

Cyber Smart: Five habits to protect your family, money, and identity from cyber criminals
Published by
John Wiley & Sons, Inc.
10475 Crosspoint Boulevard
Indianapolis, IN 46256www.wiley.com
Copyright © 2019 by John Wiley & Sons, Inc., Indianapolis, Indiana
Published simultaneously in Canada
ISBN: 978-1-119-55961-0
ISBN: 978-1-119-55963-4 (ebk)
ISBN: 978-1-119-55964-1 (ebk)
No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.
Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or website may provide or recommendations it may make. Further, readers should be aware that Internet websites listed in this work may have changed or disappeared between when this work was written and when it is read.
For general information on our other products and services please contact our Customer Care Department within the United States at (877) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002.
Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.
Library of Congress Control Number: 2018963005
Trademarks: Wiley and the Wiley logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.
I dedicate this book to my mother, Kaye “Gigi” McDonough. My intelligent, thoughtful, caring, and beautiful mother—your unconditional love and encouragement coupled with your unwavering demand of excellence propelled me forward in my life and career. THANK YOU, Momma!
Bart R. McDonough is CEO and founder of Agio, a hybrid managed IT and cybersecurity services provider specializing in the financial services, healthcare, and payments industries. Bart has deep institutional knowledge of the investment world, with more than 20 years of experience working in cybersecurity, business development, and IT management within the hedge fund industry. His core strengths are assessing, defining, advocating, and driving the adoption of risk management strategies, controls, and models, which enable organizations to advance cybersecurity resiliency while successfully complying with evolving regulatory requirements and behavioral transformations.
Harnessing his expertise in alternative investments, Bart and his team of more than 240 employees have developed cybersecurity and managed IT tools tailored to protect financial businesses' most precious assets: money and reputation. Just one example of Agio's industry-changing work included finding and repairing a Bloomberg Professional Services setting that could have compromised more than 300,000 subscribers. As CEO, Bart has grown Agio's roster of clients to exceed 300, spanning hedge funds, private equity firms, asset managers, investment banks, and healthcare providers.
Bart is a board member of several cybersecurity companies. Prior to founding Agio, he worked at SAC Capital Advisors, BlueStone Capital Partners, OptiMark Technologies, Sanford Bernstein, and American Express. Bart attended the University of Oklahoma and received his undergraduate degree from the University of Connecticut. He is married to the two-time Emmy Award–winning television producer Cheryl McDonough, and he has three incredible children: Russell, Ava, and Kya.
Associate Publisher
Jim Minatel
Project Editor
Gary Schwartz
Production Editor
Barath Kumar Rajasekaran
Copy Editor
Kim Wimpsett
Production Manager
Katie Wisor
Content Enablement and Operations Manager
Pete Gaughan
Marketing Manager
Christie Hilbrich
Business Manager
Amy Knies
Project Coordinator, Cover
Brent Savage
Proofreader
Nancy Bell
Indexer
Johnna VanHoose Dinse
Cover Designer
Marina Mirchevskaya
Cover Image
© blackred/Getty Images-Gold Skeleton Key, © monsitj/Getty Images-Background
I'd like to start by thanking the team that helped me get this book published and ultimately distributed: Jim Minatel, Gary Schwartz, and Barath Kumar Rajasekaran at Wiley.
I'd also like to thank the thousands of Agio clients who kept asking me questions at my Cybersecurity Awareness Seminars, which led me to writing this book. I can't wait to share it with all of you.
A huge thank-you to my researcher, Kelly Eley, for all of your valuable time on this project—you were simply a delight to work with, and I can't wait to collaborate with you again. In addition, I'd like to thank Kimberly Peticolas for all of her coaching and advice on getting this idea into a published book.
