When we hear about some kind of hacking incident, the image we see is a highly skilled individual, or a group of them, furiously typing with their keyboards, and in no time, they can hack someone’s computer. There was nothing to be done to prevent it, right? The hackers are incredibly skilled, and there is no way you can avoid an attack, right?
Image source : Kaspersky.com
The reality is a bit different. You might be surprised to know that the majority of cyber attacks are caused by human error, and there is something to be done about it. By simply informing yourself about certain risks, and developing certain habits, you could be preventing an attack from happening to you. So here are a few relevant tips that could go a long way towards stopping you from becoming a victim.
Passwords and safe logins
So this is an obvious one. If you have a complex password, it makes it much more difficult to hack your account. And yet, a lot of users still stick to ‘123’, ‘password’ or something equally simple to guess. It may be because they do not think they will ever become a victim or they just cannot be bothered to remember a more complex password. Whatever the reasons are, those are not good excuses. There are no acceptable excuses when it comes to weak passwords, and if you want to keep your account secure, make a strong, unique password. Include upper and lowercase letters, symbols and numbers, and avoid actual words or phrases. If you have trouble remembering them, use a password manager. Just make sure you get a legitimate one.
This is another mistake a lot of users are making. You should never reuse passwords because if one of your accounts got hacked, another one with the same password may follow. So if your Gmail account got taken over, and you have the same password for Facebook, hackers will have no trouble accessing the latter. No matter how difficult the password is to guess, you should never reuse it. And a password manager will come in handy if you have 10 accounts and struggle to remember all their passwords.
It is 2017 and a lot of services offer two-factor authentication. They are not impossible to bypass but still offer a layer of security. You provide your phone number and turn on the two-factor authentication, and from then on whenever you log in from an unrecognized device, you will be sent a code to your phone. You put in that code into the field that appears when you log in, and if the code is correct, you can access your account. You can also have a set of codes that you can put in if you do not want to use your phone.
Logging in on public computers
Whether you are using a public computer, like in a Internet cafe or a library, avoid logging into your accounts. You do not know what kind of programs are installed on that computer, some kind of keylogger could be set up and it would log your login credentials if you type them in.
Virtual Private Network (VPN)
You probably have a password-protected router at home, at least we hope you do, so you can safely login to accounts and use the computer. However, when you are using public WiFi, it is a different story. Even when public WiFi is password-protected, usually anyone can get the password. Since public WiFi is not secured properly, it could be easy for hackers to access your device. That is why using a VPN is recommended. It would create a secure connection to the Internet, and you could safely use it.
It is not just your computer that you need to keep safe. Smart phones are just as vulnerable to malware. And users usually expose their devices to it themselves.
So when you download some kind of app, no matter whether it is from the official Google Play, Apple store or some third-party one, do you ever stop to check what permissions it needs? If your answer is no, then you should start checking. If you are installing a wallpaper app, why would it need permission to read and change your data, or why would it need access to your messages. When you are reviewing permissions, always ask yourself why would it need those specific ones.
Avoid getting malware installed by checking the publisher of the app. It is possible for malware creators to disguise their product as a legitimate app, so unless you check the developer, you might not notice.
It is recommended that you stick to official stores, like Google Play or Apple store, for your apps. While they are not invincible to hosting malicious apps, the possibility of obtaining something dangerous is much lesser if you use legitimate, trusted stores.
Keeping your personal data secure
When a website is asking for private details, look at the address bar. If there is a lock sign, that means it is safe to type in your data. You should also look for https:// at the beginning of the address. If there is no lock, or if it is crossed by a red line, and the address starts with http://, you may want to refrain from putting in your private details.
Sending your private data
Do not use emails or messaging apps to send important, private data (such as credit card details) to someone. Hackers could gain access to that data so be careful.
Phishing scams and malicious emails
A lot of people assume that phishing scams are something they do not really need to worry about. While they are usually pretty obvious, full of mistakes, etc., but if someone really wanted to phish you, they could probably do it. A podcasting company, Gimlet Media, recently did an experiment where they tried to phish the CEOs of the company. Without spoiling the podcast episode completely, we can safely say that anyone can get phished. Which is why it is important that you familiarize yourself with what to look out for.
Email attachments and links
If you know about file-encrypting malware, known as ransomware, you will know that oftentimes, it spreads via malicious email attachments. Developers attach an infected file to an email, write up a seemingly legitimate text and then wait for someone to open the file. When you are dealing with email attachments, you need to be very careful. Even if the sender seems legitimate, until you know that the contents are 100% safe, do not open the attachment. Same goes for links. If you get sent some kind of link, whether it is by email or some kind of messaging app, first inquire the sender about it, and only then open it. If it asks to install something, do not do it.
Keeping your computer and data safe
Updates are a crucial. Whenever a vulnerability is identified, developers usually release an update to patch it so that hackers cannot take advantage of it. The WannaCry ransomware attack is a perfect example. When a vulnerability in Windows was identified, Microsoft released an update to fix it. A lot of users did not install it. It was available for 2 months before WannaCry took advantage of the vulnerability and managed to infect thousands of computers. Those who did install the update were safe. Make sure that you do not click “Remind me later” the next time an update pop-up.
Finally, backup! If you have copies of your important files stored somewhere not on your computer, you could be saving yourself a lot of trouble. Whether it is because of ransomware or because your computer is no longer operable, you could end up losing your files forever so make sure that you invest in some kind of backup. There are plenty of options available so you will find one that fits your needs the best. Our recommended backup software.
These are just the main security measures, there are plenty more you could read about. But if you take the at least above mentioned ones into account, you could be preventing a hacking attack from affecting you.