It’s fitting that Halloween falls during Cyber Awareness Month. That’s because cyber criminals and hackers love to dress up in costumes to try and lure us into online scams or to steal our passwords and sensitive data. This year’s most popular costumes are sure to include the usual suspects: IRS employees, friends and family members in need of cash, and the timeless classic–wealthy Nigerian princes and princesses.
But cyber criminals are also now wearing more sophisticated disguises that are becoming harder for us to identify who they really are. It’s up to us to stay on top of the latest cyber trends and be proactive when it comes to protecting our personal and business information.
Below are 4 current Cyber “Tricks” to look out for:
1 Malware & Ransomware
What’s scarier than werewolves? How about someone holding your computer files hostage while demanding a large sum for you to get them back! This year alone, ransomware attacks are estimated to cost businesses and individuals close to $12 billion in damages!
How to prevent Malware & Ransomware attacks? There are many things you can do to prevent becoming a victim of a malware or ransomware attack. You can start by changing your passwords regularly, using multifactor authentication, not using public or unsecured WIFI, installing proper firewalls and antivirus software, as well as following these IT Best Practices.
2 Social Media Scams
Hackers love to dress up as old high school friends or relatives trying to connect on Facebook and Linkedin, only to take advantage of your trust by asking you to click a corrupt link, viewing your private data, or even stealing your identity.
How to prevent Social Media Scams? Don’t post anything on social media that you wouldn’t want a stranger to know or see. In addition, be careful using apps that log you in through third-party sites; exercise caution when accepting friend requests; and never click on suspicious links or send money to someone asking for cash online (even if it is grandma)!
3 Corrupt Email Attachments and Downloads
Phishing scams are becoming harder and harder to detect. They may appear in the form of normal looking, everyday emails from trusted senders asking you to download a corrupt attachment or click on a corrupt link (often the source of a ransomware attack).
Also, as we discussed in the Cyber Crimes article: Case #104: The Heavy Machinery Hacker, some hackers are so bold that they impersonate vendors or trusted company employees and then ask for money to be wired for business-related purchases or expenses.
How to prevent online phishing scams? First, stay up-to-date on the latest phishing scams and educate yourself on what to look out for. Second, don’t click on any links or attachments without being 100% sure they are from a trusted source. Third, if anyone asks you to send money or for your private information, such as a credit card number, reach out to them by phone to verify that the transaction is in fact authentic.
4 Attacks on Service Providers
Is your IT company the weak link in your company’s online security? How about your cloud computing service provider? It’s becoming more and more common for hackers to go after vendors rather than individual companies.
Why? First off, there are no regulations in the IT Industry. That means your IT provider—the same company who has access to many of your passwords and sensitive company data—may not be practicing the high level of cyber security they preach, and thus are an easy target for hackers. In addition, IT companies work with multiple clients. So when a hacker infiltrates their network they gain information to all of their customer’s data.
It’s like leaving a candy jar out on the porch and letting anyone grab what they like.
How can you prevent a 3rd party vendor from being your weakest link? Only work with trusted service providers. You can start by making sure the vendors you work with have been thorough vetted by an independent auditing firm and are SOC certified.