Cybersecurity Awareness Month

October is Cybersecurity Awareness Month. Knowledge around protecting ourselves online has come a long way, but cyber criminals have become more savvy, as well. It is important that we all do our best to stay up to date with ways we can continue to protect ourselves and our personal information online.

Test your knowledge of cybersecurity with some quick and fun interactive quizzes from the Federal Trade Commission (FTC).

Online Safety Basics

Learning the basics of online safety can go a long way in protecting your information. The National Cybersecurity Alliance has put together a top 10 tips list to stay safe online. The highlights are:

Use a Multi-Factor Authentication (MFA)

Get an extra layer of defense against hackers when you log in with MFA. It's like a text with a secret code that self-destructs after one use.

Use a strong password or better yet, a passphrase

Don't use the same password everywhere! Mix it up with letters, numbers, and symbols. The longer, the better, and passphrases can help. Here’s an example of a passphrase: I first went to Disneyland when I was 4 years old and it made me happy: I1stw2DLwIw4yrs&immH

Keep your software up-to-date

It reduces the risk of infection from software installed by hackers that can steal your information or spread viruses in your computer.

Use secure Wi-Fi

Public networks and hotspots are unsecured. Someone could see what you’re doing online. Limit what you do on public Wi-Fi and especially avoid logging in to key accounts like email and bank accounts.

Beware of phishing emails

Phishing is when cyber criminals try to steal information, like passwords, by pretending to be someone they’re not. They may send fake emails or messages trying to make you click on dangerous links or open harmful files. Most cyberattacks begin with phishing, so if an email seems weird, be careful, check who’s sent it and if their email matches who they say they are.

Think you spot a phishing scam? It can be harder than you think. Test your phishing radar with this quiz from Google.

Print-Friendly Poster

Boost your memory with the power of repetition! Print this user-friendly online safety checklist, post it in a high-traffic spot like your fridge or desk. It's an easy way to make sure crucial information sticks.

Identity Theft

Identity theft is when someone steals your personal information, like your Social Security number or credit card details, and pretends to be you. They often use this information to take your money, get loans in your name, or even commit crimes without getting caught. In addition to phishing, other types of identity theft crimes include:

Healthcare theft: Using your information to get medical care or drugs, which can mess up your medical records and bills
Tax theft: Filing fake tax returns with your information to steal your tax refunds
Child identity theft: Stealing a child's information to impersonate them, spread misinformation, or for financial crimes like making unauthorized purchases
Online theft: Stealing your online accounts, like your social media or email to impersonate you to spread lies and hurtful messages

How to Avoid Identity Theft

There are clear steps you can take to significantly reduce the chance of identity theft happening to you. Start with guarding your personal information: Keep your personal information, like your Social Security number and credit card details, safe and private with strong passwords, Multi-Factor Authentication, and monitor your credit reports for suspicious activity.

New York City Public Schools follow Federal and State laws and regulations that impose requirements to ensure students' personally identifiable information (PII) and certain staff PII (specifically, identifiable annual professional performance review data of principals, assistant principals and teachers) remain confidential and secure.

How to Report Identity Theft

Do you believe you are the victim of identity theft? If so, you can report the crime to the FTC for assistance in recovering and protecting your information.

Impact of Artificial Intelligence (AI) in Cybersecurity

AI can be a useful tool in many industries, including cybersecurity. Security teams increasingly use AI to detect threats, respond to incidents, and safeguard sensitive data more efficiently. AI tools can analyze vast amounts of data in real-time, identifying suspicious activities, potential vulnerabilities, and emerging threats much faster than traditional methods.

However, while AI can be used for good, cybercriminals have begun using it to:

Scale attacks: AI can generate and launch a high volume of attacks, making it difficult for traditional security measures to keep pace.
Advanced phishing techniques: Large language models (LLMs), such as ChatGPT, allow cybercriminals to create more convincing and personalized phishing attempts, increasing the likelihood of success.
Exploit security patterns: Cybercriminals use AI to study cybersecurity defenses, analyze patterns, and identify weaknesses to breach systems more effectively.

As AI evolves, the potential for its misuse by cybercriminals grows. This makes it even more critical for individuals and organizations to stay informed and follow best practices in cybersecurity.

By remaining vigilant and using a proactive approach, we can harness the power of AI to stay ahead of cyber threats and protect our digital environments.

What NOT to Share on Social Media

Hackers and scammers are cunning, and are actively lurking and plotting on social media where kids and adults often let their guards down. In addition, online bullying has intensified. Safeguarding yourself and your information on these platforms is crucial.

Engaging on social media is second nature to many of us, offering a range of benefits like staying connected with loved ones, being entertained, extending your learning, and keeping up-to-date. However, it also carries risks if we don't exercise responsibility. Here are five quick tips to help you navigate social media safely:

Keep your social media passwords and account details private. Mistakes can happen unintentionally, so be cautious.
Avoid automatically saving social media passwords on shared devices or public networks, such as school computers.
Never give out personally identifiable information (PII) on social media, including your full birthdate, phone number, OSIS or Employee number, or home address.
Refrain from sharing your real-time location, as it can give potential criminals insights into your whereabouts, making both yourself and your home vulnerable to attacks.
Don't broadcast your upcoming travel plans or vacation photos while you're still away. You don't want to signal to potential thieves that your home is vacant.

For more tips, check out the National Cybersecurity Alliance's article: Share with Care: Staying Safe on Social Media.

The Department of Education provides comprehensive guidelines to promote good digital citizenship among students. Recognizing that expectations vary according to age and grade level, we have tailored separate guidelines for students and their families, based on their age group:

Additional resources to help you stay safe online

Continue to learn and test your knowledge with these fun and interactive games and quizzes during Cybersecurity Awareness Month and beyond.

Games

FBI Safe Online Surfing - Online game for students based on grade level to learn more about cyber safety and digital citizenship
Digital Compass Game - A ‘choose your own path’ interactive game from Common Sense Education for grades sixth to eighth on digital citizenship basics
Time Zone X: Digital Etiquette - Learn better ‘digital etiquette’ with this game from BrainPop
PBS NOVA LABS: Defend a company that is the target of increasingly sophisticated cyber attacks with NOVA LABS’ interactive games and quizzes

Quizzes

Pew Research Cybersecurity Quiz - How much do you know about cybersecurity? Learn what you know and what you need to know from Pew Research
Cybersecurity: Tomorrow’s Internet - Put your cybersecurity knowledge to the test Center for Development of Security Excellence’s quiz
Technology Self-Assessment - Reflect on your online habits, well-being and the role technology plays in your life in this online self-assessment from Google
Britannica Education: Real or AI Quiz - Can you spot an AI-generated image? Doing so in the real world can protect you from bad actors mimicking legitimate individuals or organizations.
Google Arts & Culture - Can you spot the odd one out? Guess the AI generated “imposters” hidden among the artworks.
Real or AI? The Game - Are you ready to put your skills to the test? Simply look at the image presented to you and decide if you think it is real or a creation of AI.
Kellogg School of Management: Detect Fakes - Take a look at this image and share whether you think it is generated by AI or not.

Resources for educators

Cybersecurity Best Practices - Google’s cybersecurity guidebook with best practices for K-12 schools
Digital Citizenship Resources - Developed by Common Sense Education provides interactive lessons and resources for at home or in the classroom
- Common Sense Lesson - Risk Check for New Tech - How to determine the safety of new technology and how to ask yourself ‘is it worth it?’
- Common Sense Lesson - Hoaxes and Fakes - How can you avoid being fooled by fake videos and other information online?
- Common Sense Lesson - Internet Traffic Light Activity - Staying safe online is just as important as staying safe online - online lesson for students to understand how to safe online by seeing how to identify ‘just right’ content and how to engage online safely
- Common Sense Lesson - Don't Feed the Phish - Understanding what theft is online and how to be aware of phishing scams when engaging online
- Common Sense Lesson - Password Powerup - How to create strong passwords and why it is important
- Common Sense Lesson - Private and Personal Information - Understanding private information online and how to share in a safe way and how to determine what is ok to share what should be kept private
Secure Our World - a program by Homeland Security's Cybersecurity & Infrastructure Security Agency that offers tip sheets and advice to stay safe online.