Staying safe in a digital world

October 2019 Home Security, Cyber Security

From online transactions and banking to shopping and gaming, cyber attackers are methodically finding new ways of using your devices against you, making each one of us increasingly vulnerable.

In order to have a positive and safe experience in the digital world, we need to understand the ever-increasing diversity of digital threats and equip ourselves with the necessary knowledge and skills. Unfortunately, too many users/consumers are oblivious to the threats and how quickly cybercrime is evolving.

Hackers are no longer as interested in breaking through firewalls or systems just to show they can. Their focus has shifted to theft of personal information and identity theft for financial gain, with phishing being the most common method used to trick/deceive you into disclosing your data.

According to the ‘2018 Norton Cyber Safety Insights Report’, 37% of consumers globally experienced cybercrime with malicious software being the most common cyber-related crime experienced. The report further highlights that less than half of consumers globally have taken any measure(s) to protect their personal information and online activities.

The information below will assist to stay abreast of the risks and to anticipate and safeguard us against some of these threats.

Protecting information online

Companies learn a lot about consumers/users through the data they collect from online activities which assists them in understanding consumer behaviour and developing personalised offerings for targeted advertising. This includes data on preferences when shopping online, social pages that are liked or followed, media channels that are used and the personal information included on social profiles.

Another dimension to the digital world and online activities is sharing – users share news, information, events, pictures, experiences and a lot more to build and maintain relationships as well as create new ones. Staying safe and secure in a digital world can be difficult. Not all hope is lost though, and there are some simple measures you can take to protect yourself and your information online:

• Be aware of the threats and understand the risks of going online. It is important to be conscientious and not assume that you are safe.

• In this regard, be cautious with online surveys and competitions as some of these may be scams designed to obtain your information.

• Carefully consider what information you choose to share online, including on social networks, chat rooms and other online media.

• Be careful not to post something that you do not want everyone to see; remember once it’s online, it is there permanently.

• Always use your best judgment: never disclose personal information and keep company information and workplace matters private.

Clearing or disabling cookies

We have all seen the message 'This website stores cookies on your computer' while browsing the Internet. So what are cookies? An HTTP cookie is a small piece of data sent from a website and stored on the user's computer by the Web browser while the user is browsing.

Cookies were designed to be a reliable mechanism for websites to remember a record of interaction information or to record the user's browsing activity. While cookies cannot infect computers with viruses or other malware, the danger with cookies is that cyber attackers can hijack cookies, and therefore browsing sessions, and track individuals' browsing histories.

Take care to ensure that if you are using a public computer/device, you should delete cookies when you have finished browsing so that subsequent users will not have access to your data (sent to websites) when they use the browser.

Business Email Compromise (BEC)

BEC is a type of attack where a cybercriminal compromises or spoofs a corporate email account of an executive/senior member of staff to defraud the company, its employees, customers or business partners.

In recent years, the amount of BEC attacks have significantly increased, with the FBI’s Internet Crime Complaint Centre putting global BEC losses in excess of $12 billion over the last 5 years (2013-2018). BEC attackers rely heavily on social engineering tactics and trick unsuspecting employees with well-worded, very specific email requests that appear legitimate.

While there are many variations, the attack basically entails targeting employees with access to company funds/finances and tricking them into making transfers or payments to the bank accounts of the cybercriminal/fraudster. Requests typically impersonate senior employees and include an element of urgency and a request for confidentiality.

The same modus operandi is also used to target customers or business partners.

BEC prevention measures that can reduce this risk include monitoring networks for suspicious emails, encrypting emails, diligently checking the sender details, independently confirming requests with the sender and most importantly, employee training given BEC attacks rely primarily on employees’ vulnerability.

Email and connected devices

In some cases, risk-avoidance behaviours by users do not seem to extend to how email and connected home devices are used. Case in point: approximately half of all users cannot distinguish between a real or scam/fake email or are operating their home devices with limited or no protective measures in place.

Frank Abagnale, the subject of the book and film ‘Catch Me If You Can’ states that, “stealing your identity is like counting to three.”

The reality is that we are all at times careless with our information or likely to accept certain risks online. Taking a few basic steps will, however, go a long way to protecting yourself and your privacy:

• Remember the essentials such as ensuring your devices’ operating systems are current and security software is installed and updated.

• Verify the authenticity of a website before entering sensitive or personal information. Check for ‘https’ indicating a secure site or look for the padlock icon, or lock icon, in the address bar.

• Think before clicking on links, opening attachments or installing software from unknown sources – if you absolutely must, first verify that the communication is genuine.

• Use complex passwords and change these regularly: for passwords, longer is stronger, however, avoid choosing real words, sequential numbers or personal information.

• Protect your home network, connected devices and smartphones by using two-factor authentication (2FA) on home computers, email accounts and smartphones.

For more information visit https://www.irmsa.org.za/




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Kaspersky uncovers zero-day in Chrome
October 2019, Kaspersky Lab , News, Cyber Security
Kaspersky’s automated technologies have detected a new exploited vulnerability in the Google Chrome web browser.

Read more...
Cyber-securing your surveillance infrastructure
CCTV Handbook 2019, Genetec, Hikvision South Africa , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Cyber Security
When it comes to cybersecurity, understanding the risks and the solutions as well as engaging in open communication helps everyone.

Read more...
Keeping your things to yourself
October 2019, Technews Publishing , Editor's Choice, Cyber Security, Integrated Solutions, IT infrastructure
Three experts spoke to Hi-Tech Security Solutions to offer advice on keeping your IoT working for you and not for cyber criminals.

Read more...
IoT in security
October 2019, Duxbury Networking, Technews Publishing , Editor's Choice, Cyber Security, Integrated Solutions, IT infrastructure
Using the Internet of Things is not really optional these days, but securing the Internet of Things is compulsory, no matter what industry you operate in.

Read more...
NFa2p security certification
October 2019 , News, Cyber Security
Advisor Advanced obtains the highest level of certification to the NFa2p Electronic Security Standard for a complete security system.

Read more...
SOAR an essential part for security operations
October 2019 , Editor's Choice, Cyber Security, Security Services & Risk Management
MJ Strydom, MD of cybersecurity specialist company DRS discusses the challenges around the security incident response lifecycle.

Read more...
Reductor malware hijacks HTTPS traffic
October 2019, Kaspersky Lab , Editor's Choice, Cyber Security, News
Kaspersky researchers have discovered new malware that hijacks victims' interaction with HTTPS web pages in the process of establishing encrypted communication between the user and the website.

Read more...
SA among top 20 countries targeted in new phishing influx
October 2019 , News, Cyber Security
Recent Fortinet research has revealed that South Africa was among many countries targeted by a phishing actor or group using the same techniques.

Read more...
Only birds in the sky
October 2019, Kaspersky Lab , Home Security
Kaspersky has launched a new solution designed to help organisations and property owners defend themselves from unauthorised trespassing by civilian drones.

Read more...
IoT under fire
October 2019, Kaspersky Lab , Home Security, Cyber Security
Kaspersky has detected 105 million attacks on IoT devices coming from 276 000 unique IP addresses in the first six months of the year.

Read more...