High-profile cyberattacks against major corporations and governments may be the ones making the headlines these days but cybercriminals are also still exploiting those basic online scamming techniques they have been perfecting for years. As most people are still unaware or not following basic cybersecurity measures, they keep falling victims of well-known threats and exposing their companies to larger scale attacks.
So if you see yourself (or any of your colleagues) in any of the seven characters I am about to describe, it is time to polish up your personal cybersecurity skills.
#1 You are a clicker
A click may be all it takes to be infected by a virus or redirected to a malicious website and fraudsters are very good at creating content to lure people into clicking. It may look like an important message coming from a person or organisation you know and trust - a technique called spear phishing, or it may just be spam, and all those 'too good to be true' promotions or it can even be a fake survey and prize draw where you willingly give out your personal information.
So before you click, a good precaution is to always hover over a link to check where it leads. You need to read the link carefully and check that it looks legitimate; phishing links will have minor typographical errors in them that will take you to a dummy website where you will be infected with malware or you will be asked to enter personal information. You should also be on the lookout for suspicious behaviours: reputable companies don't normally ask you for passwords or sensitive information, or compose emails with bad grammar and low quality images. If you are in doubt, don't click on it; contact the company directly, or go to their website to check for any alerts.
#2 You ignore updates
Technology companies are continuously investing in making their products less vulnerable to cyberattacks and will release patches and updates to fix any problems they encounter. However, if those updates are not installed by the users, then these users will remain exposed. Internet browsers are a great example of an everyday tool that can be exploited by hackers, and breaches are facilitated by the fact that only 10% of Internet Explorer users are on the latest version.
#3 You love free Wi-Fi
Free public Wi-Fi has allowed us to become more connected and avoid substantial data charges, especially when going abroad. But as these connections are openly available to anyone, it is easier for hackers to intercept data that goes through it. So take some precautions such as to avoid online banking, or using your credit card for online payments. If you regularly use public Wi-Fi for work, you may be able to connect to a VPN to make your connection more secure.
#4 You use free apps
If you are a fan of the latest apps, games and gadgets you should be aware that some applications such as free search toolbars or free phone apps may be infected with malware. This allows cybercriminals to collect your data and online activity for malicious purposes in the background, without you ever noticing it. Avoid downloading applications from unknown sources.
#5 You use the same password for everything
Hackers are aware that most people reuse passwords across multiple sites, so they may steal your password from a less secure website and later try it out on popular retailers and social media where you may also have an account, until they gain access to valuable personal, financial or corporate information. The best way to avoid this risk is to use strong passwords that are customised for every website. There are plenty of great tips online on how to create strong and memorable passwords.
#6 You never lock your screen
The easiest way to steal valuable data or invade someone's privacy is to physically access someone's unlocked computer whilst they have stepped away, and then copy their files or visit their password-protected websites to which they are already logged in automatically. It doesn't take any technical skills to do it and unless the criminal is caught on camera, you can't trace the breach back to them. So make sure you are not leaving your cyber front door open.
#7 You share too much online
What is your mother's maiden name? What was the name of your first pet? What is the name of your first school? These are all very standard security questions that allow you to retrieve your password, and the odds are someone could find all these answers on your Facebook profile. If you are an avid social sharer but would like to protect yourself and your company from online threats, you may start by restricting access to your updates to only friends. Have a second look through your profile and reconsider how much of that information could be harmful in the wrong hands.
Also be aware of the terms and conditions of the websites you visit frequently as some of them may be collecting your data and using it for advertising or sharing it with third parties.
Cybersecurity starts with you
As advanced as cybersecurity technology is, what you do is still a great part of this equation. The websites you use and the company you work for may be doing their best to keep data safe but they need all hands on deck. People are still the weakest link in security, and to change this we all need to take ownership and play our parts. Good cyber practices that start at home, with our personal affairs, are likely to extend to our professional lives so stay alert to everyday threats.