Being connected to the internet 24/7 has become an integral part of our lives. Whether it be work, school, or leisure time, communicating makes things straightforward and convenient.
The dark side of this is that we are not as safe as our naivete might have us believe. As hackers become more devious and refined in their methods, its time for everyone to further their knowledge about their tricks.
Here is a summary of what awaits you in the darkest corners of the web:
This is a classic one. If you manage to get infected with a keylogger, every single keystroke you make will be sent straight into the hacker’s clutches. This includes every message you send to another individual, as well as sensitive login credentials – yes, even the ones entered via otherwise secure login forms. Keyloggers are a type of malware that keeps track of every button you press and reports back to its creator.
The only way to prevent that from happening is to either disinfect the computer by running an antivirus scan, reinstall the OS, or – in the event you do not wish to do either – stay disconnected from the internet. If the login screen allows for it, you can also opt to use an on-screen virtual keyboard to avoid pressing any keys altogether and still get the job done (this is typically observed in online banking).
Despite there’s no way to be 100% sure, let’s assume your computer is not home to any spyware or keyloggers at the moment. Much to some people’s surprise, hackers can still obtain your sensitive login credentials by performing what’s referred to as social engineering attacks. Often involving a sense of urgency, a hacker might attempt to come at you with a request demanding you hand over your username and password.
For example, someone misrepresenting themselves as your superior or a website administrator when getting in touch with you via email. Hint: a legitimate administrator will never ask you for your password directly, since they are equipped with the access permissions necessary to make the adjustments to your account on their own. If you are still unsure, it’s best to double-check with your boss or whomever the hacker is posing as.
Cookies are little text files websites place on your hard drive to track important variables such as account names and settings. Sometimes, they can be encrypted, and sometimes they are stored in plain text form. Given that they can contain sensitive personal information, it’s not hard to see why hackers would be interested in stealing them.
In the event of success, they could go through your account and meddle in your personal affairs, or they could even impersonate you. To prevent this from happening, it’s good for cyber hygiene to flush your cookies and browser cache every once in a while. It’s also recommended to steer clear of public Wi-Fi networks or use a VPN whenever you do. Not sure what a VPN is, Read this
Malicious Apps and Software Distribution
Have you ever encountered an ad that tried to convince your computer is infected with malware? Next thing you know, you’re being redirected to a malware cleaner installation page. Ironically, the so-called malware scanner you’re about to download might install the very thing it’s marketed to help you get rid of – malware.
At its core, this is any form of malicious software that’s designed to alter your operating system’s core functionality or steal your data. So the first thing to remember is to install antivirus software and malware scanners from reputable sources only. It’s worth noting that sticking to official app stores helps, but is not guaranteed to keep your device malware-free. There have been known cases of malware slipping under the radar.
When connecting to the internet through public Wi-Fi networks, someone might be eavesdropping on everything you exchange with the target server. Anything of value is of interest to them: this could be private messages, passwords, etc. In such an environment, they may resort to various monitoring techniques such as data transmission interception or packet sniffing.
The solution is to either avoid these altogether or use a VPN. This way, you’ll establish an encrypted tunnel with the target server, so anything exchanged through it will remain safe and secure. In case you’re handling sensitive or work-related data, this is of paramount importance.
Man in the Middle Attacks
When using unsecured network connections, you leave yourself open to one of these kinds of attacks. MITM attacks have to do with intercepting communications between two servers. Once successful, the hackers behind them can not only modify any data that’s being sent, but also tweak it to their will.
They may also inject malware into the data stream, which could further compromise your security. Once again, this stresses the importance of sticking to the kind of network connections you know you can trust.
Coupled with social engineering tactics we’ve discussed above, phishing is a sophisticated way of tricking you into unveiling your sensitive data. One of the most classic forms of phishing is luring you into a website that resembles another website. While the latter is legitimate, the former is nothing more than imitation.
Once you’ve entered your login credentials into one of these fraudulent forms that also looks like the real thing, they will be revealed to the hackers who will then proceed to use it themselves and lock you out of your account or worse. In the case of online banking, you can kiss your hard-earned money goodbye.
By internalizing these techniques, you’ll know what to look out for. If nothing else, you’ll be much harder to be taken for a ride, and the hackers will find an easier target instead. Do you know what your kids are doing online, you should, find out here.