally posted on the Blog @ DHS. Read the rest of the June 26, 2014 blog.

This Summer, Keep Your Employees Cyber Safe

June 16, 2014

As a small business, keeping up with the latest competition also involves being sure that you and your employees are cyber-ready. Not only do small businesses rely on technology to perform daily functions, but the Internet provides easy ways for businesses to stay connected and informed. However, with these increased conveniences comes increased risk. According to Symantec, nearly one-third of all cyber-attacks targeted businesses with fewer than 250 employees, the largest growth area for targeted cyber-attacks in 2012. Follow these simple tips from the Department of Homeland Security’s Stop.Think.Connect. Campaign to help keep your workplace cyber safe:

  • Use and regularly update anti-virus and anti-spyware software on all computers; automate patch deployments across your organization to protect against vulnerabilities.
  • Secure your Internet connection by using a firewall, encrypting information and hiding your Wi-Fi network.
  • Establish security practices and policies to protect sensitive information; educate employees about cyber threats and how to protect your organization’s data and hold them accountable to the Internet security policies and procedures.
  • Require that employees use strong passwords and regularly change them.
  • Invest in data loss protection software for your network and use encryption technologies to protect data in transit.
  • Protect all pages on your public-facing websites, not just the checkout and sign-up pages.

Consumers are taking notice of how businesses secure their data and are more willing to trust and reward businesses for good security practices. With cyber criminals now targeting small businesses more than ever before, it’s important to remind consumers that your business is cyber safe by following the above tips.

Keeping Kids Safe Online

May 15, 2014

Summer fun has begun! While the kids are home and enjoying the sun, don’t forget that June is Internet Safety Month. This summer, the Stop.Think.Connect. Campaign is encouraging parents to take a few minutes to talk with their children about Internet safety. While increased connectivity has led to significant transformations and advances across our country – and around the world – it also has increased our shared risk. For children, this includes cyber bullying, cyber predators, and other threats. Parents, teachers, and guardians can take steps to protect children online by creating an open environment where children feel comfortable reporting abuses over the Internet. The Stop.Think.Connect. Campaign encourages adults to:

  • Be aware of what social networks your kids and teens use and how much information they share. They should never share addresses, birthdays, schools, and last names with strangers;
  • Teach your kids how to conduct searches safely by using specific and narrow search terms on commonly-used search engines to prevent unwanted and malicious results;
  • Install filters and firewalls to manage what sites your kids can access;
  • Set strong passwords that are different on every site; and
  • Remind your children not to say anything online about someone else that they would not want said about them.

At the end of the day, cybersecurity is ultimately about people and is a shared responsibility. We are all called on to ACT: Achieve Cybersecurity Together.

Ensure Your Cyber Safety this Tax Season

March 31, 2014

Not only is April tax season, but it’s also prime time for cyber criminals to try to trick unsuspecting people into sharing personal or financial information. So in addition to filing your taxes, be sure to properly safeguard your data.

This entry was originally posted on the Blog @ DHS. Read the rest of the March 31, 2014 blog.

Flat Stanley Now Helping Kids Stay Safe Online

December 23, 2013

The Department of Homeland Security’s Stop.Think.Connect. campaign is joining the Flat Stanley Project to help kids learn about the importance of cybersecurity.

This entry was originally posted on the Blog @ DHS. Read the rest of the December 23, 2013 blog.

During the Season of Giving, Don’t Give Out Your Personal Information

December 2, 2013

From smartphones and tablets to gaming systems and e-readers, this year’s holiday wish lists are more wired than ever. Many of us will immediately load photos, user accounts, and other personal data onto our new gadgets, eager to enjoy them.

However, if you are giving or receiving the newest tech toys this holiday season, don’t forget to secure new devices from cybercriminals on the hunt for personal information. Smartphones, tablets, and other electronics are now as powerful and functional as many computers. Therefore is important to protect those devices just like you protect your computer or laptop. The United States Computer Emergency Readiness Team (US-CERT) provides the following tips to safeguard your data:

  • Lock your device when you are not using it. Even if you only step away for a few minutes, it's enough time for someone else to steal or destroy your information.
  • Disconnect your device from the Internet when you aren't using it. The likelihood that attackers or viruses scanning the network for available devices will target you becomes much higher if your device is always connected.
  • Keep software up to date. Install software patches so that attackers cannot take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates.
  • Consider creating separate user accounts. If there are multiple people using the device, someone else may accidentally access, modify, or delete your information. If you have the option, create different user accounts for each user and set the access and privileges for each account.
  • Establish guidelines for usage. If there are multiple people using your device, especially children, make sure they understand how to use the device safely. Setting boundaries and guidelines will help protect your data.
  • Back up your data. Whether or not you take steps to protect yourself, there will always be a possibility that something will happen to destroy your data. Regularly backing up your data reduces the stress and consequences that result from losing important information.

