The internet has opened up many new avenues for security, both at work and home. Essentially anything that can be accessed through a web browser. Gone are the days when hacking was limited to either an office network or a home computer. With web-based applications, your data is never more than just one click away from being stolen. That’s why it’s crucial to protect yourself online with the tips in this blog post. Read the following suggestion on how to protect yourself online.
Fake websites
Phishing attacks aim most often to obtain a password that allows scammers to tamper with the victim’s account freely. However, the email is only the first step; there is almost always a link to click on for further action. Most websites now use the HTTPS protocol, whereby a certificate confirms that the website operator is who they say they are. However, the existence of a certificate alone is not enough to decide whether the site in question can be trusted or not. Some companies provide free certificates that only certify the authenticity of the link in the header, not the identity of the company/organization/individual behind the website. Fraudsters use such certificates because the padlock immediately reassures many people in the address bar. But the fact is that you should click on the padlock because the detailed information is only then visible.
Firefox also gives you the option of automatically blocking websites that are not HTTPS-certified.
The tricks of the “Wrong” subscription
Although these scams are no longer widespread, they are not entirely extinct. This is where a (non-existent) company sends a letter to many users informing them that they have to pay the due fee for a service they have previously subscribed to. Of course, no one can be forced into a subscription without their explicit consent, so if you are being asked to pay for a service that you don’t remember or certainly haven’t used, ignore the message. You might even reply saying that you have not subscribed, at which point the scammers will usually give up and move on.
Cyberbullying
In the classic case, bullying is common, for example, between classmates or colleagues, typically lasts for an extended period and involves verbal or physical abuse. Cyberbullying is not much different; only the methods are different. It usually happens through some social networking service or messaging service.
But there is one important difference: because the internet can provide anonymity and there is no need for personal contact between the harasser and the victim, cyberbullying can be much more unscrupulous and, therefore, crueler.
The most effective defense is not to give a platform for the attack, which on the internet means protecting personal information to the limit – and always, everywhere, sharing as little information about yourself as possible. This also applies to photos and videos. Of course. When using social networking services, it’s worth checking who can see your data – it’s highly recommended that you restrict access to at least people you know.
If you become a victim of harassment, you should first take evidence (screenshots) and then inform the service provider and, in more severe cases, the police.
Password theft
Unfortunately, even today, many people still don’t pay much attention to using strong passwords – so the words 123456 or password still top the list of most common passwords. These passwords are not considered particularly secure even if you add one or two unique characters to them. Another common password hunting strategy is for big businesses to set a password to Big Whale-lati23.
Password theft typically does not happen with a well-known large service provider. Still, in hidden forums – the problem is that with the acquired email/password pair, the scammers immediately try to log into Facebook, Google, and who knows where else. It’s no coincidence that experts have made it a standard rule to use a unique identifier for all online services for years. Of course, it’s not easy to remember 20 to 30 passwords, powerful ones, so it’s worth using a password manager. Keepass or LastPass is perfect for the job.
Embedded downloads
Scammers have found that they can spread viruses much more effectively by placing banners on larger sites that are clicked on to download the virus file to the computer rather than to another site. There is only one effective way to protect against this scam: to block all the ads that appear by using a suitable add-on such as uBlock Origin. See the sidebar for more useful plug-ins!
Problem with the cookies
In the past, websites mainly used cookies for web tracking, which is an excellent solution if you visit a forum often and don’t bother logging in every time. However, suppose this kind of tracking is also used by a company that places advertisements all over the internet. In that case, a personal profile can be built very quickly based on our browsing habits. Fortunately, most browsers now give you the option to block cookies independently of the website – but even so, you can’t feel completely safe because newer and newer ways of collecting data are being developed. And it’s not just ad servers or significant service providers that collect data but, in many cases, the browsers themselves.
Fake News
Fake news has been in the spotlight as a threat on the internet for four and a half years, as analysts say it was the deciding factor in the 2016 US presidential election. The purpose of fake news is clear: to obscure, distort, incite and manipulate. The most straightforward defense against fake news is to seek alternative opinions: i.e., to gather information from multiple sources and ‘manually’ avoid fake news websites.
Deep fake
Artificial intelligence has great potential, but the technology also has its dangers: a few years ago, it took a lot of effort to fake video or audio at home. Today, however, artificial intelligence has become so advanced that it’s no problem to replace the character or characters in a video with others in good quality – and all you need is a few photos, not just the video. Deep fake is thriving in two areas: political statements can be made more credible with known faces. There are also many porn videos circulating online in which a known actor or actress has replaced the original character’s face. And a company in Germany was swindled out of US$ 248,710 / €220,000 two years ago by fraudsters using software to instruct employees over the phone in the voice of the CEO.
Malware and ransomware
The spammers mentioned above often want to deliver malware to users’ computers. Unfortunately, long gone are the days when a virus was just an innocent prank; nowadays, malware is a profit-making tool, with the clear aim of taking money out of the pockets of its victims. Unfortunately, hackers can be pretty creative in their thinking, so newer and newer methods have emerged – these days, ransomware is perhaps the one to be most feared. As the name suggests, in this case, the virus creator is trying to force the victim to pay by encrypting personal, and therefore important, files once the virus gets onto the computer. The recipe is simple: the decryption code is only obtained after paying a ransom. In theory, at least, experts warn against paying. The best defense against ransomware is prevention anyway: if you have a backup to restore your data, you can quickly recover from a problem. But beware! Extortionist viruses can encrypt data on any drive accessible from the machine. For perfect security, you also need to store the backup independently of the PC (say on a disconnected external hard drive).
Newer versions of ransomware are also known as ransomware because they not only encrypt information but also steal it – making it easier to extort money, especially from corporate targets, who also demand a ransom to keep the information they obtain internet. Unfortunately, even a backup is no longer enough to protect against this method. And the security risk is high even if you pay, as there is no guarantee that the information will not fall into the wrong hands.
E-mail on the phone
While most desktop email clients don’t automatically download embedded content, iOS’s app loads messages in all their glory – so that your inbox looks perfect straight away. The problem is that it gives scammers an excellent tool to exploit the automatic loading to spread malicious code. It is, therefore, worth looking for the appropriate option in the settings and requesting that iOS’s mail client does not download HTML content without asking. However, even if the links are not removed, it is still worth being vigilant and not clicking on links that are even slightly suspicious.
Dangerous applications
From time to time, applications that steal personal data surface. And unfortunately, this is not only the case with software from dubious sources but also from time to time with apps from the official app store. Although Apple and Google test software, the law of averages means that software still slips through the filters. In general, however, known software does not tend to cause problems, so you should avoid the software from dubious sources or unknown developers if you want to be on the safe side. And if you have an app on your mobile phone that you no longer use, you should remove it from your device, just in case.
Did you know?
Online traps are not to be taken lightly. There are a lot of common scams that have been going around. One of the most popular is people posing as students on websites like Craigslist and offering to do some menial task for you so they can get a free laptop or another personal item in return. This practice is known as “shaming” and has been reported to make up over 60% of online cybercrime.
Conclusion
The internet has opened up many new avenues for security, both at work and home. Essentially anything that can be accessed through a web browser. Many organizations and individuals now have the capability to store sensitive data in the cloud and access it from virtually any device with an internet connection. It is important for those who are responsible for this information to take care when storing it and make sure all of the appropriate security steps are taken to protect these documents.