Cyber Security Resources

Cyber Security Insights

Understanding Malware

Malware—short for ‘malicious software’—refers to any software intentionally designed to cause damage to a computer, server, client, or network. Here’s a breakdown of common types:

  • Virus: Infects other programs and files, spreads rapidly, corrupting files and disrupting operations. Example: The ILOVEYOU virus.
  • Spyware: Covertly obtains information about a user’s activities to steal sensitive data. Example: Keyloggers that capture passwords.
  • Ransomware: Encrypts or locks valuable digital files and demands a ransom for their release. Example: WannaCry attack that affected thousands of systems globally.
  • Adware: Automatically delivers or displays unwanted advertisements. Example: Adware that modifies browser settings.
  • Trojans: Disguises itself as legitimate software but performs malicious activities once activated. Example: Remote Access Trojans (RATs).

Password Security Best Practices

Strong passwords are vital for protecting against unauthorized access. Here are some best practices:

  • Complexity: Use a mix of upper and lower case letters, numbers, and symbols. Example: g3T!tDoNe$92
  • Length: Longer passwords are more secure. Aim for at least 16 characters. Example: F!ndMyBr!ghtSiDe2023$
  • Unpredictability: Avoid common phrases and predictable substitutions. Use random words combined with characters and numbers. Example: Table$Shoe%Fish&Jelly22!
  • Uniqueness: Use a different password for each of your accounts. Example: Using “Sun$4ineD@ys” for social media and “Mo0n!Ligh7” for banking.
  • Password Managers: Consider using a password manager to generate and store different complex passwords for all of your accounts securely.

Recommended Password Managers

  • Keeper Password Manager
    Keeper Password Manager: Securely manages and autofills passwords across all devices. Download for: Apple App Store Google Play Store
  • Bitwarden Password Manager
    Bitwarden Password Manager: Open source and trusted for strengthening password security. Download for: Apple App Store Google Play Store
Horizontal Line
Cybersecurity Page – MFA Demonstration

What is Multi-Factor Authentication (MFA)?

MFA significantly enhances security by requiring two or more verification factors, making unauthorized access considerably harder. These factors are typically categorized into:

  • Knowledge factors: Something the user knows (e.g., password, PIN).
  • Possession factors: Something the user has (e.g., a hardware token or mobile app).
  • Inherence factors: Something the user is (e.g., biometric traits like fingerprints).

This approach helps protect against various security threats, including phishing and brute-force attacks, by requiring multiple proofs of identity.

Recommended Authentication Apps

For enhanced security, using authentication apps to receive MFA codes is safer than SMS. Below are popular options, which generate time-based, one-time passcodes (TOTP) that are hard to intercept:

  • Google Authenticator
    Google Authenticator: Generates codes even in offline environments. Download for: Apple App Store Google Play Store
  • Microsoft Authenticator
    Microsoft Authenticator: Supports a wide range of accounts. Download for: Apple App Store Google Play Store

MFA Demonstration

Click “Demonstrate” to see an example of MFA in action.


Enter Your MFA Code

Success! Welcome to Online Banking

You have successfully logged in using MFA.

Horizontal Line 2
Common Computer Scams – Bank of Pensacola

Common Computer Scams

Understanding common scams can significantly reduce the risk of data theft. Here are some prevalent methods used by cybercriminals:

  • Phishing: Scammers use fake emails or websites to mimic legitimate organizations, tricking users into providing sensitive information.
    • Example: An email disguised as a security alert from your bank asking to confirm your account details.
  • Spear Phishing: More targeted than general phishing, it focuses on specific individuals or organizations to steal data or distribute malware.
    • Example: Emails sent to company executives claiming to be from a known partner or supplier with urgent requests for wire transfers.
  • Whaling: A sophisticated form of phishing aimed at high-profile targets like C-level executives, using highly personalized bait.
    • Example: Fake legal subpoenas sent via email to senior executives, tailored to appear extremely legitimate.
  • Scareware: Victims are bombarded with false alarms and fake threats to persuade them to buy useless “security” software.
    • Example: Pop-ups that appear while browsing, warning that your PC is infected and urging you to download software to fix the problem.
  • Fake Calls: Impersonators claim to be from well-known companies to gain personal or financial information.
    • Example: Calls from someone pretending to be a tech support specialist directing you to grant them access to your computer to fix a non-existent problem.