Since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) lead a collaborative effort between government and industry to raise cybersecurity awareness nationally and internationally.
October is National Cyber Security Awareness Month (NCSAM). This designation has been observed in the United States since 2004, when the Department of Homeland Security and the National Cybersecurity Alliance (NCA) established it to bring awareness of cybercrime and the need for Americans to operate safely online, whether at work, home or school. In collaboration with the Cybersecurity and Infrastructure Security Agency (CISA), NCA strives to improve the digital habits of Americans to mitigate increasing cases of identity theft, fraud and extortion.
While most companies have security measures in place to protect sensitive digital information, it is imperative that employees do their part to keep it secure. National Cyber Security Awareness Month is a great time to refresh everyone on good cyber hygiene.
This year’s campaign theme — “See Yourself in Cyber” — demonstrates that while cybersecurity may seem like a complex subject, ultimately, it’s really all about people . This October will focus on the “people” part of cybersecurity, providing information and resources to help educate CISA partners and the public, and ensure all individuals and organizations make smart decisions whether on the job, at home or at school – now and in the future. We encourage each of you to engage in this year’s efforts by creating your own cyber awareness campaigns and sharing this messaging with your peers.
- For individuals and families, we encourage you to See Yourself taking action to stay safe online. That means enabling basic cyber hygiene practices: update your software, think before you click, have good strong passwords or a password keeper, and enable multi-factor authentication (meaning you need “More Than A Password!”) on all your sensitive accounts.
- For those considering joining the cyber community, we encourage you to See Yourself joining the cyber workforce. We’ll be talking with leaders from across the country about how we can build a cybersecurity workforce that is bigger, more diverse and dedicated to solving the problems that will help keep the American people safe.
- For our partners in industry, we encourage you to See Yourself as part of the solution. That means putting operational collaboration into practice, working together to share information in real-time, and reducing risk and build resilience from the start to protect America’s critical infrastructure and the systems that Americans rely on every day.
4 Things You Can Do
Throughout October, CISA and NCA will highlight key action steps that everyone should take:
- Think Before You Click: Recognize and Report Phishing: If a link looks a little off, think before you click. It could be an attempt to get sensitive information or install malware.
- Update Your Software: Don’t delay — If you see a software update notification, act promptly. Better yet, turn on automatic updates.
- Use Strong Passwords: Use passwords that are long, unique, and randomly generated. Use password managers to generate and remember different, complex passwords for each of your accounts. A passwords manager will encrypt passwords securing them for you!
- Enable Multi-Factor Authentication: You need more than a password to protect your online accounts, and enabling MFA makes you significantly less likely to get hacked.
Cybersecurity Career Awareness Week is a week-long campaign in the middle of Cybersecurity Awareness Month focused on raising awareness around cybersecurity job opportunities and how building a cyber workforce enhances our nation’s security. Hosted by National Institute of Standards and Technology (NIST), this week runs from October 17-22 this year.
CISA focuses on building a cyber aware public and introducing them to cyber careers from an early age. We do this through a variety of training programs for educators, the federal cyber workforce and critical infrastructure operators, as well as non-traditional training opportunities to help bring skilled professionals into the workforce quicker than traditional pathways. With these resources, CISA strives to reach those who may not have access to training in underserved communities.
CISA’s supporting resources for Cybersecurity Career Awareness Week:
- Cyber Career Pathways Tool
- Cybersecurity Workforce Training Guide
- Critical Infrastructure Operators Training
- General Public Cyber Trainings
- Cyber Career Cards
- Cyber Challenges and Games
- Cyber Safety Videos
The CISA team encourages you to celebrate Cybersecurity Awareness Month throughout October. This toolkit is designed to help you provide your organization with the tools and resources to learn the basics of cybersecurity. It contains information about the national campaign in October as well as resources for getting the word out. You are encouraged to use any resource in this toolkit.
In the world of title insurance and real estate settlements, one of the biggest threats to our customers and business is wire fraud. We are regularly educating our employees, title agents, real estate agents and consumers to stay alert.
Wire fraud involves schemes to intercept wired funds that are being transferred during real estate transactions. According to the Federal Bureau of Investigation (FBI), wire fraud resulting from Business Email Compromise (BEC) and Email Account Compromise (EAC) cost businesses and consumers $2.4 billion in 2021 alone.
Tips for Preventing Wire Fraud
- Secure your devices and accounts. Securing your computer, phone and mobile devices, and practicing good email and password hygiene can make you less vulnerable to any cybercrime. Click here for best practices.
- Be vigilant. All parties to a real estate transaction are potential targets. However, cybercriminals tend to prey on older buyers who they believe may have limited knowledge of cybersecurity or wire transfer protocols.
- Consider using cashier’s checks instead of wiring funds. Your title company can verify checks with the bank prior to funding, which satisfies Good Funds requirements and eliminates your risk of wire fraud.
- Learn your title company’s process for wiring funds. Many companies have policies against emailing wiring instructions. Ask your closing agent for a list of approved contacts and wiring instructions at the beginning of your transaction. Keep them handy to use as a reference.
- Slow down. Fraudsters work hard to lull buyers into a false sense of security so they don’t take the time to scrutinize requests. Always check the sender’s email address for irregularities. When responding to an email, use “forward” instead of “reply.” Typing in a trusted email address lowers your chance of accidentally replying to a cybercriminal who sent you a spoofed email.
- Be suspicious of any changes to wiring instructions, especially on Fridays or before holidays. Changes to wiring instructions are rare and should only come from your closing agent. Since it can take up to 72 hours to wire money, fraudsters often request wire changes on a Friday or just before a holiday, so the funds are gone by the time anyone notices. There may be little your financial institution can do to recover funds once they are wired into a new account.
If you receive a request to change wiring instructions:
- STOP!: Never reply to an email or text with wiring instructions. If you receive a phone call with wiring instructions, tell the caller you’re going to hang up to verify the information.
- CALL: Call a trusted phone number you have used before to contact the buyer, seller, agent, lender or escrow officer, or use a number written in the contract. NEVER use a number listed in an email or text; there could be a fraudster on the other end ready to trick you into wiring funds to their account.
- VERIFY: After calling a trusted number, ask to speak with the person who allegedly called or sent the email or text. Always verify any change of plans with a trusted party before acting on them.
By keeping this wire fraud plan in mind, you can do your part to stop funds from winding up in the hands of a cybercriminal.
For more information and resources to promote cyber security for your organization, click here to sign up for CISA’s Cybersecurity Awareness Program. If you have questions about wire instructions or wire fraud, reach out to us at 330-477-9365.