Senior engineer at F5 Networks, Martin Walshaw, provides tips for end users to avoid falling victim to phishing attacks.
Did you know that 56% of all data breaches in 2016 began with a user clicking on a phishing email, giving hackers access to a corporate network? Everyone has something of value to a cybercriminal. Don’t take the bait – always stop and think before you act.
Here are some cyber-safe tips to think about:
In public
How the hackers do it:
* Man-in-middle attack – Using a special software, a hacker inserts themselves in the middle of an unsecured Wi-Fi connection between a server and its connected devices. Pretending to be both parties, the hacker relays information back and forth, gaining access to all the data being transmitted on the network.
* Evil twin – Hackers can also easily create a “free” Wi-i network. Devices connected to such access points are then accessed by the hackers to spy on users. They might also try to get users to install malware by redirecting them to malicious sites.
* Consequences – Hackers can gain access to your confidential information, such as e-mails, personal files and credit card details. They can also control the hacked device remotely, denying access to the device or even taking over the camera to spy on your activities.
How to protect yourself:
* Be prudent when connecting to unsecured WiFi networks.
* Do not reveal or access sensitive information when connected to an unsecured public network.
* Change your passwords regularly and use different passwords across multiple applications and platforms.
* Avoid installing suspicious attachments or clicking on dubious links.
Home computers
How the hackers do it
Missing patches and updates – Hackers target home computers with missing patches – software updates issued by their makers to fix vulnerabilities within a programme. By missing patches and security updates, home users leave their devices open to being hacked.
Pirated software – Pirated software and applications from un-identifiable sources may be infected with a virus and are easy targets for hackers to compromise devices.
Phishing – Clicking on malicious e-mails or links can trick users into installing malware on their home computers.
Consequences -Once compromised, hackers can get almost any information stored in the computer – which they can use to blackmail users or for any other nefarious activities.
Such devices can also be used to power the bot economy, spreading the malware through a network of hacked computers. Hackers can deny access to the device and demand a ransom to unlock it.
How to protect yourself:
* Patch your machine operating systems with regular updates.
* Install an anti-virus/malware solution and do regular scans.
* Do not click on any ‘suspicious’ e-mails.
Smart Devices
How the hackers do it
Through default login settings – Smart home devices are usually connected to a wireless network. If the credentials are left in the default settings, hackers can use the default login information and gain easy access to such devices.
Consequences – Hackers can use these smart devices to collect private information about their users. Worryingly, hackers can even use these devices to record conversations or spy on users. This information may subsequently be sold on the black market, resulting in greater implications for users and the people around them.
How to protect yourself
* Secure your home networks with proper authentication.
* Change the default credentials of your smart devices.
* Update security and firmware patches regularly.