Read each statement below and mark either “T” for true or “F” for false. Review the answer sheet to see if you are correct!

  1. Phishing is the primary attack method used by hackers to gain unauthorized access to information systems and networks. ( T or F )
  2. Multi-factor authentication should be enabled on apps, online accounts or networks to add an additional layer of data protection. ( T or F )
  3. Confidential information, such as social security number, protected health information, passwords, should be sent as an attachment in an email. ( T or F )
  4. Privacy represents “what” must be protected. It covers the collection, use, and disclosure of personal information. Security represents “how” information must be protected. It encompasses the methods for accessing and protecting information. ( T or F )
  5. There are no federal laws that protect the privacy of student education records. ( T or F )
  6. You should update your software once a year to restrict access to your files and devices. ( T or F )
  7. If you receive mail from the Department of Veterans Affairs that belongs to somebody else, you should throw it away. ( T or F )
  8. Phishers target Veterans for their government-provided aid and benefits via social media scams. ( T or F )
  9. Ransomware is computer equipment that criminals steal from you and won’t return until you pay them. ( T or F )
  10. Scammers can use technology to make any name or number show up on your caller ID and steal your information. ( T or F )

Answer Sheet

  1. True: Phishing is when online attackers send emails to deceive people to reveal sensitive information or install malware.
  2. True: Multi-factor authentication (MFA), requiring multiple pieces of information to verify your identity on applications or websites, is becoming more common. Even if a data thief obtains your password, they may not be able to access your account if it’s protected by MFA. You should enable MFA where it’s offered. Authentication categories can include mother’s maiden name, first automobile you owned, childhood best friend, something only you would know, or something only you would know you own.
  3. False: Confidential information should be sent in an encrypted format in email.
  4. True: Privacy represents “what” must be protected. It covers the collection, use, and disclosure of personal information. Security represents “how” information must be protected. It encompasses the methods for accessing and protecting information. Although privacy and security are often discussed together, this is a helpful way to describe the difference between each.
  5. False: The Family Educational Rights and Privacy Act (FERPA) is the privacy law that protects the privacy of student education records. The Department of Education states that, “FERPA requires that a consent for disclosure of education records be signed and dated, specify the records that may be disclosed, state the purpose of the disclosure, and identify the party or class of parties to whom the disclosure may be made.”
  6. False: Regularly update your software for the newest security updates for apps, web browsers, and operating systems. Set updates to happen automatically.
  7. False: To locate your local Privacy Officer, you must contact your local VA facility. Visit the VA Privacy Service web page for more information.
  8. True: Phishers especially love targeting Veterans for their government-provided aid and benefits. Sharing your military service or employment information online makes it easier for phishers to find you. Beware, phishers will attack in a variety of ways including fake advertising, creating fake accounts, and hijacking social media accounts.
  9. False: Ransomware is software that infects computer networks and mobile devices to hold your data hostage until you send the attackers money.
  10. True: Scammers use technology to make any name or number show up on your caller ID: a business you know, or even your own number. You can’t trust caller ID because phone numbers can be faked.