I work in cybersecurity at a DFW financial services company. Here are the things I wish every person knew.
The big three that prevent 90% of attacks:
- Use a password manager. Bitwarden (free) or 1Password ($3/month). Every account gets a unique, random password. If one site gets breached, nothing else is compromised.
- Source: According to Verizon's 2025 Data Breach Report, 80%+ of breaches involve compromised credentials.
- Enable two-factor authentication on everything. Use an authenticator app (Google Authenticator, Authy), NOT SMS. SIM swapping is trivial for attackers.
- SMS 2FA is better than nothing but app-based 2FA is dramatically more secure.
- Do not click links in emails or texts. If your bank "needs you to verify something," go to the bank's website directly. Type the URL yourself.
- Phishing accounts for 36% of all data breaches. Source: Verizon DBIR 2025.
DFW-specific threats:
- Oncor/ERCOT phishing — Fake emails about your power bill. They look incredibly convincing. Oncor will never ask for payment via email link.
- Toll road scams — Fake NTTA emails claiming unpaid tolls. Go to ntta.org directly to check your account.
- DFW employment scams — Fake remote job offers from "DFW companies" asking you to deposit checks and wire money. It is always a scam.
Quick security audit (do this today):
- Go to haveibeenpwned.com — Check if your email was in a data breach
- If yes (it probably is), change those passwords immediately
- Install Bitwarden and start migrating passwords
- Enable 2FA on email, banking, and social media accounts
- Check your phone for apps you do not recognize
Sources:
- Verizon 2025 Data Breach Investigations Report
- NIST Cybersecurity Framework
- haveibeenpwned.com
- Personal professional experience in DFW infosec
Is it just me?
Bitwarden being free and open-source makes it the easy recommendation. There is no excuse for not using a password manager in 2026.