SNOHOMISH COUNTY SHERIFF’S OFFICE- Holiday Shopping Safety Tips

Christmas is coming and you will be out to find the perfect gifts for your loved ones. Here are some simple tips to follow while you do your holiday shopping.

In the Car

·         Don’t leave high-value items or shopping bags in plain sight. Even a few seconds is enough for a smash-and-grab.

·         Store bags in the trunk before you arrive at your next destination, not after you park.

·         Keep vehicles locked and windows fully closed, even if you’re stepping away for a moment.

·         Park in well-lit, high-traffic areas whenever possible.

·         Be aware of your surroundings. If something feels off, move to another spot or notify security.

Prevent Package & Porch Theft

·         With holiday shipping in full swing, porch pirates are more active too. A few preventative measures can help:

·         Track packages and set delivery alerts so you know when they arrive.

·         Bring deliveries inside as soon as possible.

·         Use secure delivery options like:

o   Lockers / pickup locations

o   Deliver to work (if allowed)

·         Ask a trusted neighbor to grab it

·         Install a doorbell or security camera, even visible cameras can deter thieves.

·         Avoid leaving boxes visible outdoors. Break them down and conceal high-value packaging.

 

 

 

Snohomish County Sheriff’s Office:

https://www.snohomishcountywa.gov/ArchiveCenter/ViewFile/Item/7325

 

https://www.snohomishcountywa.gov/ArchiveCenter/ViewFile/Item/7325

 

 

SNOHOMISH COUNTY SHERIFF’S OFFICE- Holiday Crime Prevention Tips

This holiday issue of the Sheriff’s Office’s crime prevention newsletter, “Partners in Crime Prevention, covers ways you can protect yourself from a charity scam and gives other tips to prevent crime during the holiday season.

 

 

Snohomish County Sheriff’s Office:

https://www.snohomishcountywa.gov/ArchiveCenter/ViewFile/Item/7325

 

CYBERSECURITY- You Need More Than a Strong Password to Protect Your Accounts

Some people may think that all they need is a “strong password” to protect their online accounts. However, while a strong password is important, it is not the only technique that you should use in your toolkit. There are several ways cybercriminals can use to gain access to your online accounts besides cracking your password. There are no single magic techniques to protecting your personal information.

Modern security thinking works in layers. It uses several tools and techniques to protect your house, your business, or you as a person. For example, if you want to protect your home and its contents from a burglar you will lock your front door. But locking just your front door does not guarantee that a burglar cannot break into your house. A burglar could go to the side or back of your house to find a way in. You also need to lock any side doors or back doors. Plus, you need to close and lock any windows. Even by locking all of your doors and windows there is a chance that a burglar can find a way in, so you might put valuables like jewelry and sensitive papers in a safe or locked file cabinet. You also might put away small electronics like your laptop and cell phone. Finally, you might sign up for a security system with cameras to alert police of an intrusion. That way police can possibly catch the burglar in the act or more likely, you can hand over video of the burglar on your property that police can use in their investigation. All of these steps are examples of layered security.

To protect your personal information and your online accounts you also need to think in layers. There are several ways cybercriminals can acquire your passwords and therefore gain access to your online accounts. Relying only on strong passwords is not a magic bullet.

Don’t get me wrong. Long, strong passwords are important to protecting your online accounts. An eight-character password made up of numbers, upper- and lower-case letters and symbols takes about 5 minutes to crack with current computer technology. A 16-character password made up of numbers, upper- and lower-case letters and symbols, the current recommended standard, takes about 5 billion years to crack. Pretty impressive protection. But there are other ways for a cybercriminal to acquire your password. Two ways include buying a list of id’s and passwords that have been acquired in a data breach. A cybercriminal could also send you a phishing email. or text message with a link that either sends you to a fake website that looks like the login page of your account or inserts malware to collect your password.

So, if cybercriminals can steal your password what can you do? You can add a layer by using multifactor authentication (MFA) in addition to a password for all of your accounts. With MFA you verify who you are through email, text, or an authenticator app on your smartphone. You may use a temporary code (something you have) or your fingerprint/face (something you are). If a cybercriminal tries to log into your account, they will not receive the MFA message since it is sent to your email or to your smartphone via text message or the authenticator app. When you receive the message, if you are not logging into your account, then all you have to do is to deny access.

Another technique is to use a unique password for each of your accounts. Using the same password, even if it is strong, across several accounts has turned into a dangerous practice. If a bad guy acquires your password for one account, they will try other accounts that belong to you on the chance that you use the same password to access those accounts.

