Join Allstate Identity Protection, the National Cyber Security Alliance (NCSA), and the Cybersecurity and Infrastructure Security Agency (CISA) in celebrating Cybersecurity Awareness Month by learning more about how to better protect yourself from fraud. Take our quiz to test your digital safety IQ and get tips to help you safeguard your data.
This October, your bucket list might include apple picking, pumpkin carving, and having a fun Halloween. The folks behind Cybersecurity Awareness Month would encourage you to add one more thing to the agenda: shoring up your digital security.
Launched in 2003 by the nonprofit National Cyber Security Alliance (NCSA) and the Department of Homeland Security, Cybersecurity Awareness Month aims to educate people and companies about digital threats and empower everyone to better protect themselves online.
Here at Allstate Identity Protection, we're deeply committed to helping our members protect their privacy and live more confidently online.
That’s why we’re kicking off the month with a quick quiz to help you identify your security blind spots, plus tips you can implement today to strengthen your defenses.
1. Which of the following passwords might be the hardest for modern cracking tools to guess?
G@bi2025!
Ju$t@sm@lltowngirl123!
m$8Y*qr9!pZ@fLw2#
When creating passwords, many people naturally reach for personal details, like a memorable date or a pet’s name. Unfortunately, these are things that could be uncovered with a quick Google search or glance at your social media feed. A popular phrase or song lyric might seem more secure, but if you know the words by heart, others probably do too.
So, if you answered C, you’re correct. As our guide to strong passwords notes, truly strong passwords combine both length and complexity and disguise the information with special characters and mnemonic devices. Short passwords, even with substitutions, can be cracked in seconds with today’s computing power.
We know it’s a lot to remember, but you don’t have to go it alone: select Allstate Identity Protection plans include a password manager that can generate and store your credentials.
2. You get an email alerting you to a fraudulent withdrawal from your bank account. You’re urged to click a link and enter credentials to reclaim the funds. What should you do?
Click the link and enter your information immediately, before your money disappears
Do not click any links and call your bank right away to report a potential phishing attack
Click the link and download any attachments so you can review the information carefully before calling your bank to confirm
Remember this: A legitimate bank or company should never solicit your sensitive details by email or text. A request like this is most likely part of a targeted phishing attack, in which criminals use emails to steal your personal data.
Scammers often pose as real people or institutions, but these attacks can be easy to spot if you know what to look for. Keep an eye out for the hallmarks of phishing, such as blurry images, frequent typos, and urgent requests to “act now!”.
If you chose B, you’re correct. Before clicking a link in any email, hover your mouse over the text to confirm the destination. If you have any doubt about a communication, reach out to the company directly to confirm if it’s real or fake.
3. You log onto free Wi-Fi at an airport. Which option best protects your data?
Browse only non-sensitive sites like news and weather
Turn on your VPN before logging in
Confirm the Wi-Fi name with airport staff and use it without extra precautions
While verifying the network name is smart, attackers can create “evil twin” hotspots with names like “Airport Free Wi-Fi" to trick travelers—and even if you’re on the official network, the connection itself is still open to interception.
So, if you answered B, you’re on it. A VPN (virtual private network) creates an encrypted tunnel for your traffic. That means even if someone is snooping on the same public network, all they’ll see is scrambled data. VPNs also mask your IP address, adding another layer of protection against tracking and targeted attacks.
4. Which of the following is the safest to post to social media?
A first day-of-school photo of your kiddos posing on your front porch in their school uniforms
Real-time updates from your family vacation far, far away
A beautiful scenic photo from last week’s nature hike
Sharing online can be lots of fun, but when social networks aren’t used with care, problems can ensue. Unfortunately, photos that seem innocent can reveal more than you intended. If you answered C, you’re correct.
Perhaps your house number and the name of your kids’ school is visible in that front-porch picture. And posting about your vacation while it’s happening is essentially giving criminals a heads up that you’re not home. Account takeover is another concern, as one compromised social media account can lead to identity theft across multiple channels.
5. Which of the following practices are key to being cyber secure at work?
Keep your software up to date, run regular security scans, and use a secure channel (such as a VPN) to connect to your company’s network
Treat sensitive work information like sensitive personal information, set strong passwords, don’t overshare on social media, and be wary of potential phishing schemes
All of the above
A company is only as secure as its most vulnerable user, which is why building a culture of cybersecurity awareness is essential. Every action you take—whether it's staying on top of updating your software, reporting a suspicious email, or using a secure connection—helps strengthen your organization’s digital defenses.
That being said, the correct answer is C.
We’re your partner in protection
We hope you aced the quiz or at least picked up some helpful tips along the way. At Allstate Identity Protection, we’re proud to be your partner in protection.
With our alerts, you can feel confident knowing we’ll notify you if there’s a threat you need to know about. And that’s just the beginning: depending on your plan, we offer a variety of features to help you stay in control, such as:
Dark web monitoring: Enter details you want us to watch—like credit card or account numbers—and we’ll scan the dark web. If your information appears where it shouldn’t, we’ll alert you right away.
Credit monitoring and locks: Review your credit reports for suspicious activity. You can also lock your credit report, making it harder for criminals to open accounts in your name.
Financial monitoring: Keep an eye on your bank accounts, credit cards, and investment activity. We’ll alert you to unusual transactions or changes that could signal fraud, so you can act fast and stay secure.
