In our last post, we introduced the subject of cybersecurity and why you should take it seriously.
We want to introduce you to the 6 most common cyber attacks. We will discuss 3 in this post and another 3 in our next post. The purpose of these posts is NOT to make you paranoid (although we do want you to take this seriously!). The purpose of these posts is so that you can be aware of potential dangers – and therefore protect yourself from them.
This is almost certainly the most common – or at least, the most well-known – form of cyber attack.
With phishing, the user is tricked into thinking an email (or text or phone call) is from a trustworthy source when it is not.
Phishing attacks are normally designed to steal information, normally personal information like credit card numbers or login details.
For example, all the way through tax season it is common for people to receive emails from “SARS” claiming that they have a refund and that they have to click on a link and confirm their bank details in order to receive it. The user will click the link and enter their bank login details, but instead of accessing their bank they have just given the hacker their username and password.
Phishing can take different forms and some emails look very legitimate. The best way to protect yourself from phishing is to never, ever click on a link in an email. If you think that SARS or your bank or any other important institution has legitimately sent you an email, you can call them to ask. Or, you can close the email and go to your web browser and login independently to check.
Malware is the collective term for software that is designed to do something malicious on your computer. It includes viruses, spyware and ransomware.
Malware can be installed on your machine via email attachments or via downloads from the internet and in rare cases, through plugging in hardware (such as a memory stick) from an unknown source.
We all know that we need to protect ourselves from computer viruses, but we don’t all know about other malware – such as spyware (that copies your sensitive information and sends it back to the hacker) or ransomware which cuts you off from your own data unless you pay the hacker a fee.
Good virus protection software will help protect you from most malware attacks, but you do need to make sure that you keep it updated.
Other ways of protecting yourself involve never opening an email attachment from an uncertain source, never downloading anything unless you have verified the website and never, ever, plugging a device into your machine that you didn’t buy yourself.
In this case, a hacker tries to guess your password by repeatedly trying different passwords.
This is more possible than it sounds – even with most accounts locking you out after three wrong attempts – because before guessing your password, the hacker will try and learn as much about you as possible. You would be surprised how easy it is for them to guess your password!
To protect yourself from this, you need to develop passwords that are relatively long and do not include things that are important to you.
Most people use their children’s name, or a pet’s name or a birthday – or a combination of these – in their password. You will be horrified at how easily a hacker can get this information!
Rather select a four-word “passphrase” created from four completely random and unconnected words. Like:
frigid soccer tulip ocean
If you string those together you have a nearly unbreakable password: frigidsoccertulipocean. If the account you are protecting requires numbers or special characters, you can substitute: fr1gid$occertulip0ce@n.
If you are certain you will forget your password, get yourself a password keeper to remember them for you – but make sure it is a reputable one! And never, ever use the same password for everything!
We hope this has provided you with enough information to start taking your cybersecurity seriously! Please start implementing the suggestions in this post from today in order to protect yourself from phishing, malware and password theft!