You should also use antivirus software to protect yourself from malware that could steal your personal information, including your passwords. Be sure that you set it to update regularly and be sure your operation system and your software update regularly.

Finally, use a password manager to store your passwords. We all accumulate many accounts, sometimes in the hundreds. It’s impossible to remember all of those complex passwords. Password managers are encrypted so your passwords are protected from unauthorized eyes. That is even more protection than keeping your passwords in a notebook in a drawer of your desk.
They can also generate new, strong passwords for you when you are opening new accounts or changing passwords due to a data breach, or you suspect someone has stolen your password.

When you are protecting your online accounts, think in layers, long, strong passwords, multifactor authentication, unique passwords for each of your accounts, and keep your software and your antivirus software up to date.

 

 

 

 

Ask Leo:

https://askleo.com/?awt_a=7qbL&awt_l=Ffceh&awt_m=I_EvPxBXwJdfbL&p=34891?utm_source=newsletter&utm_campaign=20251104&utm_medium=email

https://askleo.com/?awt_a=7qbL&awt_l=Ffceh&awt_m=I_EvPxBXwJdfbL&p=34891?utm_source=newsletter&utm_campaign=20251104&utm_medium=email

https://askleo.com/will-ai-crack-your-passwords/?awt_a=7qbL&awt_l=Ffceh&awt_m=JeELTvJp9ZdfbL&utm_source=newsletter&utm_campaign=20230509&utm_medium=email

https://askleo.com/another-reason-not-to-reuse-passwords/

 

Compass IT Compliance:

https://www.compassitc.com/blog/what-will-quantum-computing-mean-for-passwords-and-encryption

 

Norton:

https://us.norton.com/blog/emerging-threats/password-attack

 

CYBERSECURITY- It Does Matter if Your Account Gets Hacked

More and more people are recognizing that staying secure is important while they are online. However, according to the National Cybersecurity Association there are people who feel that it doesn’t matter if their device or account gets hacked. They may think that their information is not important or that their online data is not critical. However, scammers and cybercriminals can use the most innocent of information to steal from you or others.

Your Facebook account might appear to be innocent, but it can be used against you. While you might only keep up with your family and friends on Facebook, if you overshare the details of your life (such as mentioning when you are taking vacation) someone lurking in the background can use that information to break into your home while you are gone. Your social media passwords are very important because if someone gains access to your account through your password, they can impersonate you a try to scam your friends. Scammers have also been known to take over social media accounts, changing the passwords so that the owners no longer have control of the accounts, using them for their scams or other criminal purposes. So, long secure passwords, 16 or more characters, using a mix of upper- and lower-case letters, numbers and special characters, secured in a password manager is an important step to take.

Other online accounts that are important to protect include financial accounts such as your bank accounts, your credit card accounts, and retirement accounts. Protecting your account credentials such as your password and account numbers can save you a ton of grief. If a scammer only has your account number they can use it on applications, forms, and fake documents to make a fraudulent claim look more legitimate. But if the scammer has your account number and the routing number (found on checks issued by the bank) or the name of the bank or online password they can do much more,

·         Set up payments for goods or services appearing to come from your account.

·         Attempt transfers out of your account through ACH debits or other bank transfer methods.

·         Create counterfeit checks that appear to draw from your account.

·         Use the account for laundering activity, depositing funds and moving them out again to obscure the trail.

·         Make online purchases where limited verification is required.

·         Apply for additional accounts or services using your account as proof of legitimacy, for example, opening a secondary account to stash stolen funds before moving them into cryptocurrency or offshore.

·         Pretend to be from your bank and contact you to collect more personal information. That follow-up scam can be used to harvest even more personally identifiable information (PII) or access details for other bank accounts.

Protecting the usernames, passwords, and account numbers of all of your online accounts is important to protecting your security and privacy no matter how trivial the account may seem. Also, protect any documents that have bank account, credit card account numbers or numbers such as your Social Security number, Medicare number by keeping them in a secure location and destroying bank/credit card statements, or other documents with those account numbers when you are finished with them.

 

Remember,

·         Use long, complex passwords stored in a secure password manager.

·         Use unique passwords for each of your accounts. DO NOT use the same password for multiple accounts!

·         Use multifactor authentication (MFA) for all of your online accounts.

 

 

 

 

 

National Cybercrime Alliance:

https://www.staysafeonline.org/articles/6-cybersecurity-myths-debunked

 

Identity Theft Resource Center:

https://www.idtheftcenter.org/post/what-can-a-scammer-do-with-your-banking-information/

 

Social Security Administration:

https://www.ssa.gov/pubs/EN-05-10064.pdf

 

 

CHARITY SCAMS- Giving Without Getting Scammed

With the disruption of SNAP (Supplemental Nutrition Assistance Program) due to the federal government shutdown, more and more people are considering donating to local food banks to help them handle the increase in business. The key is to donate to organizations you know and trust.