Next, I have to thank so many of my amazing colleagues at Agio (https://agio.com/) for refining so much about what I know about cybersecurity, management, and life. I have to give a big personal shout-out to Ray Hillen for coining the phrase “Brilliance in the Basics.” A special thanks to Lori Rabin for her amazing editing capabilities. Others I want to thank personally include Chris Harper, Mark Fitzner, Miten Marvania, Garvin McKee, Kate Wood, Nick Mancini, Jessica Golle, Heather Matthews, Josh Bentley, Greg Blattner, Marina Mirchevskaya, Kaitlin Boydston, Jason Price, Andrew Werking, Eva Lorenz, Laurie Leigh, Emily Ellis, Carrie Bowers, Donato Lalla, Tim Steiner, Steve Foster, Joe McCusker, and the rest of the amazing organization at Agio (#OneAgio).
A few clients and colleagues I'd like to thank are David Berger, Danny Moore, Avi Gesser, Barry Ko, Ramin Safai, and especially Chris Corrado.
I have to thank my lawyer and great friend Kevin Malek (well, at least I think we are friends) for all of his assistance in this project and so many others in my life.
I have to thank so many of my “brothers” for all their candid (and, yes, sometimes dumb) questions: Troy Bailey, Neil Berkeley, Travis Warford (no Travis, it's not cheese), Johnny O'Fallon, Brendhan Fritts, Chris Nichols, and Ryan Ball. Troy and Neil, I'd especially like to thank you for yelling at me one night over drinks to just “write the damn book” and giving me the courage to fail.
Everyone who knows me knows Gina Peterson is the engine who keeps me going, and without her, none of the meetings that took place to get this book published would have been possible. A huge thank-you to Gina, and her husband Nate, for allowing our family to interrupt hers constantly. Andrea Duarte, while joining us late, has been amazing at helping to smooth out our days and lives and giving this book its final polish.
I've been fortunate to have the most loving and caring parents in the world who have always encouraged me to do more and be better and have always supported me along the way. Education, especially the ability to read and write, were always valued in our home. My father has always been such a rock and a great example of hard work. Your work ethic and your devotion to your family continues to inspire me, Poppy! While I didn't appreciate it at the time and it may have led to some tears, I can't thank my wonderful mother enough for never taking the easy way out and letting me turn in terrible writing. Thanks for always pushing back on me (with your red pen!) and making me better, Momma.
Finally, my immediate family. Thank you for supporting me in everything I do. Kya, thank you for always asking the hard, right questions. You always get to the heart of the matter and helped me clarify and simplify my recommendations in the book. Ava, thank you for first calling me “Tech God”—flattery will get you everywhere. Seriously, thank you for allowing me to understand better the teen viewpoint in using the Internet. Russell, you don't know how much your calm demeanor helps me in life. Thank you for insisting on using correct grammar in texts, thank you for putting up with all the test devices I install and use at the house, and thank you for always being so patient and helpful. You are the rock of this family and occasionally are funny too.
Cheryl, my love and my talented superstar, thank you for being patient with me while I took the time to put this book together. Thank you for working tirelessly to keep our lives running while personally working so hard to make the world a better place through your documentaries and not take life too seriously. Thank you for being my best friend—always making me laugh and not to take life too seriously. Finally, thank you for being the audience to all my ridiculous cybersecurity stories; for always perfectly playing the part of the “normal person” (while we know you aren’t really normal!), and keeping me in check. And yes, love, you do have to update your computer and phone now.
Cybersecurity is one of the most important, and most disregarded, aspects of our daily responsibilities. Technology has overtaken our lives—the pervasiveness of the Internet has affected how we do almost everything—from communicating to banking. Drawing on his extensive work with hedge funds, private equity firms, celebrities, hospitals, and more, Bart McDonough accurately and thoroughly describes the cybersecurity threat landscape—the who, what, when, where, why, and how—and then helps readers understand how to perform proper “use, care, and feeding” of accounts and devices to avoid exposure in many areas of daily life. Just as people must tend themselves to maintain their health, so too should they practice proper “cyber hygiene” with websites, software, and devices to protect themselves and their families in a world of cyber threats.
