As a professor of technology and cybersecurity at the University of Southern Maine, I am often asked what someone should do to protect themselves given that cybersecurity attacks have accompanied the Russian invasion of Ukraine. Here are some suggestions for people and organizations to help be more vigilant and strengthen their cybersecurity posture.

1. Protect your accounts by changing passwords, not using the same password, using strong passwords, and enabling two-factor (2FA) authentication. A good password manager can help you do this task!

2. If you have accounts that offer biometrics, security passwords, code words, phrases, or security questions are as an option, please use them.

3. Refrain from sharing information and authenticating by short message services (SMS), commonly referred to as texts, and use authenticator apps or security hardware like a Yubikey.

4. Start using encrypted texting services like Signal.

5. Don’t click on links in text messages from unknown sources.

Advertisement

6. Don’t answer calls from numbers that you do not recognize. If it is essential, they will leave a message.

7. Take time to review bank and credit card statements for fraudulent activity periodically.

8. Take time to freeze your credit and still review your credit report from each bureau annually for accounts that you did not open.

9. Talk to the older adults in your life who may not understand tech and tell them that scams abound and there are people out there that will do anything to take advantage of them. The current Ukrainian War Theme schemes include:

• “Help, help, I’m stuck here” where the scammer pretends to be a friend or a close contact who needs money to get out

•  Fake “GoFundMe” and other relief efforts. If you are donating money through an organization like the American Red Cross, for example, be sure you’re on the actual Red Cross site and not a cleverly-disguised counterfeit “pfishing” site. It’s easy to copy the look of a website and steal official logos. The real tipoff is the URL. Don’t rely on a link you received from someone or clicked on social media; navigate the official website yourself.

Advertisement

• Disinformation and fake news. Keep your guard up as you encounter Russian President Vladimir Putin videos and other political figures on social media or YouTube. Think about the video. Is it designed to make you angry or act in some way? If so, it very well may be a disinformation campaign.

• Money needs to be transferred out of Ukraine. Scammers pose as someone who needs to move  money to leave the country – but they can’t do it without your help. Of course, you’ll need to pay transfer fees. If you receive such a message, report it as spam and delete it.

• Funeral scams – look out for pleas to bury people killed in the war.

• “Americans helping defend Ukraine’s freedom” scam. Fraudsters play on your emotions and appeal to your sense of patriotism. So think twice if you are asked to send money to those efforts!

• Romance scams. Be on the watch for anyone who tells you they need to leave Ukraine or Russia immediately because of the war, and they want to build a new life with you.

— Special to the Press Herald