Many people donate food to their local food banks. Local churches, sometimes schools, and independent volunteer organizations have organized to give out food to those in need. Here is a list of local food banks collected by The Seattle Times- https://www.seattletimes.com/seattle-news/where-to-get-food-in-king-snohomish-pierce-counties-as-snap-lapses/.

You may want to make a monetary donation. You need to take care to donate to organizations that will truly give food to those in need and not pocket the money for their own ends. If you do not know of a local food bank that you know and trust, do a little research to find a food bank or charity that has a good reputation. One place to look is the Washington Secretary of State (SOS). SOS maintains a list of charities registered with it that you can search at: https://www.sos.wa.gov/corporations-charities/nonprofits-charities/charities/information-donors.

You can also look for reputable charities at,

·         Better Business Bureau, Give.org- https://give.org/

·         Charity Navigator- https://www.charitynavigator.org/

·         Charity Watch- https://www.charitywatch.org/

·         Candid- https://candid.org/

 

If you hear about a charity that you think you might want to donate to you can also do a web search with the charity’s name and the words “complaint,” “review,” “rating,” or “scam.”

Scammers may pretend to be a charity to collect/take your money and/or collect your personal information. Be wary of unsolicited phone calls or text messages asking for a donation. Two red flags to watch for include,

·         Pressure to give immediately. A legitimate charity will welcome your donation whenever you choose to make it.

·         A request for payment by cash, gift card or wire transfer. These are scammers’ favored payment methods because the money is easy to access and difficult to trace.

If you see an ad, receive a phone call, email, or text message soliciting donations resist the urge to give right away. Take a breath and do a little research before giving.

 

AARP:

https://www.aarp.org/money/scams-fraud/charity/

 

Federal Trade Commission:

https://consumer.ftc.gov/consumer-alerts/2024/11/give-charity-not-scam

 

National Cybersecurity Alliance:

https://www.staysafeonline.org/articles/how-to-avoid-charity-scams

CYBERSECURITY- Keeping It Simple

More and more people are aware of the need to use good cybersecurity practices. However, the National Cybersecurity Alliance (NCA) has found that,

·         46% of people say trying to stay secure online is frustrating.

·         44% say security is intimidating.

·         40% say information on how to be secure is confusing.

While cybercrime and cybersecurity can be highly technical and complex, a few basic practices can keep us secure. The NCA has developed four basic practices, they call the “Core Four,” that include using long, strong passwords and a password manager, turning on Multifactor Authentication (MFA also known as 2FA), keeping your software updated, and recognizing and reporting scams and phishing techniques.

Strong Passwords. While there is talk among cybersecurity professionals of migrating security away from passwords, we still need passwords when we open most online accounts. As computing power has improved over the years cybercriminals have improved their ability to crack passwords quickly to take over other people’s accounts. The current guidance for passwords is that they should be

·         Long, at least 16 characters or more.

·         Complex, including upper and lower case, numbers, and special characters.

·         Unique, use a different password for each of your accounts.

You might have many accounts with passwords and keeping track of them is hard since memorizing each one is impossible. The best way to keep track is to use a password manager (or vault) to securely store all of your strong passwords. Password managers are encrypted to protect your passwords from view of strangers. They also can generate strong passwords for you and often have the capability to fill in your passwords for you when you go into your accounts.

One final thing on passwords. Change the password to any account that has been breached or that you suspect may have been breached.

Multifactor Authentication. When you use a password to enter your account, you are using something that you know to enter your account. By using a second factor, the holders of your account can be assured that you are you, not someone who has stolen your password. Second factors can be something you have, like your cell phone, or they can be something you are, like your fingerprint or your face.

Using MFA improves the security of your accounts. While strong passwords can help to protect your accounts from strangers entering them, they do have some weaknesses. Scammers can acquire your passwords through phishing emails or text messages and cybercriminals can acquire your passwords through data breaches or they can purchase them from other cybercriminals. Using MFA provides a second security layer making it more difficult for a cybercriminal to enter your accounts.

MFA can be used through a text message, a phone call, or email. The most secure method to use MFA is with an authenticator app such as Microsoft Authenticator or Google Authenticator. Authenticator apps communicate with the service holding your account via a secure means precludes a cybercriminal from intercepting the codes that you exchange with the holder of your accounts.

