The Internet has become a way of life for most of us. While it might be a breath of fresh air to be “off the grid” for a period of time to rest and reset, it really is difficult to think of not having it available to us at the touch of an app. Because of this, cybercriminals are also finding ways to use it to scam us out of any number of things including to steal our information, to make money or steal it, or even just to cause a disruption in our day.
Last year, there were a reported 6.2 million incidents of cybercrime in the United Kingdom (UK) alone. That’s a lot of trouble being caused using the Internet. Here are several reasons that cybersecurity is more important than ever going forward.
Viruses and malware are more sophisticated and complex than ever.
First, it helps to know the difference between viruses and malware. Viruses are a specific type of malware that is designed to replicate and spread once it’s executed. Malware is a broad term that includes viruses that describes all sorts of malicious programs that are designed to do just about anything. Malware includes, but is not limited to viruses, spyware, ransomware, adware, trojans, worms, potentially unwanted products (PUP), etc.
This is why having an anti-malware product installed and kept updated is so important. The major vendors provide products that cover pretty much all of it to one degree or the other. Shop around and find what works for you.
Scammers are getting better at tricking us into opening malicious attachments or clicking malicious links.
Far gone are the days when it was immediately obvious that an email message was phishing. The scammers are becoming so well-versed at copying logos and language, pretending to be colleagues, and generally making us feel comfortable that we don’t hesitate to open these dangerous files. In fact, a study by Avceto showed that if we think a link or attachment comes from a friend, such as from within social media, we don’t even hesitate to click it. Scammers are even placing phone calls to gain information to scam us (called vishing).
Always take some extra seconds to be 100% sure that whatever you receive in email, by text, or even on the phone is not trying to phish for information. It’s still important to look for those tell-tell signs of phishing, but if you don’t recognize the sender or if you are not expecting a link or attachments, either trash the message, hang up the phone in the case of vishing, or take some time to verify its legitimacy before going further.
So far, 2017 has been the worst on record for data breaches.
A recent Risk Based Security report found that in just the first quarter of 2017 there were over 1,200 data breaches. This is on target to be the worst year for data breaches ever. We have already seen compromises at Kmart, OneLogin, Intercontinental Hotels Group (IHG), Chipotle (again), DocuSign, and Gmail to name just a few.
It’s hard to secure your own data once you give it to others. However, there are some things to be done to help. These include actively monitoring payment card charges and reporting suspicious charges immediately. In addition, get a copy of your credit report from each of the three major reporting agencies every year. Review it closely and report anything that is incorrect or suspicious to them and clear it up as soon as possible. At the website annualcreditreport.com, you can get a free one from each of them individually. For extra caution and to address anomalies sooner, stagger when you order them so you can keep an eye out throughout the whole year.
You can also set charge limit notifications on most payment cards. If you normally don’t spend over $50 in a transaction, activate a notification to be emailed, sent by text, or by phone any time a charge over that amount is made to your card. You can also set these for balance limits. This will help identify potential fraud as soon as it happens.
Business email compromise (BEC) is on the rise and expected to continue.
The FBI continues to warn businesses of this rising crime. The number, according to the last PSA issued by the FBI’s Internet Crime Complaint Center (IC3) has exceeded $3.1 billion. This crime happens when someone in an organization is tricked into sending sensitive information, such as W-2 data to someone impersonating a colleague. Often, they pretend to be an executive. It also occurs when someone with access to perform wire transfers is tricked into wiring money to a thief’s account. Again, an executive is often impersonated to perpetrate this.
There should be checks and balances in place at any organization for performing wire transfers. At least two sets of eyes should approve each request. Pay attention to requests for this task and if the request seems strange, question it. Any executive would prefer that than have money stolen from the company. In addition, sensitive information should never be sent via email. Email is not a secure form of communication and even encryption can be broken. Therefore, consider any email fair game for anyone on the Internet to read it. If you need to get sensitive information to someone not co-located, use a traditional courier or the telephone.
Cybercrime isn’t going away any time soon. Unfortunately, sometimes it seems that the criminals just want to cause us a lot of grief. For example, in the recent WannaCry outbreak where a lot of business was disrupted all around the world, the thief or thieves only made out with about $50,000. So, if you’re on the Internet, being proactive can help protect against these types of crimes.
© Copyright 2017 Stickley on Security