You may never have been a victim of computer hacking but how sure are you that it won’t be happening tomorrow? Your security might have been good enough for the past or you may not have been too active online. Sometimes hackers try and fail, and when that happens they take some time off, learn a few new tricks and come back even stronger. One thing is for sure; hackers rarely give up, they enjoy their trade. And with hacking skills and tools becoming even more sophisticated each passing day, now is the time to seal all the loopholes. Be a hard target, make the hackers sweat, frustrate them. If they ever have to find you, make them work for it.
Where do they find the information used in hacking?
Hackers need information in order to hack into your systems so the first thing should be to deny them this information.
Social media engineering is one of the tools used by hackers to get critical information. Social media engineering is defined as the art of manipulating people to perform actions that divulge confidential information. Much like dumpster diving, hackers will look for something to attack the human element of information systems which enables them to manipulate you into divulging the information they need; in most cases, just a snippet of information is usually enough. Social web sites, spoofed web sites and blogs are some of the most targeted.
Information is everywhere, all hackers need to do is learn what they can about you in order to get the exact information they are looking for. Phishing has become quite common because it works very well at this, enabling hackers to coarse personal and more recently financial information from unsuspecting victims and using this information to gain access to a secure system. With phishing, getting passwords and login names isn’t a big deal.
You’ve probably heard about spear phishing – targeted emails designed to appear like they are coming from an internal source such as your CEO or CFO. The email will say something like, “Your account login details seem to have been compromised. Please resend your login name and password so we can verify your account.” While this email could be coming from a trusted source, there is every chance it may be originating from a hacker.
What can you do?
Knowing the possibilities is the first major step in dealing with such threats. This awareness will help you make decisive action, swiftly.
You must know that NO legitimate bank, financial institution or help desk asks for passwords and login details on the phone or via emails. Never give out information of any kind; personal, financial, computer account information etc over the phone or email.
Look out for common phishing phrases in your email; you’ve won a lottery, verify your account, click here for your free gift, click here to access your account, and the rest. Report such emails as scams and don’t even bother opening them.
Ensure that your software is up to date. Out-of-date software is prone to malware and can be easily broken into. Adobe for instance is very leaky and must always be kept up to date.
Use antivirus and antimalware and ensure that both are up to date. You also need an antispyware but you’ll usually find that in the antimalware.
Do you use a wireless network? Then you’ll need to encrypt the signal.
With these in place, you’re always half optimistic about resisting an attack.