Wherever you can, sign up for MFA to protect your online accounts.

Watch Out for Phishing. Scammers will use a phishing technique to harvest personal information that they can use to impersonate you, including your passwords. Phishing attempts can come through email, text messages (smishing), phone calls, (vishing), or QR code (quishing).  Typically, you will receive an email or text with an urgent message that claims it needs your immediate attention. It will lead you to a link to go to a website where the scammer will harvest your personal information or download malware that can harvest the information on your device.

When you receive an email or text, inspect the email of the sender to make sure it is authentic and that any URL’s are authentic before you click on them. Another thing to do is not to click on the link and use an URL for the organization that you have looked up outside of the email or text. Be suspicious of any emails or texts that are designed to get you emotional and urge you to act quickly. Also, be wary or emails or texts that appear to be from someone you know. Instead of replying to the email/text, call or email them separately.

Update your Software. Updating your software on your devices (PC, smartphone, tablet computer, modem, router, etc.) is important to help fix bugs in your software and to patch security weaknesses in your software. Software designers often update the software that you use to fix bugs that they find after the software has been released to users. They also release “improvements” to their software to make it run more efficiently or easier to use by its users (this can be a contentious issue whether an improvement really improves the operation). Finally, and very importantly, software developers send out security patches to close security weaknesses that they have found in the software code. They may find the weakness on their own, or it may be pointed out to them by other software engineers, or they may find out that cybercriminals have been using a backdoor that they have found and are exploiting for their own purposes.

Updating your devices can be very easy. Go into settings and select the choice to receive updates automatically. While you can check manually for updates, or you can be notified when an update is available, automatically updating is the easiest and best action to take for most of us.

A word of warning. Scammers take advantage of our understanding that we should update our devices. They can use update notifications to fool you into clicking a link. A full screen window telling you to update is a scam.

 

 

National Cybersecurity Alliance:

https://www.staysafeonline.org/events/core-4-webinars

 

HALLOWEEN- Some Safety Tips

The Snohomish County Sheriff’s Office has released its quarterly newsletter from Sheriff Johnson, “A Message from the Sheriff.” It includes some Halloween Safety Tips that make this Halloween safe and fun.

When out trick or treating,

·         Check offender registries. Before heading out, check the Washington association of Sheriff’s & Police Chiefs (WASPC) sex offender registry at  https://sheriffalerts.com/cap_office_disclaimer.php?office=54528&utm_medium=email&utm_source=govdelivery for registered sex offenders along your route.

·         Use costume safety. Make sure costumes fit properly to prevent trips and falls.

·         Make your kids visible. Equip your children with glowsticks, flashlights, or reflective tape to make sure drivers can see them.

·         Supervise your children. An adult should accompany children under 12. Older kids should go in groups and stay together.

·         Maintain pedestrian safety. Walk on sidewalks where available. If there are none, walk facing traffic as far left as possible. Avoid crossing between parked cars or darting into the street.

·         Stay vigilant. Avoid houses that have not turned on their porch lights. Stick to well-lit streets and use crosswalks.

·         Follow peak Trick-or-Treat hours- 5pm to 9pm.

·         Inspect the treats. Before letting your children eat their treats, check all candy for tampering and discard any unwrapped or suspicious items.

For drivers,

·         Plan ahead. Make transportation plans before heading out to Halloween events.

·         Drive slowly. Be extra cautious in residential areas. Children are three times more likely to be injured by a car on Halloween than on a typical day.

·         Stay alert. Watch for children in dark costumes and keep your headlights on to increase visibility.

·         Avoid distractions. Put away your phone, don’t be distracted by passenger conversations. Focus on the road!

·         Don’t drive impaired. If you plan to drink or use marijuana, DON’T DRIVE! Arrange for a designated driver, rideshare, or taxi.

·         Be aware. Law enforcement will be increasing DUI patrols on Halloween night. Make smart choices to keep everyone safe.

 

 

If you would like to receive the “A Message from the Sheriff” newsletter in your email inbox you can subscribe through the county’s subscriber webpage at https://public.govdelivery.com/accounts/WASNOHOMISHCO/subscriber/new?preferences=true#tab1. Enter your email and click submit. On the next page, select "Sheriff Newsletter" under "Sheriff." Then click "Submit" at the bottom of the page.

 

 

 

National Highway Traffic Safety Administration:

https://www.nhtsa.gov/halloween-safety-tips

 

National Safety Council:

https://www.nsc.org/community-safety/safety-topics/seasonal-safety/autumn-safety/halloween