In my previous article, I have mentioned that cybercriminals are motivated by money and they want to do all that they could do steal your personal data, most especially your card information. In this article, I want to highlight the major facts that you need to know about the activities of cybercriminals. Follow me as we will look at that in this article.
In our lifetime, technology has expanded with ones and zeros that drives every facet of our existence.
Emerging technologies such as Artificial Intelligence, Machine Learning, 5G Quantum computing and evolving technologies, such as Cloud, autonomous vehicles and connected devices in the Internet of Things are targets that must be safeguarded against compromise. In fact, every second, more than a hundred new IoT devices are connected to the web.
As this cyber threat landscape continues to increase, we must expand our security awareness. Cybersecurity is a shared responsibility. We all have a role to play to keep the internet safe.
First, be vigilant. Criminals rely on social engineering to compromise systems simply because it works.
Therefore, we must understand the myriad of social engineering scams. Social Engineers also called Threat Actors, try to influence behaviour, and human errors account for nearly all data breaches.
The goal of a social engineer is to obtain trust, then exploit that relationship to coax you into divulging sensitive information about yourself or another entity and giving them access to your network.
Here are some examples of Social Engineering
#1 Juice Jacking
This compromised public charging stations and install malware when a portable device plug-in from public areas, such as airports, train stationss, or conference areas.
#2 Phishing
This is a weaponised email that masquerades as a reputable lures target group into taking action and only requires a single victim to be successful.
#3 Ransomeware
Malware payload that prevents access to computer systems, demands a sum of money to be paid to retrieve the data, an email is the predominant attack vector because it relies on a single attack to circumvent controls.
#4 Spearphishing, Whaling, CEO Fraud, and Business Email Compromise
These are fraudulent compromised messages that target a specific role or person and is often financially motivated. Alternatively, when you become a human firewall, you make it harder for an attacker. Simply use common sense and awareness whenever something feels even remotely suspicious.
How To Create A Strong Password
To protect sensitive data, use a unique and sensitive password. Please, do not write your password anywhere. Do not use common credentials or words as passwords.
Hackers have a database of common words.
The best password is a paraphrase with a combination of lowercase and uppercase letters, numbers and special characters that is difficult to guess.
Always change your default password and make sure they are different for each account. This ensures that if attackers break your password, they will only have access to that one account.
If you cannot remember it, you can make use of Password Manager. You need to ask around, do some research, find the best password manager that will work for you.
When you are downloading an App, make sure you are downloading from an official store. You need to be careful about where the password manager stores your password. Is it in the cloud or phone? Once the server where the passwords are stored is compromised, your entire password will be compromised.
You have to make use of Multi-Factor Authentication. It can make use of something you know or something you have. You can also make use of a software or hardware token. Some also make use of OTP or apps on phones. If a vendor has an MFA option, go for it. It is more secure than an ordinary password.
No matter how strong your password is, a breach is always possible. All it takes is for one of your accounts to be compromised. You need to continue to prioritise security for all accounts for remote access, high-value access by using MFA. Make sure you are the only one that has access to your account for email, online banking, social media and other services.
Necessity for backup
To protect your data, you must back it up regularly. Backup protect you against data disaster. Backup can be of importance during a Ransomeware attack. You can restore your data without paying Ransome.
You have to make sure that whatever solution you choose allows you to restore from a particular time in the past. You also have to make sure that backup data are also encrypted. You have to be careful where you store your data so that you don’t lose such data forever.
Action Point
PS: I know you might agree with some of the points raised in this article or disagree with some of the issues raised.
Please share your thoughts on the topic discussed. We would appreciate it if you could drop your comment. Thanks in anticipation.
WhatsApp: @CRMNuggets Community
Follow Us on Facebook: CRMNuggets
Follow on X Platform
Follow on TikTok @crmnuggets