For specific information on securing gaming systems, visit the Federal Trade Commission’s OnGuard Online. For smartphone security tips, visit the Federal Communication Commission’s Smartphone Security Checker, a new resource that demonstrates how you can be safer when using a mobile device.

Stop.Think.Connect.: Lookout for Cyber Monday Scams

November 23, 2013

Turkey, pumpkin pie, and football aren’t the only things that are part of many Americans’ Thanksgiving traditions. Deals and bargain prices have also become a part of the holiday season, and more people are going online to find them.

Cyber Monday—the Monday after Thanksgiving—is one of the biggest online shopping days of the year, providing a golden opportunity for scammers and spammers looking to take advantage of unsuspecting online shoppers. On Cyber Monday, hackers may use tactics like preying on popular keyword searches to lure shoppers to malicious websites, with the goal of collecting financial and personal information.

These simple tips can help protect your personal information and transactions on Cyber Monday and throughout the holiday season:

  • Keep your computer, browser, anti-virus and other critical software up to date.
  • Only buy from reputable sites and pay attention to URLs. Malicious websites may look similar to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net). Also look in the address box for the "s" in https:// before any transaction. That “s” tells you that the site is taking extra measures to help secure your information.
  • Beware of deals that sound too good to be true. Use caution when opening email attachments and do not follow unsolicited web links in email messages and pay special attention to extremely low prices on hard-to-get items.
  • Check privacy policies. Before providing personal or financial information, check the website's privacy policy to ensure your safety.
  • Use a credit card instead of a debit card. There are laws to limit your liability for fraudulent credit card charges, and you may not have the same level of protection when using your debit card.
  • Keep a record of your order. Retain all documentation from the order in the event your purchase does not ship or if there are unauthorized charges on your bill.
  • Check your statements. Keep a record of your purchases and copies of confirmation pages, and compare them to your bank statements. If there is a discrepancy, report it immediately.

DHS Announces Stop.Think.Connect. Campaign Partnership with the National Crime Prevention Council

The Department of Homeland Security’s Stop.Think.Connect. Campaign announced a new partnership with the National Crime Prevention Council (NCPC), which seeks to reduce crime by helping citizens work with law enforcement to promote cybersecurity awareness and online safety. The campaign will provide NCPC with tools and resources to educate teens, young adults and parents about how youth can protect themselves from the risk of theft, fraud and abuse online.

Photo courtesy of the Federal Bureau of Investigation

Pictured in the photo from left to right, the iconic McGruff the Crime Dog, Ann M. Harkins, President and CEO of NCPC, Michael Kortan, Assistant Director of the FBI Office of Public Affairs, and Suzanne Spaulding, Department of Homeland Security Deputy Under Secretary, National Protection and Programs Directorate, were keynotes and special guests at the event.

“Cybersecurity is a shared responsibility, and everyone must play their part,” said Department of Homeland Security Secretary Napolitano. “Through partnerships like this one, and initiatives like National Cybersecurity Awareness Month, the Department is reaching out to audiences of all ages on the role each of us plays in securing cyberspace.”

“In today’s technology-driven world we share so much personal information about our lives in 140 characters or less that we often fail to see how it can put us at risk,” said NCPC President and CEO Ann M. Harkins. “Partnering with the Department of Homeland Security on cybersecurity awareness is the perfect complement to National Crime Prevention Month, which NCPC celebrates every October, asking every citizen to renew or join the commitment to help Take A Bite Out Of Crime.”

Stop.Think.Connect. is a national public awareness effort to guide the nation to a higher level of Internet safety and security by educating and empowering the American public to be more vigilant about practicing safe online habits. The campaign encourages Americans to view Internet safety and security as a shared responsibility at home, in the workplace, and in our communities.

NCPC was founded in 1982 with the goal of reducing crime by helping citizens work with law enforcement. Using a train-the-trainer model, NCPC has trained thousands of crime prevention practitioners and allies, including law enforcement personnel, educators, parents, youth, local and state government officials, and community leaders, to help them help their communities reduce crime.

This new partnership continues the Stop.Think.Connect. Campaign’s ongoing outreach to the nation’s youth and organizations that serve them. Recently, the Department of Homeland Security announced partnerships with Drug Abuse Resistance Education (D.A.R.E.) America and Boys & Girls Clubs of America.

Find additional information on NCPC. Read more about the event.

Stop.Think.Connect. Encourages You to ACT for National Cyber Security Awareness Month this October

October 2011 National Cybersecurity Awareness MonthEvery day, we are more and more interconnected. We rely on the Internet for all of our day-to-day needs as it allows us to stay connected, informed, and involved. However, this increased connectivity brings increased risk of theft, fraud, and abuse - making cybersecurity one of our country’s most important national security priorities.