As an expert in the cybersecurity field, McDonough has traveled around the world speaking at conferences for the FBI, Goldman Sachs, JP Morgan, Morgan Stanley, Citibank, Credit Suisse, Jefferies, Bank of America, and others, where he addresses crucial cybersecurity recommendations for businesses. However, the most common question he receives from the attendees at these conferences is “How can I protect myself at home, on a personal level, away from the office?” Addressing this very question in this book, McDonough combines his extensive industry knowledge with real-world examples of cyberattacks and how to prevent them as well as how to recover from them.
The idea of identity theft and other forms of cyberattacks can be daunting to the average person in today's society; however, it does not have to be that way. With the proper knowledge, outlined as the five “Brilliance in the Basics” habits in this book, everyone can learn better practices to help prevent bad actors from taking advantage of their money, personal information, and devices. Moreover, the more people who protect themselves, the better off everyone is. While there are several books out there that address the topic of cybersecurity, the majority of these focus on security for businesses and corporations. Few are intended to teach individuals in the general public how properly to protect their money, identities, personal information, devices, networks, and online experiences.
Cyber Smart focuses exclusively on this audience. Written in plain English and using everyday relatable examples, McDonough helps readers easily understand how they can personally update their approaches to Internet and device safety, and he does this through a positive, proactive style. While other comparable titles focus on fear-based conditioning, Cyber Smart focuses instead on maintaining the idea that while these technological advances have risks, there is no reason not to take advantage of them as long as you do it with open eyes and an awareness of how to keep your information safe.
As technology advances and we adopt new cloud-based services, wearables, fitness trackers, smart home appliances, and cars, we need to balance our rapid consumption of technology with vital knowledge of how safely to use, maintain, and protect these Internet-connected products.
Protecting our identities from the onslaught of endless cyber scams and hackers has become an exhausting effort. It can feel like we need a technical degree to defend ourselves and our families from cybersecurity attacks and ensure we're secure in our day-to-day personal and professional lives. Since we don't hear these cyberattacks knocking at our door or receive real-time evidence of our sensitive information circulating the underbelly of the Web, it's hard to grasp how vulnerable we are at any given moment. In this book you learn how to find your exposed information on the Internet—and discover you've been breached—it can feel like there's nothing you can do to protect your and your family's leaked Social Security numbers, passwords, and more. I am here to tell you there is hope. In this book, you'll learn to practice the essential cybersecurity habits to protect your family from bad actors.
Technology advancement brings opportunities, but it also creates risk, making it necessary to teach ourselves proper “use, care, and feeding” of our devices. If we don't, we risk significant exposure in many areas of our life. Similar to caring for ourselves, we must practice proper “cyber hygiene” with websites, software, and devices.
We know we spend a ton of time online, but we may not realize how our heavy Internet usage can increase our risk of falling victim to cybercriminals. It's as easy as visiting a website with infected ads that harvest our computer's CPU power, so bad actors can “mine” highly profitable Bitcoin cryptocurrency, typing credit card numbers into legitimate-looking, spoofed websites, or accidentally downloading ransomware from a linked “Funny Cat Video” our “friend” sent us. We devote a lot of time and energy to these online interactions. If we neglect the “use, care, and feeding” of technology and our presence in cyberspace, we risk letting bad actors run rampant—infecting and sabotaging our cyber comforts, wiping out years of family photos and personal files to ransomware demands in the thousands of dollars, or repeatedly using and abusing our identity.
If we lived in a “bad” neighborhood with a high level of crime, we would take the necessary precautions to protect ourselves, our family, and our belongings. We are mindful of our surroundings—we lock our doors, install extra locks, don't carry loads of cash on us, and so forth. However, when we are in a good neighborhood with low crime, we tend to be more relaxed around our physical safety precautions.
When it comes to our cyber lives—we all live in a bad neighborhood. And we all need to practice essential cyberhygiene precautions, or else we play a risky game of cyber roulette to see how much we think we can get away with before the neighborhood bad actors succeed in their cyberattacks against us. Then it's game over—or, at the least, we experience a lot of unnecessary frustration, embarrassment, expense, and cleanup.
This is not said to scare you—it is to help prepare you to have the right mind-set when you are online. My primary goal is to share real stories of people like you—victims of common cyberattacks—and then provide specific recommendations you can use to protect yourself against cyberattacks and scams. The secret to practicing cybersecurity is what I call “Brilliance in the Basics”—five crucial cybersecurity habits that I recommend you perform regularly.
Brilliance in the Basics habits
Performing these five basic, recurring cyberhygiene principles will work to prevent cyberattacks and serve as a cure for prevalent cybersecurity issues. I will show you how to manage your Internet presence safely, as well as your technology usage, so you can continue to enjoy the pleasures and opportunities that come with the cyberspace you love. You'll discover more about the “Brilliance in the Basics” cyberhygiene habits in Chapter 7.
I will also address and dispel popular cybersecurity myths throughout the book. Recognize any of these?
By learning the facts, you can set the record straight and safeguard yourself and your family. Cyber awareness will be like second nature.
In fact, let's dive in and dispel one myth right now.
We need to work together to defend our privacy, security, money, and peace of mind. It's our right to enjoy what technology and the Internet have to offer. The last thing we should do is to admit defeat and compromise these fundamental liberties by surrendering our security and, along with it, our personal information, assets, and identity.
Protecting our security does not necessarily mean we have something to hide; it's the preservation of our identities and those of our loved ones. This includes our money, medical records, credit files, devices, online presence, and more. Cyber threats influence every part of our lives. We must implement proper cyberhygiene habits accordingly. And that starts here.
This book gives a detailed portrayal of the current cybersecurity landscape and its threats, and it explores how we, as adult professionals, can protect ourselves and our families as more of our life duties move online via Internet-connected devices.
Throughout my experience providing cybersecurity training to thousands of business professionals, I observed a growing need among the participants to learn how they can secure themselves on a personal level in addition to safeguarding business operations. It became apparent the cybersecurity community was focusing primarily on business executives and overall business security, leaving a shortage of cybersecurity guidance made available to us as individuals. We are the fabric making up a business, and we are the ones sitting on the other side of the company computer. The focus in this book will be on closing the personal cybersecurity guidance gap. I will share the basic cybersecurity habits you need to protect your and your family's online assets and identity—personally and professionally.
I designed this book in two parts: Part I, “Setting the Stage,” and Part II, “Specific Recommendations.”
In this part, I define some common cybersecurity terms and provide an overview of cyber risk that poses a threat to our families and ourselves. After that, we learn more about who is the adversary, their main goals and targets, and their attack methods and weapons of choice.
Next, I cover the “Brilliance in the Basics”—the five core habits that serve as an ounce of cyberattack prevention worth a pound of cybersecurity cure.
Finally, I touch on some grave mistakes we can make without realizing we've made them, like an accidental data breach. I conclude Part I with detailed incident response steps you can take if you encounter the unfortunate—ransomware, spam, email compromise, and more.
In this part, you'll find helpful, straightforward steps to begin protecting your identity, money, email, files, social media, website access, passwords, computers, mobile devices, home network, Internet of Things (IoT) devices, as well as your information while traveling.
Throughout each chapter, you will notice a few features: accounts of cyberattack and scam victims, segments on popular cybersecurity myths, and straightforward and practical cybersecurity recommendations.
These accounts are real stories about attacks, scams, or methods of defense. While I include quite a few, they are just the tip of the iceberg. Many dangers are lurking in cyberspace, waiting to pounce on unsuspecting targets who don't know how to protect themselves adequately.
In addition to these real-world stories, I include specific, actionable recommendations outlining how you can stay safe in the midst of frequent and severe cybersecurity attacks. By actively applying the handful of key, learned, defense techniques to your day-to-day personal and professional life, you will be practicing what some of the most secure people in the world do.
I also address popular cybersecurity myths to which we've all fallen prey, believing at one time or another. We've already tackled the first of these myths in this introduction. Going beyond just addressing these myths, in this book I provide the facts on which you'll need to focus to protect yourself and your loved ones with clarity and efficiency so you can continue enjoying all that the Internet has to offer.
