There is no denying the fact that the Internet has changed how we work, play, shop, and communicate with each other. As these technologies continue to advance, this also has opened a new portal for bad actors and other unscrupulous individuals who attempt to use these technologies for financial gain. The security of all our Breeze organizations is one of our highest priorities and concerns. Breeze routinely submits itself to third-party testing of our networks and monitors financial transactions for fraudulent activity. However, research has consistently shown that a large majority of “hacks” and comprised personal data do not originate from a vulnerability in an organization's security measures, but at the user level. Opening an attachment from an email or using easy to guess passwords are examples of access points for criminals.
With this in mind, the Breeze team has crafted this article to help you protect yourself and your organization from these bad actors who want to use your credentials and/or personal information for their own purposes.
Watch your Email Inbox Closely
When possible, confirm that you know who the sender is before opening an email. Email phishing is the number one method of gaining unauthorized access to personal information. In some cases, this can occur simply by opening an unfamiliar email. If you’re unaware of who sent the message, leave it alone until you’re able to find out for sure. Here is a third party article from the FTC with additional information on how to identify email spoofing/phishing attacks.
Keep your Computer OS, Mobile Devices, and Browsers Up to Date
Many recent hacks affect outdated versions of systems. To ensure your security measures are up-to-date, make sure you are installing all software updates as they become available. Browser updates are a key component of overall security and functionality.
Lock your Desktop and Mobile Devices
It’s important to lock your desktop and mobile devices after a certain amount of time. We recommend having your desktop computer lock after five minutes and your mobile phone after one minute of inactivity. Doing so prevents unauthorized users from accessing your confidential information when you’re not present at your device.
Use Complex and Different Passwords
If a bad actor obtains your password, and that password is used across multiple platforms (Facebook, Email, etc…), then you run the risk of that bad actor gaining access to a greater portion of your personal information. Passwords should be a mix of numbers/letters/special characters and should be a minimum of eight characters in length. Store all passwords in a secure location. While there are several great password management software tools, 1Password is often recommended as one of the best options. If 1Password’s pricing is prohibitive, Bitwarden is also highly recommended from several security experts and offers a free option which may be perfect for your usage.
Do not provide access to a user request without verifying the identity of the individual requesting access.
In this article from the Breeze Help Center, you can read more about the various ways in which a member can gain access to your Breeze account. Our team has recently discovered that bad actors are requesting access to Breeze accounts claiming to be a new member of the church (often including that they would like to begin contributing). Once that access has been provided, the bad actor will edit the name of their Breeze profile to the pastor or someone else on church staff, and then send out emails to the entire church asking for assistance. If verifying each request is not feasible due to the size of your congregation, then another option would be to allow new members to only access their profile and restrict access to all other functions within Breeze until verification has been completed. Here are two articles from the Breeze Help Center with more information:
A Note on Internet Security Software
If you are a Windows user, then Internet Security software is absolutely essential as part of your security measures. While it’s true that Macs are less likely to be infected with malware than their Windows counterparts, over the past few years security experts have begun to recommend that Mac users also incorporate Internet security software into their security protocols.
By their very nature, Internet Security software creates some system impact. You may notice that your computer is slightly slower when the software is running a scan or, in some cases, the firewall that is part of the security suite will negatively affect your ability to load certain websites due to the firewall rules. Browser extensions installed in your browser (privacy, anti-malware) have also been known to negatively affect the ability to load some sites or will interfere with particular features. While these security features are greatly appreciated when visiting an illegitimate site, our technical support teams at Breeze will occasionally experience a scenario in which a particular security product interferes with some core functionality within Breeze.
If other websites are able to load (you have Internet access) but Breeze isn’t loading for you in your preferred browser, one possible cause might be your security software. Temporarily disable your Internet Security features and see if Breeze loads/performs as expected. If so, please contact our Breeze Support team, and we may be able to provide you additional information to input into your security software to allow Breeze to function properly.