Day 10 - May 10 - Stop! Think. Click.
- Elizabeth Rasnick
- May 10, 2023
- 2 min read
Most of us grew up learning stop, drop, and roll as the mantra for what to do if we found ourselves on fire. It means to stop moving, drop to the ground, and roll until the flames are out. It’s amazing how that simple phrase embedded itself in our brains almost instantly. We don’t have to think about it. We know what to do. This very same approach is what is needed to address cyber threats. As it turns out, lots of different people came up with a slight twist to this mantra to apply it to cybersecurity: Stop, think, click.
There are various versions of the Stop. Click. Think. campaign under use by multiple agencies and organizations. They follow the same core elements. The first is to stop typing, clicking, or otherwise interacting with the website or email. The reason to cease activity is to give yourself time to consider what is in front of you before you do anything.
The second is to think about what is being presented to you. If you are in a hurry and don't take time to evaluate what you are clicking on, you may miss indications that the link, video, what-have-you, is not legitimate. For example, my boyfriend, just this week, received a text message claiming to be from Navy Federal Credit Union. After years of painstaking training, he was quick enough to key in on the name. It read as “NavyFCU-Center”. Not NFCU. Not Navy Federal Credit Union. It may seem like a subtle clue, but it was enough to make him look twice. When he did, he realized the link in the body of the text was a total mismatch. The text message urged him to update his data or “We have to limit access for you.” The link text was for an entirely different company. (I’m not putting it here as a safety precaution.) The number the text came from is not listed as a number for any Navy Federal office.
The third is to click only once you know what you are clicking on is legitimate. One method for gaining this confidence is to not click on the link provided. Instead, in a new browser window, go to the site using your bookmarks or go directly to the organization’s website. Look on the organization’s site for whatever resource the link is purported to represent. Does that address match the link you were given? If not, you just saved yourself some heartache.
For more information go to these sites:
Comments