The digital world is every bit as uncertain and chaotic as the physical world. Unfortunately, the threats in cyberspace aren’t always easy to identify and attack.
Despite ongoing improvements in cyber threat intelligence, individual technology users and small businesses alike face the same online threats. With proper precautions, some threats can be avoided altogether. Others can be mitigated, greatly reducing the risk that they’ll cause serious harm to users’ personal, financial or professional lives.
Let’s take a closer look at six common cyberthreats that often fly under the radar, and examine some simple tactics you can employ to fight back.
- Phishing and Spear-Phishing
Phishing is the all-too-common practice of sending out malicious spam to hundreds or thousands of email addresses at a time. Phishing emails have a simple goal: to convince recipients to provide personal information, such as passwords or bank account numbers, that the originators can sell or exploit.
Spear-phishing is a more sophisticated version of the same practice. It usually targets a single organization or key individual, such as an executive, with uniquely valuable information.
The best way to prevent either type of attack is to keep your email system’s spam filters up to date and avoid opening, clicking links within or responding to dubious emails.
- Hackers on Public Wi-Fi Networks
If you routinely access the internet from unsecured public Wi-Fi networks such as those commonly found in hotel lobbies, coffee shops, and retail environments, your information could be at risk. Hackers can easily exploit unsecured Wi-Fi networks through attacks, wherein others may intercept and read communications coming from your computer—including potentially sensitive information such as passwords, account numbers and proprietary business data.
“The simplest and most cost-effective way to avoid hacker attacks is to avoid public Wi-Fi altogether. If that’s not possible, use a virtual private network, or VPN—a tool that effectively cloaks your computer’s location and encrypts its traffic,” says George Otte, Miami-based entrepreneur and founder of Geeks on Site.
- Password Attacks
Password attacks are basically automated attempts to guess your passwords. The weaker your password, the more likely the attacks are to succeed, so the best defense is a strong password that uses lots of random letter, number and special character combinations. Remember to change your passwords frequently and use different credentials for each account.
- Drive-By Downloading
Has your computer ever downloaded a file without your consent? You may have been the victim of drive-by downloading, an insidious practice wherein a website or link essentially forces your computer to download potentially malicious files. Drive-by downloading is a common means of installing malware on unsuspecting web users’ computers. The best protection is an up-to-date anti-malware system and a healthy suspicion of unsecured websites.
- Malicious Ads (Malvertising)
Malicious advertising has a similar end result: the installation of potentially harmful files or spyware on your computer. When in doubt, avoid clicking pop-up or text ad links, especially on sketchy websites. Use a pop-up blocker or ad blocker if possible. It’s not guaranteed that your anti-malware system will detect every instance of mal advertising, even if your program is up to date.
- Keystroke Logging Software
Keystroke logging software is one of several types of “silent” malware. Often delivered via trojan, it lurks in the background and quietly notes every single keystroke you make—including, potentially, passwords and account numbers. Make sure your anti-malware program has a secure keyboard input feature, and never input passwords on websites without valid SSL certificates.
If you’re looking for more information on common cyber threats, check out this excellent piece from Norton, an internationally acclaimed anti-malware developer.
Which of these potential threats has you most worried?