Cyber hygiene: Check your exposure to hackers with these online tools

As the conflict on the ground continues to escalate, Russian and Ukrainian hackers are waging a cyber war that could have implications in other parts of the globe.  

The federal Cybersecurity and Infrastructure Security Agency has issued guidance to businesses and other organizations on how to protect themselves against hackers, but data breaches could leave individual Americans vulnerable as well. 

Cyber experts say they don’t expect an attack on American infrastructure, but warn that now is a good time to double-check your online safety protocols. 

"Now that we’re seeing heightened tensions there’s never been a better time to check and be more vigilant," said Ron Sanders, Staff Director for the Florida Center of Cybersecurity at the University of South Florida. "Look at your passwords, make sure they’re strong and get rid of the ones that are old and may have been sold somewhere on the dark web. Look at multifactor authentication and do all of those cyber hygiene things that we should normally do but probably don’t."

RELATED: Military looks to Cyber Florida for help tackling online attacks

Multifactor, also known as two-factor or two-step factor, authentication is the top recommendation from cybersecurity experts. The system uses your password as well as an extra step, like entering a texted code, opening separate application, a FaceID scan or answering a security question, to confirm your identity. 

This is something you'll typically have to set up yourself. Experts recommend opting into multifactor authentication where ever possible, especially for online banking, social media, business accounts and emails.  

According to CISA, multifactor authentication makes an account 99% less likely to be hacked. 

Over the last decade, hackers have successfully pulled off massive attacks on companies, institutions and organizations large and small. Using a website like can show just how many times your usernames, passwords and personal information have been stolen through breaches.  

RELATED: Russia-Ukraine war disinformation spreading online as experts say to seek credible sources

Passwords should be updated regularly and never used across multiple sites. CISA recommends passwords that are at least 15 characters long and randomly generated by a computer or password manager. 

Experts also warn with a war and growing humanitarian crisis, everyone should be especially vigilant against phishing scams. 

"Phishing attacks asking for help or money, financial assistance for people in Ukraine. We should be careful about these types of indirect attacks," said University of Tampa associate professor of cybersecurity Alper Yayla. 

Which means watching what you click. According to CISA, 90% of successful cyber attacks start with a phishing link, which can be sent via email, direct message on a social media platform, or texted to your phone. 

FILE - A message demanding money on a computer hacked by a virus is shown on a computer in a file image taken on June 27, 2017. (Photo by Donat SorokinTASS via Getty Images)

FILE - A message demanding money on a computer hacked by a virus is shown on a computer in a file image taken on June 27, 2017. (Photo by Donat SorokinTASS via Getty Images)

Phishing scams have become increasingly more advanced over the years. Messages with links or attachments may appear to come from people or companies you know. 

"If somebody sends you something that doesn’t seem right, call them and ask them if they really sent it to you," said Benny Czarny, CEO of OPSWAT, a Tampa-based global cybersecurity firm. "It’s always better to be safer than sorry. It’s always better to try to protect yourself." 

Keeping up with the latest software updates for your phone, browsers, and apps will also protect against system vulnerabilities. 

To learn more about recommended cyber safety visit