Several photos in a college of a woman

Cybersecurity Emotions

At CISA, our commitment to cybersecurity isn't just about technology; it's about the human experience.

In our increasingly digital world, it's essential to protect data and defend ourselves against malicious cyber actors. To prevent being hacked or falling for a phishing scheme, everyone, from individuals to industry, must take actions to Secure Our World.

Every day, online predators are looking for their next target – don’t let it be you!

Think you’re not a target? That’s what cyber criminals are counting on.  Your identity, your financial data, and the contents of your email are valuable to a malicious hacker. To reduce the chances of falling for cyber scams, learn the basics of “cyber hygiene” - easy and common-sense ways to protect yourself online.

Software Update Available? Do it now!

Update your software. In fact, turn on automatic software updates if they're available.

Bad actors will exploit flaws in the system. Network defenders are working hard to fix them as soon as they can, but their work relies on all of us updating our software with their latest fixes.  Update the operating system on your mobile phones, tablets, and laptops. And update your applications – especially the web browsers – on all your devices too.   Leverage automatic updates for all devices, applications, and operating systems.  

Use Strong Passwords

Watch the Use strong passwords video

 

Did you know the most common password is “password”? Followed by “123456”? Using your child’s name with their birthday isn’t much better.   

Picking a password that is easy is like locking your door but hanging the key on the doorknob. Anyone can get in.   

Here are some tips for creating a stronger password. Make sure it’s: 

  • long – at least 16 characters,  
  • unique – never used anywhere else, 
  • and randomly generated – usually by a computer or password manager. They’re better than humans at being random. 

Make sure you’re not recycling the same password across all your apps and websites. You can use a password manager to store all of your passwords. That way you don’t have to remember them all! If you go this route, make sure your master password is strong and memorable, and secure your password manager account with MFA! 

Read more
Think Before You Click

Watch the Think Before You Click video

 

Have you ever seen a link that looks a little off? It looks like something you’ve seen before, but it says you need to change or enter a password. Or maybe it asks you to verify personal information. It could be a text message or even a phone call. They may pretend to be your email service, your boss, your bank, a friend….The message may claim it needs your information because you’ve been a victim of cybercrime.    

It’s likely a phishing scheme:  a link or webpage that looks like a legitimate, but it’s a trick designed by bad actors to have you reveal your passwords, social security number, credit card numbers, or other sensitive information. Once they have that information, they can use it on legitimate sites. And they may try to get you to run malicious software, also known as malware. Sadly, we are more likely to fall for phishing than we think.    

If it’s a link you don’t recognize, trust your instincts and think before you click. We all need to Fight the Phish!   

Read more
Multifactor Authentication

Watch the Enable MFA video.

 

These characters come together to create a vibrant narrative that makes the exploration of cybersecurity practices not only informative but also entertaining.

Let's start with turning on Multifactor Authentication! It goes by many other names including:

  • Two Step Authentication
  • 2-Step Verification
  • Two Factor Authentication
  • 2FA

But they all mean the same thing: opting into an extra step. Step one is your password. Step two is when trusted websites and applications ask you to confirm you’re really who you say you are.

Your bank, your social media network, your school, your workplace, etc... they want to make sure you’re the one accessing your information. So, industry is taking a step to double check your identity, instead of simply asking you for a password, which can be reused, more easily cracked, or stolen.

They can verify it’s you by asking for two forms of information:

  • Something You Know, like a PIN number or a challenge question and answer.
  • Something You Have, like an authentication application or a confirmation text on your phone.
  • Something You Are, like a fingerprint or face ID.

That second step is a lot harder for a hacker to fake. So, prove it’s you with two… two steps, that is.

Now that you know what it is, you’ll see prompts for multifactor authentication all over. So opt-in!

Start with your email account, then financial services, then social media accounts, then online stores, and don’t forget your gaming and streaming entertainment services.

Our world is increasingly interconnected, so while we must protect ourselves, it’s going to take all of us to really protect the systems we rely on.

Check back often as we add videos showing Eda navigating a path to being cybersecure!

Read more

Don't Fear Cyber Safety!

To make cybersecurity engaging and relatable, we present the characters behind the Cybersecurity Emotions series. These lively characters bring a dynamic element to our exploration of essential online safety practices.

Meet the characters:

A photo of a woman looking at her phone

Eda, the Every Day American as the Main Character

Eda represents the average American tech user, navigating the digital landscape without a full grasp of cybersecurity tools and tips. Watch Eda's journey and discover simple ways to keep your online presence secure.

A happy woman holding a complex password

Happy

Overly excited about the digital world, Happy often dives into risky cyber behavior. Happy plays a pivotal role in encouraging other emotions to adopt good cyber hygiene practices.

A fearful woman running away from a threat

Fear

Aware of the scary aspects of the digital realm, Fear recognizes the lurking threats and helps highlight strategies that could enhance online safety.

Unmotivated person

Unmotivated

Sadly, lacking the energy for online protection, Unmotivated enjoys dissuading others from cybersecurity measures. This laid-back attitude contrasts with the urgency of online security.

Logical person

Logic

With a solid grasp of cybersecurity hygiene, Logic knows the essential steps for online safety. However, the challenge lies in convincing other emotions to follow suit.

Irritated woman

Irritation

Too cool for "cyber school," Irritation isn't interested in what others have to say. Irritation cuts to the heart of the issue and encourages the actions to stay safe online.

Related Resources