Keeping Safe in Cyberspace – Create. Read. Update. Delete.

Keeping Safe in Cyberspace by Tim Helming, director of product management at DomainTools. Available from <https://www.cbronline.com/opinion/top-tips-keeping-safe-cyberspace> [December 20, 2017] Photo: Article Source

The number of internet users in the world has skyrocketed over the last ten years. Today almost every person on the planet is using the internet in some way, whether for communication, shopping or online banking, and its popularity will without a doubt continue to rise. The internet has essentially become completely ingrained in people’s lives because of the huge benefits it offers.

However, one of the biggest downsides to the internet is that it has driven an enormous increase in crime. Historically cyberattacks were a rare occurrence but today, cybercrime is the number one threat consumers face. Hackers understand that with the internet being used so widely, there is a wealth of data available online which can be harvested for financial gain.

This means internet users must be forewarned about the dangers lurking online, and understand how to avoid becoming a victim to one of today’s crafty cyberattacks.

Understanding today’s top threats

Nowadays it seems almost anything can have an internet connection, from refrigerators to TVs and even light bulbs, and while this offers people the ability to control devices remotely, it does increase the ‘attack surface’ they present to cybercriminals. With the internet now playing such a major role in people’s everyday lives, and confidential information, like bank details, being used online so frequently, people have a lot to lose if they are ever victim to a cyberattack.

Hackers are fully aware of the different ways that people use the internet today and understand exactly what data is available to them. As a result the risk of falling victim to a cyberattack today is extremely high.

While attack methods abound, the key threats which predominantly target consumers are phishing, ransomware and domain spoofing. Each of these scams targets consumers in different ways, but they all have the same end goal – to steal confidential data.

Phishing

Phishing is the most common technique cybercriminals will use to target consumers and extract confidential information. The attack vector causes significant financial damage to consumers each year; it involves cybercriminals sending out targeted, or random, emails supposedly from a known or trusted sender in order to trick individuals into revealing confidential information.

An example of this might be sending an email to a victim pretending to be their bank asking them to confirm a PIN or account number of their bank details. The email would look authentic and would be very difficult to distinguish from a genuine email from the bank. As a result, many people will send the bank details requested, unaware that they have actually been phished.

Phishing is extremely effective and nets cybercriminals billions of pounds annually. The technique can be carried out online, via SMS (smishing) or even via standard phone calls (vishing).

Ransomware

One of the fastest growing threats around today is ransomware. The threat involves cybercriminals taking data or a device hostage by encrypting its files until the victim pays a ransom for the data to be unlocked. Cybercriminals will generally infect people via phishing emails which contain malicious content such as “drive-by download” malware links, attachments, or pictures. When the recipient clicks on the content which contains the embedded ransomware, the encryption process begins and in time, a message will appear on screen demanding money, with a deadline. Many people may choose to pay the ransom out of fear they will lose a device or the data stored on it; however paying the fine does not guarantee you will get your data back.

Domain Spoofing

Another attack vector hackers will use to target consumers is domain spoofing. The technique is when hackers imitate the URL of a legitimate website in a bid to trick people into handing over confidential information. An example of this could be to spoof the domain of a well-known retailer, and when customers visit the spoofed domain they would not be able to tell they were visiting an illegitimate site. They would hand over their bank or credit card details to purchase goods. Hackers could then steal the credentials and use them to either purchase goods, sell them on the dark web, or attempt to empty bank accounts.

How to defend against today’s top threats

Phishing and ransomware are serious threats and when successful they can result in people losing thousands of pounds. As a result, it is imperative that consumers take steps to address phishing and ransomware to help minimise the chances of falling victim. Key steps include:

Think before you click

Never click on links, attachments or images sent in emails unless you are 100 percent sure they are trustworthy. Ransomware actors will send out phishing emails with malicious links and attachments to infect people.

Hover over URLs, don’t just click

Always verify the URL for the site you are visiting is correct. Cybercriminals will make small changes to URLs to encourage visitors to their illegitimate sites. Smalls changes can include changing a site from .co.uk to .com, or changing letters to numbers. If you are tempted by a deal that appears in your inbox, the safest way to investigate it is to type the business’s homepage into your browser, and then navigate their site to find the deal there.

Never send banking or confidential details over email

Even if the email looks to be from your bank and is urgently requesting your bank details, never act upon it. Phone your bank to confirm if and why they need your banking details.

Never reuse passwords, and change password regularly

With so many data breaches occurring, internet users should aim to use different passwords for all of their online accounts. This means if a data breach occurs at one of their online accounts hackers will not be able to use the confidential data they steal to access further accounts. One way to make this easier is to use a password manager, which stores your passwords in one place, and which can generate strong, random passwords for your various accounts.

Safety First

Despite the myriad risks, it is possible to stay safe online, but you must be intentional about it. And as you become more security-savvy, share the knowledge with your friends and family. You just might save the day for someone close to you.