Learn the surefire signs of the five most common types of cyber-attacks and how you can fight back to protect yourself and your business.
While access to the Internet and technology has enriched our lives in many ways, it also opens us up to threats that we never had to consider in the past. Obviously, we aren’t going to stop using the Internet for things like personal finance, healthcare, e-commerce and connecting with friends and family. However, it’s important to understand that the more we leverage these digital tools, the more risk we face.
Cyber-criminals know how reliant we are on technology, so it’s no surprise that in recent years we have seen more attacks with greater consequences. More than ever before, individuals need to recognize what their cyber-risks are and how to respond to the threats that are out there.
Let’s go over some of the common signs you are being attacked and what you can do about it.
- Unusual login notifications.
- Not being able to access your account.
- Your password has been changed.
- Strange inbox activity, such as receiving unfamiliar emails or seeing emails you didn’t send in your sent folder.
- Passwords: Create a strong, complex password
- Authentication: Utilize multi-factor authentication on all sensitive accounts
- Alerts: Opt-in to monitoring alerts that show suspicious logins from strange locations or devices. Many sites that hold your personal information, such as banks, social media, and email sites, will offer free monitoring alerts.
Ransomware might be the scariest threat, especially because it may make you feel as if you are stuck with no recovery.
Indeed, if ransomware takes over your system and locks up your files, you may not be able to remove it using standard security tools, which is why people and businesses still sometimes pay the ransom when they get infected.
- Your web browser or desktop is locked with a message about how to pay to unlock your system or files.
- Your file contents are scrambled for no reason.
- You notice an inexplicable slowdown in your workstation or network.
- You see suspicious changes to files, file names or locations.
- Backup Your Data: Make sure that your critical data is backed up and protected so that it’s not potentially locked behind a ransom demand. It’s important to have an alternative plan to access your data.
- Patches & Updates: Make sure that your software & systems are patched and updated so that vulnerabilities are addressed ahead of time.
- Keep up with the News: Stay on top of cybersecurity current events with sites like ThreatPost, The Hacker News, & Security Week so you’ll know about zero-day exploits and new threats that may require action on your part.
- Endpoint Protection: Be sure you have strong endpoint protection that can help fight back if malware makes it into your machine.
Phishing, Vishing and Smishing are popular because they are easy to do and go around many of the technical tools used to protect you from other threats.
- Claiming there’s a problem with your account or payment information.
- Requests for you to confirm personal information.
- Asking you to pay a fake invoice for an unfamiliar account.
- Saying you’ve won something or offering you steep discounts for certain items.
- Odd looking URL’s or email addresses.
- Recognize Malicious URL’s & Senders: Make sure you have a basic awareness of how to identify suspicious senders and URLs in emails.
- Only Use Known, Secure Sites: Understand what secure and official channels you should be using for your sensitive work, so a scammer can’t trick you into doing something you might not otherwise do.
- Security Awareness Training: Users must be the first level of a layered defense system to protect you from phishing attacks. A security awareness program will teach employees how to recognize phishing attempts and what to do when confronted with them.
Criminals can stitch together pieces of personal information they gather about you to perform other crimes. If someone can get your name, address, social security number, or other pieces of sensitive information and tie it together, they can use that information to access your sensitive accounts or open a credit card in your name.
- Your bank statement seems off or your checks are bouncing.
- You see unexplained activity on your credit card.
- You aren’t receiving bills that you were expecting.
- Your credit card is declined, or you are denied a new credit card.
- You get a credit card in the mail that you didn’t apply for.
- You can’t file your taxes because someone has already filed a tax return in your name.
While Man-In-The-Middle Attacks (MITM attack) are fairly common, most people don’t understand what they are.
Networks are a mesh of devices connected sort of like a highway and data travels over paths (locally and over the Internet) to reach their destination. When one of these attacks occurs, something sits between you and the destination, for example, a rogue network device that scans and steals information before it arrives at the place it is supposed to go.
- Reliable Networks: Make sure you aren’t working on networks that are not ideal, such as poorly managed open WiFi from a coffee shop.
- Secure Channels: Stick with secure and formal channels for your sensitive work, so that the risk that someone is sitting in the middle is minimized.
- Safe Home Networks: If you are working from your home, ensure that your home network is reasonably maintained, with devices that are not open to exploitation with default credentials or open access to wireless connectivity.
Sadly, cyber-attacks are a part of the reality of the Internet. We won’t be facing a future where attacks are a thing of the past, but what we can achieve is better cyber-security standards both in our personal lives and in our businesses. While attacks are common, most of the things we do digitally can be done safely if we show basic care both with our personal behavior and implementing the proper technology tools.
Cybercriminals are continually inventing new ways to infiltrate and extort an organization’s mission-critical data. We keep up with the latest in ransomware so we can help protect your business. Let us help!