Cyber Security at Living Church and Two Factor Authentication for Elvanto

For some time, Living Church has been thinking about the church’s cybersecurity. The recent phishing scam, in which bad-faith actors impersonated me (James Snare), is a timely reminder of the digital dangers that exist in the world today. We are currently reviewing our cybersecurity processes, and one decision we have made is to activate two-factor authentication for all church members to gain access to Elvanto. If you have any trouble with this, please contact the office or speak with a member of staff, and we will be happy to assist you in setting things up.

Beyond this, here’s a quick guide to help members of Living Church stay safe online and become more cybersecurity aware. Whether you’re checking emails, logging into church systems, or just browsing the web, these tips will help you protect your digital life.

🛡️ Cybersecurity Awareness Guide for Living Church Members

1. Use Multi-Factor Authentication (MFA)

MFA adds an extra layer of security by requiring something you know (like a password) and something you have (like a phone or app).

✅ Why it matters: Even if someone steals your password, they can’t log in without your second factor.

🔐 How to use it: Enable MFA on your email, banking, and social media accounts. Most services offer it under “Security Settings.”

2. Password Best Practices

Strong passwords are your first defence.

• Use long, unique passwords (at least 12 characters).

• Avoid using names, birthdays, or common words.
• Use a password manager (like LastPass) to store and generate secure passwords.
• Never reuse passwords across different sites.

3. How Bad Actors Try to Trick You

Cybercriminals often use social engineering to manipulate you into giving up information.

🚨 Common tactics:

• Phishing emails: Fake messages that appear to be genuine, requesting that you click a link or download an attachment.
• Urgent messages: “Your account will be locked!” or “You’ve won a prize!”—designed to make you panic.
• Impersonation: Pretending to be someone you trust (like a pastor or church staff).

🧠 What to do:

• Don’t click on suspicious links.

• Verify requests by calling the person directly.
• Look for spelling errors or strange email addresses.

4. Be Cautious on Public Wi-Fi

Avoid logging into sensitive accounts on public Wi-Fi (like at cafes or airports). Use a VPN if you must.

5. Keep Devices Updated

Always install updates for your phone, computer, and apps. These often fix security holes.

6. Take a quiz

Here is a quiz by the Australian Government:

• 🎓 Scam Watch Quiz – test your scam sense https://www.scamwatch.gov.au/research-and-resources/quiz-test-your-scam-sense