As our readers are aware, this is National CyberSecurity Month. In order to pay tribute to the month, Google has recently released the top 5 security tips that should be utilized by those of us that use Gmail as our free email service provider.

The tips below are directed specifically for Gmail users but they can be applicable for most any free email service provider. If you find that your email service provider can not provide similar security features as our friends at Google, you may want to consider shifting your email to Gmail. We hope that our readers at SmartSecurityPeople.com find this information helpful as we continue to celebrate National CyberSecurity Month.

1. Remember to sign out. Especially when using a public computer, be careful to sign out of your Google account when you’re finished. Just click the “Sign out” link at the top right corner of your inbox. If you’re using a public or shared computer and want to be extra thorough, you can also clear the browser’s cache, cookies and history. Then, completely close the browser. On your personal computer, you can also lock your computer with a password-protected screensaver if you need to step away momentarily. Learn the best ways to lock your screen in Windows or in Mac OS X. Forgot to sign out? Open up a new Gmail session on another computer and use Gmail’s remote sign out feature to close any sessions that might still be open elsewhere.

2. Be careful about sending certain sensitive information via email. Once you send an email, you’re no longer in control of the information it contains. The recipients, if they so choose, could forward the email or post its contents in a public place. Even if you know and trust the people you’re emailing, that information may become exposed if their accounts become compromised or they get a virus on their machines. As a rule of thumb, should you need to provide a credit card number or financial account number to respond to a message, provide it over the phone or in person - not over email. And never share your password with anyone. Google does not email you to ask you for your password, your social security number, or other personal information - so don’t send it!

3. Enable “Always use HTTPS.” Any time you visit a webpage, your computer needs to send and receive information across the Internet. HTTPS is used to encrypt data as it is transmitted between computers on the Internet, so look for the “https” in the URL bar of your browser to indicate that the connection between your computer and Gmail’s servers is encrypted. We use HTTPS on the Gmail login page, and you can choose to protect your entire Gmail session with HTTPS as well. HTTPS can make your mail slower, so we let you make the choice for yourself. Open Settings and choose “Always use HTTPS” on the General tab if you want to turn it on.

4. Be wary of unexpected attachments.To help protect you from viruses and malware, Gmail automatically scans every attachment when it’s delivered to you, and again each time you open a message. Attachments you send are also scanned. That said, no system is foolproof, so if you happen to get an email from a friend with an attachment you didn’t expect, don’t be afraid to ask the sender what it is before you decide whether to open it.

5. Make sure your account recovery information is up-to-date. Your account recovery information helps you regain access to your account if you ever forget your password, or if someone gains access to your account without your permission. We currently offer several paths to account recovery. Every Gmail user must select a security question and answer - be sure to choose a combination that is easy for you to remember, but hard for others to guess or come across by investigating. Don’t choose a question like “What is my favorite color?” as others may easily guess the answer. We also encourage you to provide a secondary email address and/or a mobile phone number, so we can send you a link to reset your password if you lose access to your account.

October marks the sixth annual National Cybersecurity Awareness Month sponsored by the Department of Homeland Security. The theme for this years awareness month is “Our Shared Responsibility”. The point that Homeland Security is trying to drive home is that computers users, as well as government and corporate entities, should be responsible for promoting good “Cyber Hygiene”. It is a shared responsibility that relies upon all of us to be vigilant in safeguarding ourselves and our families from cyber criminals.

The following are simple tips provided by the Department of Homeland Security to help all of us stay safe while being online and promote cybersecurity:

Take Action - There are many things businesses, schools, and home users can do to practice cybersecurity during National Cybersecurity Awareness Month and beyond.

• Make sure that you have anti-virus software and firewalls installed, properly configured, and up-to-date. New threats are discovered every day, and keeping your software updated is one of the easier ways to protect yourself from an attack. Set your computer to automatically update for you.
• Update your operating system and critical program software. Software updates offer the latest protection against malicious activities. Turn on automatic updating if that feature is available.
• Back up key files. If you have important files stored on your computer, copy them onto a removable disc and store it in a safe place.

