How secure are you on the internet? Our vice president of information security has helped compile easy cybersecurity practices to help strengthen your first line of defense: You.

1. Utilize a password manager

A password manager is a secure, automated, all-digital replacement for the little notepad that you may use to scribble down all your passwords, but it’s also more than that. Password managers generate strong new passwords when you create accounts or change a password. They store all of your passwords—and, in many cases, your credit card numbers, addresses, bank accounts, and other information—in one place, protecting them with a single strong master password. Your password manager will remember everything else, filling in your username and password for you when you log in to a site or an app on your phone or computer.

Learning to use a password manager seems intimidating, but once you start using one, you’ll wonder how you lived without it. Typically, improving your digital security means making your devices more annoying to use; a password manager is a great opportunity to make yourself more secure and less annoyed.

2. Avoid voice phishing (vishing)

Vishing is a form of attack that attempts to trick victims into giving up sensitive personal information over the phone. While that sounds like an old-fashioned scam, vishing attacks have high-tech elements: They involve automated voice simulation technology, for instance, or the scammer may use personal information about the victim harvested from earlier cyberattacks to put them at ease. Vishing calls exploit the fact that we’re more likely to trust a human voice.

To avoid falling victim to a vishing scam:

• Be suspicious of a call claiming to be from a government agency and asking for money or personal information. Government agencies never call you out of the blue demanding or offering money.
• When in doubt, hang up, independently seek out the real number for the agency, and call them to find out if they’re trying to reach you.
• Never pay for anything with a gift card or a wire transfer. That’s a strong sign of a scam.
• Don’t trust Caller ID. It’s very easy to fake.

3. Be aware of SMS phishing (smishing)

Smishing is a type of social engineering attack that relies on exploiting human trust rather than technical exploits. It generally relies on SMS (texting) messages instead of an email. Smishing text messages are often purporting to be from your financial institution, asking you for personal or financial information such as your account or ATM number. Providing the information is equivalent to handing thieves the keys to your bank balance.

The good news is that it’s easy to protect against the potential ramifications of these attacks. You can keep yourself safe by not responding. In essence, the attacks can only do damage if you take the bait.

If you believe you’ve received a fraudulent SMS message:

• Don’t respond directly to the message.
• Slow down and think cautiously if a message is claiming to be urgent.
• Call your financial institution to verify the message.
• Don’t click on any links the message may contain.

4. Understand the risks of using public Wi-Fi

Public Wi-Fi can be found in popular public places like airports, coffee shops, malls, restaurants, and hotels, and it allows you to access the internet for free. These “hotspots” are so widespread and common that people frequently connect to them without thinking twice. Although it sounds harmless to log on and check your social media account or browse some news articles, everyday activities that require a login like reading email or checking your bank account could be risky on public Wi-Fi.

The problem with public Wi-Fi is that there are a tremendous number of risks that go along with these networks. While business owners may believe they’re providing a valuable service to their customers, chances are the security on these networks is lax, or even nonexistent.

The best way to know your information is safe while using public Wi-Fi is to use your phone’s mobile hotspot function. However, if you must use public Wi-Fi, follow these tips to protect your information:

• Don’t allow your Wi-Fi to auto-connect to networks.
• Don’t log into any account via an app that contains sensitive information. Go to the website instead and verify it uses HTTPS before logging in.
• Don’t leave your Wi-Fi or Bluetooth on if you are not using them.
• Don’t access websites that hold your sensitive information, such as financial or healthcare accounts.
• Don’t log onto a network that isn’t password protected.

Empowering our clients to know as much as possible about constantly evolving cyberthreats and best practices to combat them is important to us. And putting best practices in place now can lessen the risk of losses, even as this problem continues to grow with the usage of technology.