Stopping Cybercrime with Common Sense
Cybercrime is a danger to everyone who’s on the Internet, not just to the big institutions that get the headlines when their credit card records get stolen. Nasty people put probes out everywhere, figuring they’ll find some weaknesses. To be safe, you have to minimize your weaknesses and keep up with the news on their latest attempts. However, just being alert will save you from a lot of attacks.
The crooks use a variety of methods. They try to find flaws in web forms, default configurations with known passwords, and outdated software with known weaknesses. Their favorite technique, though, is social engineering, playing on people’s trust and curiosity. This most often takes the form of email spam, called “phishing.”
The message comes with an attachment. It might claim to be a legal document, a business proposal, something your boss wants you to review, or information from a customer. The point is to get you to open the attachment, which is really an executable file, or go to a website that’s designed to exploit browser bugs. It might grab information from your computer right away and send it over the Internet, or it might install itself to perform dirty work later.
Ransomware is the fastest-growing attack. It locks up the files on your computer, and you have to pay money through an anonymous channel if you ever want to see them again. One hospital paid $17,000 because a ransomware attack had put its patients in danger.
There’ a standard list of things to do to keep yourself safe. You should have a spam filter, as well as up-to-date security software on your computer. Even so, some evil email will get through. Nothing can replace being smart about what you read. Phishers assume some people will be really dumb, and if you pay attention, you can avoid most of their tricks. Watch out for these:
- The very generic message. “You’ve got to see this!” The “From” address might be just a first name, in the hope that it matches someone you know. The message has a link to a URL redirection service or to a site you’ve never heard of. There’s no reason to click it, and lots of reasons not to.
- The stern legal notice. You don’t get legal notices as email attachments. Confidentiality rules generally forbid it. If it’s for a case you never even heard of, it’s fake.
- The important business document. This kind of attachment could be real, but only if it’s from someone you’re actually expecting to send a document. Even then, if it’s an executable file, assume it’s an impersonator’s trick.
- The plea for help. You’ll get one of these when someone steals the address book of a friend of yours. Usually these don’t make sense when you think of them. The friend is in a foreign country for no reason. You mustn’t let anyone know about it, even though the sender claims to want the help of friends. You don’t receive any way to get in touch, just a way to send money.
- The claim that there’s a problem with your account. You need to log in and provide some information. The real problem is that the link isn’t to any real account of yours, but to the spammer’s site, which might be a lookalike of some major bank or vendor. If you think there’s any chance the notice is real, don’t click on the link; log in directly on your Web browser, using the saved bookmark. Watch out for lookalike domain names. The spammer might use a slightly misspelled version of a well-known domain, or perhaps Unicode characters that visually look the same, such as a Greek letter than looks one in the Roman alphabet.
- The response to your query. You never made any query, but the attachment has a nice detailed response to it anyway,
- The giveaway. Just for old time’s sake, an occasional email may claim to come from a rich Nigerian who wants to give you lots of money or a lottery telling you you’ve won zillions. Some scams are refreshingly easy to spot.
Everyone gets fooled now and then, but if you exercise common sense, you’ll be able to recognize most of these scams and stay safe from them.
You won’t find any scams when you deal with us, just high-quality, reputable digital marketing. Please contact us to learn more.