Staying Safe On-Line

Featured

SHARE

 

 

 

 

 

 

 

 

Considering the recent cyber-attack on the HSE it is important to note that cybercrime is a risk for all of us to be aware of, both in our roles in the GAA and in our personal lives.  Here are some simple pointers to help keep you, and your club, safe on-line.

Password Best Practices ·        Use passwords or phrases that are easy to remember but hard to guess. ·        The best defense is to make it as long as possible, at least 12 characters. ·        Use a mix of lower- and upper-case letters, numbers and symbols. ·        If possible, use a leading password manager to generate long random passwords. ·        Never share passwords with others. ·        Never write down your passwords ·        Use different passwords for each of your accounts. If one system is hacked they won’t be able to access other systems. ·        Don’t base it on personal information or easily guessable information about you i.e. your club or county. ·        Don’t reuse old passwords or just change the number. ·        Be careful when entering passwords in public spaces ·        Use 2 factor authentication where possible.

Passphrases Passphrases are ‘stronger’ than passwords as they can be longer but easy to remember. Here are two methods to use to create a passphrase:   You can take the first two letters of every word in a song lyric (avoid popular lyrics):   “The winter it has passed and the summer’s come at last” becomes:   thwiithapaanthsucoatla (4 billion years to hack!)   Alternatively take four or more random words (avoid very common short words). A bit of Gaeilge can help here too!   FencesSliotarBinsBattery (76 billion years to hack)   Password Examples Password Time to hack Password1 0 seconds Gaelic123 4 seconds Jack0519 53 seconds Mayo4Sam! 18 minutes K1ldar3! 5 hours D0wnW1thTh4t50rt0fTh!n9! 1,000 years %F4th3r_T3dCr1lly 1,300 years SteakComplexVarnishSlate 3,000 years riverB4rr0wleinster 5,400 years FoireannRobotTinsPhone 2 billion years

How to Spot Suspicious Emails

[External] in email subject If you have a GAA email address, all emails from outside of the GAA have [External] added to the email subject. Be extra vigilant of any emails with this in the subject. Email domain does not match the display name. Hover over the email address to see their email address. Unexpected attachment Never open unexpected attachments. Especially if they are HTML or EXE files. Unfamiliar greetings or signatures If it is from someone you know but they use “Dear sir or madam” or they use your email address display name “Dear Secretary St Patricks Kerry”. The signature may be incorrect also such as using the wrong name “Regards, Pete” or using “Gaa” instead of “GAA”

Payment Requests

If you make payments on behalf of your club it is critical that you check that everything is correct before you transfer any money to anyone

• Validate one-off or unusual on-line payments by phoning the company in question first (Use details that you previously had, not those in the email).
• Never make a transfer to a different Bank Account than normal without checking.
• Verify that emails requesting payments actually came from the real person (email addresses can easily be copied).
• Be especially careful if being asked to do anything ‘urgently’.

If you Suspect you Have Been Compromised

If you suspect that your password has been compromised or opened a suspicious link/attachment please follow these steps:

• Reset your password in line with the guidance above. If you use the same or a similar username and password combination on other systems reset it there too.
• Ensure your device operating system (e.g., Windows) is fully updated.
• Ensure your antivirus is fully updated and run a virus scan.
• Be vigilant for any related attacks. Inform colleagues to be vigilant too.
• If you have a GAA account, contact support@gaa.ie.