Provided by Wilna Meiring, IRMSA Risk Intelligence Committee Member
From online transactions and banking to shopping and gaming, cyber attackers are methodically finding new ways of using your devices against you, making each one of us increasingly vulnerable.
In order to have a positive and safe experience in the digital world, we need to understand the ever-increasing diversity of digital threats and equip ourselves with the necessary knowledge and skills.
Unfortunately, too many users/consumers are oblivious to the threats and how quickly cybercrime is evolving.
Hackers are no longer as interested in breaking through firewalls or systems just to show they can. Their focus has shifted to theft of personal information and identity theft for financial gain with phishing being the most common method used to trick/deceive you into disclosing your data.
According to the 2018 Norton Cyber Safety Insights Report, 37% of consumers globally experienced cybercrime with malicious software being the most common cyber related crime experienced.The report further highlights that less than half of consumers globally have taken any measure(s) to protect their personal information and online activities.
The information below will assist to stay abreast of the risks and to anticipate and safeguard us against some of these threats.
Protecting information online
Companies learn a lot about consumers/users through the data they collect from online activities which assists them in understanding consumer behaviour and developing personalised offerings for targeted advertising. This includes data on preferences when shopping online, social pages that are liked or followed, media channels that are used and the personal information included on social profiles.
Another dimension to the digital world and online activities is sharing - users share news, information, events, pictures, experiences and a lot more to build and maintain relationships as well as create new ones.
Staying safe and secure in a digital world can be difficult. Not all hope is lost though, and there are some simple measures you can take to protect yourself and your information online:
We have all seen the message “This website stores cookies on your computer” while browsing the internet.
So what are cookies? These are essentially a mechanism to how the internet (web) works.
An HTTP cookie is a small piece of data sent from a website and stored on the user's computer by the web browser while the user is browsing.
Cookies were designed to be a reliable mechanism for websites to remember a record of interaction information or to record the user's browsing activity. While cookies cannot infect computers with viruses or other malware, the danger with cookies are that cyber attackers can hijack cookies and, therefore, browsing sessions and track individuals' browsing histories.
Take care to ensure that if you are using a public computer/device, you should delete cookies when you have finished browsing so that subsequent users will not have access to your data (sent to websites) when they use the browser.
Business Email Compromise (BEC)
BEC is a type of attack where a cybercriminal compromises or spoofs a corporate email account of an executive/senior member of staff to defraud the company, its employees, customers or business partners.
In recent years the amount of BEC attacks have significantly increased with the FBI’s Internet Crime Complaint Centre putting global BEC losses in excess of $12 billion (USD) over the last 5 years (2013 – 2018).BEC attackers rely heavily on social engineering tactics and trick unsuspecting employees with well-worded, very specific email requests that appears completely legitimate.
While there are many variations, the attack basically entails targeting employees with access to company funds/finances and tricking them into making transfers or payments to the bank accounts of the cybercriminal/fraudster. Requests typically impersonate senior employees and include an element of urgency and a request for confidentiality.
The same modus operandi is also used to target customers or business partners.
BEC prevention measures that can reduce this risk includes monitoring networks for suspicious emails, encrypting emails, diligently checking the sender details, independently confirming requests with the sender and most importantly employee training given BEC attacks rely primarily on employees’ vulnerability.
Email and connected devices
In some cases, risk-avoidance behaviour by users do not seem to extend to how email and connected home devices are used.Case in point, approximately half of all users cannot distinguish between a real or scam/fake email or are operating their home devices with limited or no protective measures in place.
Frank Abagnale, the subject of the book and film, Catch Me If You Can, states that, “stealing your identity is like counting to three.”
The reality is that we are all at times careless with our information or likely to accept certain risks online. Taking a few basic steps will however go a long way to protect yourself and your privacy:
MEDIA CONTACT: Rosa-Mari, 060 995 6277, firstname.lastname@example.org, www.atthatpoint.co.za
For more information on IRMSA please visit: