In my previous article, I covered the three most popular cyber attacks against individual users: ransomware, phishing, and credential stuffing. While understanding the inner workings of different hacking methods is the first step towards online security, practice must always supplement the theory.
For advanced users, the information here might seem simplistic, but annual cyber security researches reveal that a casual internet user frequently exchanges comfort for security. Profit-oriented hackers aren’t interested in sophisticated hacking techniques, they want an easy risk-free run that would cash out.
That’s why implementing even the simplest defense mechanisms can increase your security significantly, it separates you from the rest of the unprotected population and targeting you becomes not worth the effort. Just keep in mind, that online security is not a one-time exercise, but a healthy habit, and it’s not that hard to develop, so let’s dive in.
An anti-virus is a must-have because most of the attacks attempt to infect your device with malware, virus, or a worm. Furthermore, good anti-viruses have online protection and will alert you if a web page or an email attachment is trying to infect your system. If you’re using public wi-fi a lot, consider using a VPN, it encrypts your traffic, making it harder to spy on your activities online. Password management is also an issue, so a reliable password generator and a trusted password manager is beneficial.
Updates are released for various reasons, and some of them may contain critical fixes to known vulnerabilities. Your anti-virus, web browser, operating system, — each may have a vulnerability that a hacker can exploit to gain access to confidential information. If you’re late at updating your system, the risk to be exposed to a successful hack attack increases because the vulnerability becomes a known issue and cyber criminals will look for systems who have no fix applied.
https://www.howtogeek.com/235474/how-to-roll-back-builds-and-uninstall-updates-on-windows-10/
If you’re an active netizen, then you have dozens (if not more) accounts on various web pages. If any of them leak your credentials, then it’s crucial to take action ASAP. Reading on the latest online security threats gives you a heads up where the danger may come from and helps prepare for it. Don’t rely on companies informing about possible breaches, some of them will intentionally withhold such information afraid of damaging their brand. Strife to be one step ahead.
Phishing can be carried via email, phone, or a text message, but the end-game is the same — to acquire your private information. The email may try to seduce you into taking hasty actions, for example, a “bank” is informing they experienced a security breach and need you to update your password as soon as possible. Or you receive a phone call from your “internet service provider” telling they’re working on a network upgrade (called “Tech support cold call scam”) and require your personal information to proceed.
When you notice a feeling of urgency always take time to check the validity of the issue in question. Banks do not need their clients’ passwords and will never ask for it, and ISPs do not need any credentials to work on a network update. If you receive a phone call state that you will call back with the information and contact the institution in question via their official telephone number to inquire about the issue. For emails, read the following paragraph.
First of all, it will usually start with “Dear customer” or alike, phishing emails are sent en masse and will seldom include your real name. The sender’s email might be spoofed and look legitimate at first glance, however, it may contain misspelled company names, for example, “[email protected]”. Furthermore, using additional software, it’s possible to create a fake email that would have “@amazon.com” so a convincing email address does not necessarily mean it’s not phishing.
https://blogs.otago.ac.nz/infosec/examples-of-phishing-emails/ img: Slide1.png
Phishing emails frequently include a hyperlink to a fraudulent web site. Instead of clicking the link open up a new browser tab and input web page address manually. Hackers can use link shorteners (like bit.ly) to make the links look more convincing, but that’s a practice that a real company would rarely deploy in an e-mail. A hyperlink may be formatted to look like text, in this case, hover over the hyperlink and check the address that pops up.
Hackers may want to infect your device to gain access to confidential information. You may receive a letter with an invoice that needs to be paid or won a lottery with an attached PDF document with “instructions” how to claim the prize. Once again, carefully check the email for spelling errors, fishy email addresses, malicious hyperlinks, and, finally, if your anti-virus supports this function, scan outgoing and incoming emails for malicious elements.
Ransomware is a malware that tends to spread and encrypt as many devices as possible, so this should be your step number one to prevent further infections. However, such malware can lay dormant in the device for quite some time before executing itself and may have spread to other devices already, meaning they have to be checked for infection as well.
http://www.secpod.com/blog/wannacry-ransomware-digital-example-of-a-perfect-storm/ img: Screenshot-from-2017–05–14–23–42–20.png
Ransomware will encrypt all or parts of your hard drive or just deny access to your files until you pay the ransom. Having a backup guarantees that you will be able to recover your data without submitting to hackers demands. However, after setting up the backup, it is recommended to test if it’s working correctly.
There are no guarantees that after paying the ransom, the hackers will keep their end of the bargain. Best case scenario is that they will keep their promises, but a more common situation is a continuation of blackmailing the victim for more money. Furthermore, you will most likely be added to the list of easy victims and may be suspect to more attacks in the future.
The malware can execute itself from RAM and by restarting your device RAM clears of any traces that might be useful to forensics. Authorities may be able to identify what kind of ransomware is being used, and that may lead to bigger chances of successful recovery.
So far it’s your first line of defense against credential stuffing. Services like Gmail will try to prevent unauthorized logins by checking the user, location, language of the device that is attempting to gain access to the account. But all of these credentials can be faked, and forced 2FA or MFA will make hackers work much harder.
https://www.falcon.io/help/manage/2-factor-authentication/ img: 2fa-two-factor-authentication.jpg
Credential stuffing gained in popularity because of numerous leaks so you should be aware of any breaches that affected your email address. So far, the best way to do it is to check www.haveibeenpwned.com. If your email was affected, you should immediately change the password of the email in question and all services that used the same password.
As mentioned at the beginning of the article, password management is still a huge issue. A good password manager will allow you to have a different and strong password for every web site and will keep them in a secure and encrypted vault. Hackers that are executing credential stuffing attacks expect the same password to be used more than once, and a password manager solves this issue.
These are only the basic steps that will improve (but not guarantee) your online security against hack attacks in question. Reading about the latest leaks, hacking methods, and security issues may adjust the way you perceive and improve your browsing habits. Moreover, the number of netizens following these simple steps is still, unfortunately, low, so by implementing named security measurements, you will fall off the radar. Or as the saying goes, beware and be aware.
<a href="https://medium.com/media/3c851dac986ab6dbb2d1aaa91205a8eb/href">https://medium.com/media/3c851dac986ab6dbb2d1aaa91205a8eb/href</a>