7 Most Common Cyber Threats & How to Protect Against Them
The world of cybersecurity has evolved greatly in the last 30 years, but following close behind are the scammers and hackers that steal and sell precious information. Hacking has risen since the onset of the pandemic, with around 4,000 attacks per day since the pandemic began. This startling statistic tells us two things: that we all need to take cybersecurity more seriously, and that hackers are more determined than ever to get into personal accounts and cause data breaches.
This guide covers seven of the most common cybersecurity threats facing us today, and how to protect yourself, your business, or your place of work against them.
1. Phishing Attacks
Phishing is just what it sounds like. A hacker will send you “bait”, usually in the form of an email, prompting you to do one of several things: hand over personal information, download an attachment, navigate to a web page, and much more. Phishing attacks affect millions every year, and they’re much more sophisticated than they used to be. They’ve come a long way from the Nigerian Prince email that we’ve all received at some point.
So, how do you protect against a phishing attack? For starters, never open a suspicious email. Check the URL and see if it matches the email address. Look for suspicious attachments, strange language, or poorly written sentences. Phishing attacks often pose as official government agencies or banks. Your bank/IRS/government will never ask for personal information through an email.
2. Password Breaches
Password breaches are the number one cause of cybersecurity failure, and the statistics about password use are quite alarming. For starters, about 65% of people reuse their passwords, even at work. More than one-third of people have over 20 passwords, at least 42% rely on their memory for password generation (meaning they likely include personal info or common phrases, and employees reuse passwords an average of 13 times. (For more startling statistics, go here)
So, how do you combat password breaches? You can start by using an online password manager like Keeper. Online password management ensures nothing is stolen if your device is breached, and you can store, organize, and generate secure passwords. Never use personal information, work information, or common phrases and words in your passwords. A good password is at least 16 characters long, but you can make it between 11-13 at the minimum. Use a combination of upper and lowercase letters, numbers, and symbols, and never share passwords with anyone.
You probably have a virus software program on your device that scans for malware, but what is it? Essentially, the term encompasses any form of virus, worm, or otherwise malicious software; hence the name “Malware”. This is a common problem because there are literally thousands of ways to get malware onto a computer.
What’s the best way to prevent malware? Don’t respond to, open, or download phishing emails, use anti-virus software to scan weekly for viruses, and don’t leave your computer unlocked.
4. DoS Attack
This is a commonly-used attack, though not commonly known among average internet users. A denial of service attack, or DoS, floods a target with information or traffic to the point of crashing the system, effectively locking out authorized users and rendering the system unusable. These attacks can be expensive, time-consuming, and damaging, given the right circumstances. This usually isn’t used to steal information, but rather to sabotage the intended victim’s efforts.
The best way to prevent DoS attacks is to have a DoS plan in place. Perform a thorough security assessment, find your weak points, and address them. Then, train your employees on how to properly respond to an attack and what to do from end-to-end. It’s a good idea to work with a cybersecurity expert if this is something you’re concerned about.
Ransomware is a special kind of software that locks users out of their personal devices or computers until a “ransom” has been paid. You won’t be able to access your machine, as the hacker will be in total control of it, until you forward them the expected payment.
Ransomware can often be delivered via a phishing scam or something similar. Don’t click on unfamiliar links on the web, and never open suspicious or unexpected email attachments. Don’t download from websites you’re unsure of, or that have a history of passing viruses to their users.
6. Social Engineering
Social engineering attacks are particularly potent because they prey on the psychology of their victims. These are some of the most sophisticated attacks out there and are capable of amazing (albeit terrifying) things. Social engineering attacks often involve tricking or bribing people into giving up personal or company information via threats or emotional manipulation.
The best way to prevent such attacks is to familiarize yourself (and/or your employees) with phishing scams and other common avenues. Remind them that official entities don’t send threats via email.
7. PDF Scams
PDF scams often affect businesses because workers see PDF files as work-related. It’s all too easy to accidentally open a malicious PDF file and download a virus. The best way to solve this problem is to set up a closed channel where you’ll share documents like PDFs. A company Google Drive is a good place to start. That way, all incoming files are shared by verified Google users within the organization.