You can contact Bart McDonough by visiting his personal website—www.Bartmcd.com—where you will find his latest thoughts and links to the most current social media posts.
Go to www.wiley.com/go/cybersmart to download a brief reminder of “Brilliance in the Basics” habits you can keep with you everywhere.
William and Nancy Skog had cherry-picked an impeccable, perfect, river-front residence in Wilmington, Illinois. Exhilarated by the thought of moving into their dream home, the Skogs could practically see their new lives—watching the tranquil riverboats cruise by and listening to the water birds sing. There was one final step needed to finalize their purchase—wire $307,000 in closing costs to their real estate attorneys. Having received an email with payment instructions sent from what looked like a legal assistant at the firm, William and Nancy wired over their entire life savings—$307,000. Their new life was about to begin. Days later, however, the couple sat across from their lawyer at the closing table and learned their payment never arrived. The Skogs immediately panicked. If their attorneys didn't get the money, who did?
Let's take a closer look at the details of the wire transfer scam. All $307,000 of the Skogs' hard-earned cash had vanished without a trace. Fraudsters, impersonating their real estate attorneys, had pocketed the entire wire transfer. Almost everything in the closing cost email the Skogs had received looked genuine. The email signatures appeared authentic (because the bad actor copied and pasted the real one), the file attachment had the attorney's actual letterhead, and the details of the real estate transaction were accurate.
How could a bad actor obtain all of this information? A variety of attack methods and vectors could have been used: including compromising one or more email accounts of those involved in the transaction, pretending to be a prospective client and emailing the firm to obtain a response and thus an email signature, or finding the attorneys' letterhead via an Internet search.
Bad actors use automated hacking software that scans data breach dumps for email addresses of people working in a specific industry, such as real estate. Once they collect a list of email addresses, they send phishing emails (an email-based, social engineering attack) to obtain the victim's email account password fraudulently. Once they have the password and successfully gain access, they research and monitor real estate transactions in flux. When the timing is right, bad actors send an email to home buyers with “new” wire transfer instructions.1 It can be easy for victims to believe the malicious email is legitimate, since it can actually be sent from the authentic (hacked) account of one of the real parties involved.
Despite the scam's convincing elements, there were indicators something was wrong. The fraudulent email used unorthodox sentence structure, such as “… and have us set ready your closing.” Notice anything yet? But beyond suspicious grammar, what could have tipped the Skogs off to the fake email sent by the bad actor? The sender's email address and links might have contained clues. Hovering over any links in the email could have produced red flags, like different or similar-looking URL addresses (for example, RealEstate.com versus the malicious URL RealEstate-co.com).
Next, the circumstances themselves were reason enough to be wary. Cyberattackers and scammers target their victims in moments of heightened emotion. People are often distracted and/or overwhelmed when scared or elated. In the case of the Skogs, the adversary recognized an opportunity when the Skogs were buying their dream home—a scary and thrilling life event. It was the perfect storm of emotions to render the Skogs vulnerable and allow the scammers to steal the couple's hard-earned life savings successfully when they least expected it. The couple's only saving grace was their daughter, who purchased the home for them.
The Skogs' tremendous loss to real estate wire transfer fraud is indicative of a growing epidemic. In 2016, the FBI found that $19 million in real estate transactions were “diverted or attempted to be diverted” by bad actors, and that amount increased to practically $1 billion in 2017—a 5,163 percent increase in just one year.2 The cruelest part of real estate wire transfer fraud is the rare chance of ever recovering stolen funds. According to James Barnacle, chief of the FBI's Money Laundering Unit, “I don't want to set false expectations for consumers. The chance of recovery here is slim.”3
Now that you've learned the life-shattering reality of real estate wire transfer fraud, here are some essential prevention steps:
If you've fallen victim to a real estate wire transfer scam, here are immediate incident response recommendations:
https://www.ic3.gov/default.aspx.Real estate wire transfer fraud is just one example of the many common and devastating cyber risks we face. Cyberattacks are growing and evolving at a staggering rate, but by continually practicing the handful of basic protection techniques you'll soon learn, you can strengthen your cybersecurity with ease.