In recognition of the importance of cybersecurity awareness, President Obama designated October 2012 as National Cyber Security Awareness Month as a reminder that being safer and more secure online is a shared responsibility. In other words, we should always ensure that our information and critical infrastructures remain secure and reliable for everyone.

Throughout National Cyber Security Awareness Month and beyond, you’re invited to join the Department of Homeland Security's Stop.Think.Connect. Campaign to take part and ACT - Achieve Cybersecurity Together - to ensure everyone understands their role in safeguarding and securing cyberspace, recognizes how to protect themselves and their online interests, and knows who to contact if compromised online.

Here are a few simple things businesses, schools, and home users can do to practice cybersecurity during National Cyber Security Awareness Month and throughout the year:

  • Find or register a local National Cyber Security Awareness Month event.
  • Show your organization's commitment to cybersecurity by signing the online endorsement form and becoming a National Cyber Security Awareness Month Champion.
  • Download tip sheets on how to stay safer in a variety of online settings: on social networking sites, on gaming sites, on your mobile device, and distribute them within your community.
  • Participate in the NCSA's Cyber Security Awareness Volunteer Education (C-SAVE) Program and help educate elementary, middle, and high school students about Internet safety and security.
  • Add a signature block to your e-mail: "October is National Cyber Security Awareness Month. Stay Safe Online! Visit www.staysafeonline.org for the latest cybersecurity tips."

Find more information on National Cyber Security Awareness Month.

Are You Cyber Ready? Stop.Think.Connect. Commemorates National Preparedness Month

Think about this - what would you do if you received a suspicious email from a friend that only included a link? Would you click on it? What would your spouse, children, friends, or colleagues do? Phishing attacks are only one of the many complex cyber threats we face every time we go online regardless of whether we are at home, at work, or on the go. As technology advances, so do the techniques cybercriminals use to gain access to our computer networks.

To commemorate National Preparedness Month, Americans all over the country are preparing for the unexpected fire, hurricane, tornado or man-made disasters. While the devastating effects on individuals, families, and communities caused from a natural or man-made disaster are easy to see, it is much more difficult to understand the impact of a sluggish computer infected with malware or viruses.

Unlike physical threats that prompt immediate action – like stop, drop, and roll in the event of a fire – cyber threats are often difficult to identify and comprehend. However, they can be just as dangerous. Cyber preparedness can be as simple as setting up the proper controls such as the ones listed below to increase your chances of avoiding cyber risks:

  • Only connect to the Internet over secure, password- protected networks.
  • Do not respond to online requests for personal information; most organizations – banks, universities, companies, etc. – do not ask for your personal information over the Internet.
  • Limit who you are sharing information with by reviewing the privacy settings on your social media accounts.
  • Trust your gut; if you think an offer is too good to be true, then it probably is.
  • Do not use the same password twice; choose a password that means something to you and you only; change your passwords on a regular basis.

Here are more tips and guidance from www.Ready.gov on how to prepare in the event of a cyber-attack. If you feel you’ve been a victim of a malware attack, phishing scheme, or another cybercrime, contact your local law enforcement or the Federal Trade Commission at www.ftc.gov/complaint.

Stop.Think.Connect. Partners with the Girl Scouts of USA

Girl scout troopThe Department of Homeland Security announced on August 22, 2012 during the Atlanta Cyber Tour that the Girl Scouts of the USA organization has joined the Stop.Think.Connect. Campaign’s National Network, forming a new partnership which will promote cybersecurity awareness to over 3.2 million youth across the country.

The Campaign will provide the Girl Scouts with tools and resources to help raise awareness among kids, teens, and young adults about emerging online threats and the importance of cybersecurity. This partnership builds on the Campaign’s efforts to highlight curriculum resources available to communities, as well as to promote cyber awareness and educate America’s youth about safer online practices.

“Cyber education is crucial for preparing future generations for the ever-changing cyber world,” said Department of Homeland Security Secretary Napolitano. “With the help of Girl Scouts of the USA, the Campaign has an opportunity to broaden cybersecurity awareness to millions of American youth engaged with the Girl Scouts program.”

"This collaboration between Girl Scouts and the Department of Homeland Security will empower girls to become leaders and advocates for the safe and responsible use of technology," explained Anna Maria Chávez, Chief Executive Officer of the Girl Scouts of the USA. "We know that girls are online. As adults, it is our responsibility to create an environment that encourages girls to establish healthy online habits."

Girl Scouts of the USA was founded in 1912 with the goal of bringing girls out of isolated home environments and into community service. Through enriching experiences, such as field trips, sports skill-building clinics, community service projects, cultural exchanges, and environmental stewardships, Girl Scouts seeks to grow courageous and strong young women.

Find additional information on Girl Scouts of the USA.

Last Published Date: April 3, 2018

Was this page helpful?

This page was not helpful because the content:
Back to Top