In my previous article, I have mentioned that cybercriminals are motivated by money and they want to do all that they could do steal your personal data, most especially your card information. In this article, I want to highlight the major facts that you need to know about the activities of cybercriminals. Follow me as we will look at that in this article.
In our lifetime, technology has expanded with ones and zeros that drives every facet of our existence. Emerging technologies such as Artificial Intelligence, Machine Learning, 5G Quantum computing and evolving technologies, such as Cloud, autonomous vehicles and connected devices in the Internet of Things are targets that must be safeguarded against compromise. In fact, every second, more than a hundred new IoT devices are connected to the web.
As this cyber threat landscape continues to increase, we must expand our security awareness. Cybersecurity is a shared responsibility. We all have a role to play to keep the internet safe.
First, be vigilant. Criminals rely on social engineering to compromise systems simply because it works. Therefore, we must understand the myriad of social engineering scams. Social Engineers also called Threat Actors, try to influence behaviour, and human errors account for nearly all data breaches. The goal of a social engineer is to obtain trust, then exploit that relationship to coax you into divulging sensitive information about yourself or another entity and giving them access to your network.
Here are some examples of Social Engineering
#1 Juice Jacking
This compromised public charging stations and install malware when a portable device plug-in from public areas, such as airports, train stationss, or conference areas.
#2 Phishing
This is a weaponised email that masquerades as a reputable lures target group into taking action and only requires a single victim to be successful.
#3 Ransomeware
Malware payload that prevents access to computer systems, demands a sum of money to be paid to retrieve the data, an email is the predominant attack vector because it relies on a single attack to circumvent controls.
#4 Spearphishing, Whaling, CEO Fraud, and Business Email Compromise
These are fraudulent compromised messages that target a specific role or person and is often financially motivated. Alternatively, when you become a human firewall, you make it harder for an attacker. Simply use common sense and awareness whenever something feels even remotely suspicious.
How To Create A Strong Password
To protect sensitive data, use a unique and sensitive password. Please, do not write your password anywhere. Do not use common credentials or words as passwords. Hackers have a database of common words.
The best password is a paraphrase with a combination of lowercase and uppercase letters, numbers and special characters that is difficult to guess.
Always change your default password and make sure they are different for each account. This ensures that if attackers break your password, they will only have access to that one account. If you cannot remember it, you can make use of Password Manager. You need to ask around, do some research, find the best password manager that will work for you.
When you are downloading an App, make sure you are downloading from an official store. You need to be careful about where the password manager stores your password. Is it in the cloud or phone? Once the server where the passwords are stored is compromised, your entire password will be compromised.
You have to make use of Multi-Factor Authentication. It can make use of something you know or something you have. You can also make use of a software or hardware token. Some also make use of OTP or apps on phones. If a vendor has an MFA option, go for it. It is more secure than an ordinary password.
No matter how strong your password is, a breach is always possible. All it takes is for one of your accounts to be compromised. You need to continue to prioritise security for all accounts for remote access, high-value access by using MFA. Make sure you are the only one that has access to your account for email, online banking, social media and other services.
Necessity for backup
To protect your data, you must back it up regularly. Backup protect you against data disaster. Backup can be of importance during a Ransomeware attack. You can restore your data without paying Ransome.
You have to make sure that whatever solution you choose allows you to restore from a particular time in the past. You also have to make sure that backup data are also encrypted. You have to be careful where you store your data so that you don’t lose such data forever.
Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained includes staffs of Dangote Refinery, FCMB, Zenith Bank, New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.
I know you might agree with some of the points that I have raised in this article. You might not agree with some of the issues raised. Let me know your views about the topic discussed. We will appreciate it if you can drop your comment. Thanks in anticipation.
Fact Check Policy
CRMNIGERIA is committed to fact-checking in a fair, transparent and non-partisan manner. Therefore, if you’ve found an error in any of our reports, be it factual, editorial, or an outdated post, please contact us to tell us about it.
|