Endorse - Demonstrate your commitment to cybersecurity.

• Show your organization’s commitment to cybersecurity and National Cybersecurity Awareness Month by signing the online endorsement form at www.staysafeonline.org.
• Create a section for cybersecurity on your organization’s Web site. Download banners at www.staysafeonline.org and post them on your organization’s home page.
• Add a signature block to your e-mail:
  “October is National Cybersecurity Awareness Month. Stay Safe Online! Visit http://www.staysafeonline.org for the latest cybersecurity tips.”

Educate - Find out what more you can do to secure cyberspace and how you can share this with others.

• Participate in the National Cyber Security Alliance Cyber Security Awareness Volunteer Education (C-SAVE) Program and help educate elementary, middle, and high-school students about Internet safety and security. For more information or to download the C-Save curriculum, visit www.staysafeonline.org/content/c-save.
• Review cybersecurity tips with your family.
• Print and post these cybersecurity tips near your computer and network printers.
• Use regular communications in your business-newsletters, e-mail alerts, Web sites, etc.-to increase awareness on issues like updating software processes, protecting personal identifiable information, and securing your wireless network.

For more information on Awareness Month and for additional material, please visit www.us-cert.gov and www.staysafeonline.org/ncsam.

We hope our readers at SmartSecurityPeople.com find this information helpful as you are surfing the world wide web.

It’s important that you are armed with information about scams targeting unsuspecting individuals. There is a new mail scheme that uses insurance companies’ names in a ploy involving counterfeit checks, an example of which can be seen here:

This is how the scam works:

Consumers receive checks, like the one above, that appear to be from companies such as Nationwide Insurance, Infinity Insurance or Progressive Insurance. The checks range from $3,500 to $4,900 and come with a letter informing the recipient that they won a $150,000 “Consumer Promotion Draw” because they shopped at select retail establishments during a certain period of time. The letter goes on to explain that the check has been issued to cover a “Non-Resident Government Tax” or “Tax Clearance Fee” that the consumer will have to pay to a British Tax Officer.

Recipients are told that in order to receive the $150,000 prize, they must cash the check and then send between $2,800 and $3,750, by Moneygram International or Western Union Money Transfer, to an address in the United Kingdom. Consumers are given a toll-free number to call, but they are asked not to talk about their winnings until the claim has been processed.

If a consumer were to cash the phony check, they could find themselves owing the bank the entire amount of the check plus additional fees charged by the bank.

Remember, if an offer sounds too good to be true, it probably is. Please be sure to utilize the SHARE TAB at the bottom of this article to pass this information onto anyone that you feel would benefit from this information.

It is not uncommon for SmartSecurityPeople.com to discuss social networks and all of the potential pitfalls associated with them. We usually gear our articles toward helping readers learn about putting filters on the information they are disclosing so they don’t fall prey to identity theft or burglary. However, we recently came across a story that shows how the addictive nature of social networking actually worked in favor of someone that recently had their house burglarized.

Apparently, a burglar was in the midst of his crime spree and happened to see a computer located in the bedroom that he was ransacking. Most burglars would have exclaimed “jackpot!” and added the computer to their stolen pile of goods. However, this one exclaimed “Totally Awesome!” and quickly logged into their Facebook account to see what everyone was up to. The question that comes to our mind is did this robber update their Facebook status to something along the lines of  “…Robbing a House…”? If he was a fan of Twitter, we wonder what his tweets would have looked like:

• Just broke in the upstairs window
• Here is a twitpic of the tree I scaled
• Whew.. no alarm and no dogs!
• Lots of cool jewelry in the bedroom
• Hey look a new computer from @bestbuy
• Hmmm.. Does it have internet?
• Might as well check my Facebook…

As the story reads, the end result is that this burglar stole a couple of diamond rings and forgot to log out of their Facebook account before leaving the house. The police were able to quickly track this person down because he lived in the same neighborhood as the victim. He is currently in custody and faces one to ten years of prison for the theft. The good news for him though… Facebook just recently opened it’s membership to the entire U.S. prison population!