Published on January 28, 2021

Data Privacy Day

January 28 is Data Privacy Day. The goal of Data Privacy Day is to highlight easy ways to protect your personal information. Take control of your personal information by learning about the types of cyber attacks and how to avoid becoming a victim.

Types of Cyber Attacks

  • A Social Engineering Attack uses human interaction to obtain or compromise information about an organization, or its computer systems. Example: Someone claiming to be with a company you are familiar with asking questions to piece together information to infiltrate the network.
  • A Phishing Attack uses non-personal interaction, like email or websites, to solicit personal information by posing as a trustworthy or familiar entity. Example: An email requesting account information, often suggesting there is a problem.
  • A Vishing Attack leverages voice communication and can be combined with other forms of social engineering enticing a victim to divulge sensitive information. Example: A phone call saying the IRS is looking for you and if you don't call back, a warrant for your arrest will be issued.
  • A Smishing Attack exploits text messages containing links that when clicked may automatically open a browser window, email message, or dial a number. Example: A text message that says, "You've been selected to win a Caribbean Cruise! Visit this link to claim your prize!"

Avoid Being a Victim

  • Trust your gut when receiving an email, phone call, or text message you aren't expecting. Be suspicious if they are asking about sensitive information.
  • Do not provide personal or financial information unless you are certain of a person's authority to have it. Never reveal in an email or respond to email solicitations for this information.
  • Secured sites can be recognized by starting with "https://". Check for a Privacy Policy on the site; if there isn't one, that's a red flag.
  • Pay attention to the URL of a website. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain.
  • If you are unsure whether an email request is legitimate, verify it by contacting the company directly. Do not use contact information provided on a website connected to the request.

What to Do if You Are a Victim

  • Report it to the appropriate people.
  • Immediately change passwords and do not use compromised passwords in the future.
  • Contact your financial institution and close any accounts that may be compromised and watch for unexplainable charges.
  • Watch for other signs of identity theft such as calls about accounts you didn't open, unexpected denials on your credit card, or weird accounts on your credit statement. Missing bills you usually receive can also be a red flag.