Ransomware attacks have increased in recent years, and the U.S. is more susceptible than any other country. Nearly two-thirds of Americans are likely to pay a ransom to get back their stolen data, whereas 34 per cent worldwide would pay. According to Symantec, in 2017, cyber criminals’ asked for an average of
Last week, we reviewed the common types of cyberattacks linked to social networks.
Hackers target social media because its users usually trust their circles of friends. The result: more than 600,000 Facebook accounts are compromised every single day. Also, one in 10 social media users say they’ve been a victim of a cyberattack and the numbers are on the rise.
To avoid being a cybersecurity statistic, follow these three easy steps:
Did you know that there are more than three billion active social networks users worldwide? This is why cyber attackers love social media.
Users that spend a lot of time on social networks are more likely to click links posted by trusted friends − a behaviour hackers use to their advantage.
Here are some of the most common types of cyberattacks directed at social media platforms:
Like-jacking: occurs when criminals post fake Facebook “like” buttons to webpages. Instead of “liking” the page, the user unknowingly downloads malware.
Link-jacking: a practice used to redirect one website’s links to another. Hackers use this to redirect users from trusted websites to malware- infected websites that hide drive-by downloads or other types of infections.
Phishing: the attempt to acquire personal information such as usernames, passwords, etc. by disguising itself as a trustworthy friend. Find out more about phishing here.
Social spam: unwanted spam content appearing on social networks and other websites with user-generated content (comments, chat, etc.). It can appear in different forms, including bulk messages, insults, hate speech, fraudulent reviews, fake friends and personally identifiable information.
Find out how these cyberattacks affects you and what you can do to protect yourself in next week’s post.
What to do if your account is involved in a data breach
The odds are against us when it comes to data breaches. Most likely than ever, one of our accounts will be breached. Here is what you should do to reduce the damage of a data breach:
Keep calm and change your password.
Log in as soon as you find out about the breach. Change the password and make sure you set up a strong and unique one.
Activate two-factor authentication if the hacked service offers you this option.
It will act as a second layer of protection, besides the initial password. Every time you log in from a new device or browser, it will request you to authenticate using a second pass code that’s unique and time sensitive. You will receive the authentication code on your mobile phone, via a special app, email or text message.
Don’t recycle your passwords. If you were using the same password for multiple accounts, change them all. Start with the email account that was linked to the hacked account. Repeat the previous steps (new, strong and unique passwords, and activate two-factor authentication).
Cybercriminals will go to extreme measures to get access to your banking information. Once they have access to it, there’s nothing stopping them from taking out a loan in your name, buying a new car, or even applying for a mortgage. They also know that financial institutions use extreme measures to protect your information. So they phish, spy and hack their way into your information from other sources, piecing together what they need to access your financial accounts.
Keep a close eye on your financial accounts on a regular basis. Follow these safety tips to ensure a safer banking experience:
Create a strong password that is unique from your other accounts.
Make sure to use secure websites. Websites that start with https:// or shttp:// use higher security measures than ones that begins with http:// (“s” means “secure”).
Always type in your banking information versus using the autofill.
Don’t use a public Wi-Fi or public computers for sending sensitive or personal information.
When you are finished, close your browser, clear your history and cache, and disconnect from the Internet.
Be suspicious if you get an email from a financial institution asking for your personal information. Remember: legitimate financial institutions will never ask for your personal information in an email.
Don’t believe everything you read in online newsletters, investing blogs or bulletin boards. Fraud artists often float false information and “hot tips” as part of their efforts to rip off investors or manipulate the market for a particular security.
Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide in recent weeks. The actors use VPNFilter malware to target small office and home office routers, making them inoperable. The malware is able to perform multiple functions, including possible information collection, device exploitation and blocking network traffic.
The FBI recommended any owners of small office and home office routers reboot their devices to temporarily disrupt the malware and aid the potential identification of infected devices. Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled. Network devices should also be upgraded to the latest available versions of firmware.
Only make purchases online from companies you trust. Don’t use your credit card number online unless you know the website is secure and the company you’re dealing with is reputable. Make sure you’re using a secure Wi-Fi network.
Here are a few clues that a shopping site is not trustworthy:
The site is poorly designed, has a lot of spelling mistakes and contains broken links.
There is no contact information for the business.
They ask for your banking information before you are ready to make a purchase.
Details on return policy, privacy policies or sales are unclear and hard to find.
Some features on the website aren’t working (for example, the ‘back’ button).
Cybersecurity while traveling When getting ready to go on a vacation or business trip, it is important to keep in mind that you are still a target for cyber criminals.
Here are a few tips to keep you safe during your travels:
Back up the information on your computer before you travel. That way if you lose your equipment, you won’t lose all your information.
Carry your portable device in an inconspicuous bag. Flashy, branded or logo bags and expensive cases draw attention to your device. Remember to never leave your device unattended.
Keep in mind that Wi-Fi networks in public places like coffee shops, libraries or airports are not secure. Never send personal information through public Wi-Fi and disable the connection when you’re not using it.
Don’t announce in online status updates when you’re going away on vacation, when you’ve made a big purchase or events that mention your address. You may also want to delete online posts from friends who mention these things to avoid the possibility of your home being robbed while you’re away.
Be aware of the risks when tagging the location of the photos you share on social media. This lets people know where you are. If you feel the need to tag the location of a photo, a safer option would be to post the photo with the tagged location after you’re safely home.
Purge unnecessary information from your mobile phone
Erase everything you don’t absolutely need to keep on your mobile phone, like your browsing history, passwords, emails and text messages. That way, if your phone is ever stolen, that information will not be.
If you decide to sell your phone, remember to do a factory data reset before you give it to the new owner. This will wipe all of the data that has ever been stored on it, including access to your personal accounts, systems and apps data, photos, videos, music, etc.
Back up your information first, and then wipe the phone clean so the next owner cannot log into your accounts or use your private pictures, contacts and confidential information.