Serving as a testament to the increase in cyber risk and the need for easy-to-understand, personal, cybersecurity guidance, Verizon published the following statistics in its 2017 “Data Breach Investigations Report,” sourced from 65 organizations:5
Why do attackers have such a high success rate in wreaking havoc and causing breaches? One possible explanation is that people rely solely on technology to protect them. In reality, antivirus and firewalls can only do so much, and they don't provide any protection against “legit” emails from compromised counterparties, such as your lawyer, real estate agent, or banker. It takes individual awareness and implementation of proper cyberhygiene practices to defend oneself holistically.
Throughout the book, you will learn about how to defend yourself against the vast majority of threats. There are a set of fundamentals, which when practiced together will dramatically increase your cybersecurity posture. I simply call this collection of activities and technology “Brilliance in the Basics.”
Brian Krebs, a well-known cybersecurity researcher and investigative reporter, put together a “Cybercriminal Code of Ethics,” to convey “immutable truths” depicting how bad actors benefit from a lack of investment in personal cybersecurity.6
Another reason cyberattackers are successful is individuals don't necessarily have the proper cybersecurity knowledge to detect cyber threats. (You will obtain that knowledge reading this book!) Scotland Yard found in every month London citizens lose $36 million and report around 3,500 cases of cyber fraud. The most common offenses include phishing emails and malware such as ransomware. Bad actors are aware of this lack of understanding when it comes to cyberattacks. Instead of attempting to compromise a company's firewall directly, these scammers target individuals via their personal lives. The hope is this approach will provide a path to a company's network and thus multiple victims. From here, these bad actors can steal personal information, money, and computing resources.7
Now you've read a bunch of statistics about breaches, cyberattacks, and hacks—what do they actually mean, and what's the difference between the three?
A breach is an incident where sensitive, private, or confidential information is accessed or leaked without authorization. The types of information valued by bad actors include Social Security numbers, credit card and bank account numbers, billing addresses, tax returns, medical information, usernames and passwords, and more.
A breach can be a result from a cyberattack, a hack, or simply a mistake. Each week, bad actors break into networks and systems and steal people's information, sometimes amounting to tens of millions of data elements or more. Most of the time, this stolen data is used to commit fraud. At other times, it can be used as blackmail, such as the case with the Ashley Madison breach, which leaked names and credit card numbers of customers of the extramarital affair website. Bad actors got ahold of the leaked information and threatened Ashley Madison customers into paying a fee; or else they would divulge their activities to their spouses and the general public.
Companies nowadays store massive amounts of personal information about their users for the purposes of its services, ease of access, data analysis, or the convenience of automated payments. Data can be seen as a toxic asset—the more it's accumulated and the longer it sits in storage, the higher the stakes if the information gets into the wrong hands.8
A cyberattack is when attackers (that is, individuals, criminal organizations, nation states, terrorist organizations, and so on) carry out malicious attacks, such as social engineering against people with the primary objective of accessing, modifying, disclosing, or selling stolen information. Cyberattack targets can include individuals, businesses, government agencies, national infrastructure, and more. A cyberattack doesn't necessarily involve the act of hacking or even the direct use of computers.
A hack is a simple or complex act of malicious intent that involves using automated or manual technology to crack a code or break into a target's computer systems or network. It is simply digital trespassing.
Hacking can be a component of a cyberattack, which can lead to a data breach, but a cyberattack doesn't necessarily require hacking skills or computers at all. A data breach can occur without a cyberattack or a hack. A data breach can happen by mistake; as an example, someone sends an email to the wrong person or list of people, resulting in a data breach. Have you ever written an email, attached a sensitive file, and then accidentally sent it to the wrong person? Yep—we've all done it. This is considered a data breach since you didn't intend to send the information to those recipients.
Now that you've read about the main differences between a breach, a cyberattack, and a hack, in the next chapter you will learn who the adversary is, what they want from you, and how you can protect yourself and your family from their cyberattacks and scams.