2017 witnessed several cyber-attacks; where WannaCry and Petya created the most amount of havoc! Digitalization, not only made life easy but has also made us prone to online threats. The consequence of taking security issues lightly had an aftermath on major companies, government sites, health and banking organisations as well as individuals. To avoid cyber crimes, cyber security awareness is crucial.
A malicious attack carried out with an intent to damage computers, servers, peripherals, etc., for the purpose of stealing data or carrying out illegitimate activities. There are several ways Cyber Fraud can take place, these include –
In this case, hackers try to gain sensitive information (password, credit card details, usernames, etc.) by sending you emails and links to fraudulent websites. Consequently, the recipients are lured into filling out personally identifiable information in fraudulent websites that mimic well-known websites.
A process wherein your online accounts are accessed illegally or a company’s system is manipulated to steal information.
Illegally making use of individuals or organisations personally identifiable information for fraudulent purposes.
When the hacker makes use of social interaction by posing as someone you could trust to gain information about a system or organisation to infiltrate it.
Malicious software (virus, Trojans, spyware) designed by hackers designed to damage your device or system to gain access to information.
Designed to keep a track of every key you type on the keyboard. These may run in the background without your knowledge.
- The Case Of Passwords
*Weak passwords were the reason for almost 80% of cyber-attacks. *
<u>Safety Hacks: </u>
i) Ensure that you have a strong password.
a) 12 characters min;
b) Preferably gibberish and shouldn’t involve real words, date, name, or things associated with you that can be easily guessed. Meanwhile, you can check if your password belongs to the 100 most common passwords category here;
c) Should include a combination of uppercase, lowercase, symbols and numbers. You can check how strong your password is here.
ii) Make sure no two accounts have the same password – Use a password manager, such as LastPass or Dashlane, to keep a track of all your passwords.
**iii) Choose creative answers for security questions – **“What’s your hometown” – “Venus”. Just make sure you don’t forget the answer later.
- Personally Identifiable Information (PII) Should Be Kept PERSONAL
600000 Facebook accounts are compromised every single day. Avoid responding to requests that ask for personal information. What accounts as PII? Name, Birth Date, Address, Credit Card Information, Email Address, Race, Gender, etc.
i) Keep your Social Life Private
a) When it comes to social media accounts, your life is on a display for all to see. Therefore, you should never reveal information related to home address, phone number, among others to anyone you don’t know.
b) Change your privacy settings to the specific group of people you want to share the information with.
c) Many platforms offer two-factor authentication. Utilise it.
d) Opt for login alerts or one-time passwords, if there is an option for such.
e) Be ‘friends’ with ‘real people’.
f) Avoid using third party applications. Do a regular audit and remove the ones you don’t use. Additionally, it’s best not to grant third party app permissions.
h) Never enable ‘remember’ login & password.
ii) Track your financial activities Sign up for real time alerts. So that when a transaction is made on your card, you are notified in an instant. However sometimes, due to technical glitches, you may not get notifications. Furthermore, it’s not possible to constantly keep a check on your financial activities.
TIP – Add a day, where you can thoroughly scrutinise the going on’s in your financial statements. If you do it a month later, chances are, the hacker may have already accessed important details. Make sure you assign a day in a week just to check your financial activities.
iii) Online Shopping If you are shopping online. Ensure that the website has a secure https highlighted in green in the top left corner. When you click on the lock symbol on the right, it will indicate that your site is secure.
It is safe to enter info on such a site. When there is an i icon (in the picture mentioned below), be cautious.
Avoid sending information on such links if possible.
- Unsolicited Emails Almost Always Scream Danger
Emails are the biggest target of any cybercrime. Here is a list of personal cyber security tips to take into consideration to avoid being a victim of cyber-attacks in the future.
i) Avoid clicking on strange URLs and attachments. Type out the URL and visit a website instead of clicking on a link sent by an unknown sender.
ii) Sometimes, hackers can embed malware in advertisements, which can reach your through trusted websites as well – Use Ad Blockers.
iii) Patch security browser holes.
iv) Keep your third-party plugins up-to-date.
v) If you find something fishy, it probably is. Awkward sentence formatting, strange spellings, unusual spaces and symbols are dead giveaways. Alternatively, surf the web for the subject line. If it’s spam there’s sure to be complaints about it on the web. Don’t hesitate to report it to authorities.
vi) Block attachments of such file types –
- Secure Your Backups
When you fail to safely backup your data, you make hackers rich. Therefore, you need to maintain copies of your data in separate locations to ensure that you are not locked out of your system in case of a breach.
<u>**Safety Hacks:</u> **
i) Cloud is the preferred choice, but honestly, it doesn’t belong to you. So, unless they provide encryption for the data, don’t store sensitive information there.
ii) Daily backup. A file synchronising service will help you back up your data on a day-to-day. Moreover, you can also synchronise on your own network using propriety protocol so that it is not instantly visible to attackers.
iii) Go old school. Use an external drive.
iv) Air Gaps – For backups that are less frequent in nature, you can use an offline storage that is isolated physically from the company.
- Protect your IP
Unprotected IP = $1 billion extracted in 2 years from 30 countries. Hackers can easily gain access to your IP by means of social engineering and once they have it, there no end of the things they can do.
i) A virtual private network (VPN) helps safeguard your online data through proxy tunnelling and encryption by redirecting traffic through a different server and hiding our IP.
ii) Change the administrative password on your router and update firewall rules to not accept any ping requests from the Internet.
iii) Secure your instant messaging apps to private and avoid taking unknown calls or messages, which responsible for most social engineering cases.
iv) Update antivirus solutions with additional security layers.
You need to avoid logging into your accounts using other people desktops. Why? Because it could have a keylogger installed. Additionally, if you think the information that you’re entering is sensitive, it is advisable to use a virtual keyboard. It is equally important to connect only to those networks that are secure and protected by passwords. Speaking of which, password proof all your devices. Lastly, don’t forget to update and patch your OS, anti-virus software and web browser at regular intervals automatically. This will ensure that the hackers cannot access your systems in times when vulnerabilities arise.
Computer hackers are here to stay. Your safety is in your hands. Take an action today. Get in touch with our experts.