Monday 6th February 2023
Writer: Gennaro Migliaccio, Contributor: Giuseppe Damiano, Editor: Daniela Miccardi
_______________________
Safer Internet Day is an annual campaign to help make the internet a safer space for people of all ages to use and enjoy. To honour Safer Internet Day, we’ve put together this short guide that provides tip tops for staying secure online!
Watch out for Phishing!
Phishing is where an attacker pretends to be a legitimate source (eg. HMRC, PayPal, etc.) in order to obtain key personal information or gain access to a device… think of Phishing as being scammed or conned.
Phishing is one of the main causes of compromise. The majority of phishing attacks happen via Email, however, research has shown that attackers ultilse other streams of communication when attempting to compromise a user. These other techniques are known as known as Smishing (via Text Messages) and Vishing (Voice Chat/Calls).
Phishing attacks are designed to trick you into sharing details, such as passwords or personal information, and in some cases, they can prompt a user to download files which will infect their device. In most cases, phishing messages will contain text instigating urgency or pressure to make the recipient act irrationally. Examples of these are:
Beware! Phishing techniques have evolved and improved over the years to look credible and legitimate. Remain vigilant and query everything that makes you feel under pressure or uncomfortable.
Beware of Downloads
A key method used to compromise or infect a device is a download from a malicious source. Always be careful over what you download and ensure it is from a credible source.
Untrustworthy or questionable websites, as well as credible sites that have been compromised, will automatically download files to a device, hoping the user will view and open the file. This is known as a drive-by download and can abuse insecure & outdated apps, and browsers, forcing them to run automatically.
Always ensure the browser and operating systems in your device(s) is fully up to date. Also – activate, maintain & update anti-malware software on all devices.
Please note – the above is not limited to desktops and laptops, mobile devices are an equal target by these types of attacks.
Public Sharing
Don’t make it easy for attackers to steal valuable information by sharing and/or publishing personal details. It is common to overshare on social media, pre-post, consider how and where the information can be used against you.
Phishing attacks are more likely to be successful if the attacker holds key information about the user. For example, a particular phishing attack may reference a post code that the user shared on a public social media site, making the malicious message appear more legitimate.
There is no hard and fast guide on what should or shouldn’t be shared online, as it is ultimately a personal choice. However, pieces of information that – if shared - increase the risk, include:
Use Strong & Different Passwords, as well as Multifactor Authentication
Easy to guess passwords are a favourite for hackers, as well as passwords that are reused for different services/apps. However, even complex passwords are not 100% secure. Users should consider configuring Multifactor Authentication (MFA) wherever possible, available and/or supported within the service (i.e Banking Apps or Social Media Apps).
Top Tips:
Summary
The online-verse can be a safe place for all, if the right pre-cautions are in place.
Always stop and think about your actions and how they can be used maliciously.
The best piece of advice Bytes can give is: Make time for security! For many users, this is an afterthought. It is important to be proactive and set aside some time every month to make sure your data is secure.
Here are a few things to consider when looking to improve your online security:
Psssh: you don’t need to be a security expert to do any of the above.
Visit the Safer Internet Day campaign - https://www.saferinternetday.org/.
Thanks for reading.
If you have any questions, or would like to learn more about any of the topics covered in this blog, please email our friendly team via [email protected].
Want to keep informed? Sign up to our Newsletter