October is National Cyber Security Awareness Month, so this month we’ll be featuring blogs that focus on keeping your online information protected. For more information visit http://www.staysafeonline.org/ncsam and keep checking the Payza blog for tips on keeping your important data secure.
“Black hat” hackers–the kind who thrive on finding and exploiting computer security weaknesses– are an active and foreboding bunch, lurking on the internet. They’re always looking for new and creative ways to break into unwitting people’s computers and steal their information via malicious software (a.k.a. malware). Whether you’re computer savvy or a self-proclaimed Luddite, you’re not immune to a hacker’s damage.
To help avoid becoming a victim here are 5 things and tips to remember when surfing the internet:
1. Social media: Thanks to the popularity of social media websites like Facebook, Twitter and LinkedIn, hackers have an easy way to target their victims. They can stalk people’s public social profiles to find out their interests (and weaknesses). With that information hackers are able to cater messages to offer something “irresistible” to entice their victims into divulging their personal information and downloading a malicious program.
For example, you might post that you are interested in travel, and then receive a private message on Facebook that offers free or cheap tickets to your dream destination (which, coincidentally, you’ve mentioned many times on your profile). All you have to do to score the tickets is click on the link provided. You will either unwittingly download malware or launch a malicious program, or be prompted to provide personal information that can be used against you.
Tip: Don’t click any links in messages sent by people you don’t know. Even if a link is sent from someone you know, keep in mind that if the message doesn’t sound like them, it isn’t from them. To be safe, don’t click on any links for “offers” that seem too good to be true. Adjust your privacy settings in your profiles to limit what information can be seen publicly.
2. Mobile phone malware: Hackers have found a new gold mine for getting people to download malware, mobile phone apps. Usually mobile phone malware comes in the form of a Trojan horse–a type of malware that poses as one thing but is something entirely different. For example, an app that claims to be a cheap or free game, book or product from a publisher you do not know, but instead of doing what you thought it would, it installs malware on your mobile phone to capture personal information, passwords and more.
Tip: Install an anti-virus program onto your mobile phone, and stay away from apps by people and companies you’re not familiar with. A free app may sound cool, but don’t throw caution to the wind… you may pay dearly for it later.
3. Online Gaming: Online gaming has become a rich resource of malware in recent years. Many online games that have been corrupted are for children, hackers are infecting educational gaming websites with malware because children are more likely to click indiscriminately. As despicable as this practice is, don’t expect hackers to stop anytime soon, just be extra vigilant when it comes to online gaming.
Tip: Echoed in almost all of the aforementioned tips, an up-to-date and regularly updated anti-virus program is indispensable. If your children use the computer often to play games, it is helpful to monitor their usage and teach them about online safety. Microsoft has some informative content for parents and children.
4. Ransomware: Some hackers have the ability to sneak a type of social engineering malware called “ransomware” onto your computer through a file or a network vulnerability. A hacker will hold your computer “ransom”, threatening to erase your files unless you pay a fee. They may even pose as an authority and tell you that questionable or illegal content has been detected on your computer and that you must pay them to remove it for you.
Tip: There is no way of knowing if they are telling the truth or if they will actually harm your computer or not. Sending money, will NOT fix the problem. If your computer becomes frozen, get a professional to fix it. Then get a good anti-virus and firewall program. There are free options available online, but make sure to read the reviews before installing a program.
5. “Hacktivism”: “Hacktivists’ are a special breed of hacker with a political and/or social agenda who uses their technological know-how to protest. Some claim to have the greater good in mind (like universal free speech and human rights); others have more anarchistic and destructive goals, which can put the general public at risk. “Anonymous” is one of the more well-known hacktivist groups famous for their Distributed Denial of Service (DDoS) attacks and threats against governments, corporations and other organizations.
If these “vigilantes”, as some call them, have our rights in mind when they target governments and corporations, should we worry about our personal security? Yes, because your personal data is often compromised. If a hacktivist group compromises the security of a government website, whose information do you think they’ll have? Yours. Not knowing what they plan to do or what their intentions are regarding this information is a threat to your security.
Tip: Be aware of and informed about what hacktivist groups are up to. Governments, corporations and organizations use the best security measures to protect your information, but that doesn’t mean you shouldn’t stay informed.
For more information on how to protect yourself and your computer from these types of attacks, have a look at these articles: