The team at HOSTING is fortunate to have a multi-talented IT team on staff. Not only do they take care of our technology needs, but they also serve as our in-house DJs, coordinate our ultra-competitive ping pong tournaments, and ensure that the TVs in our common areas are tuned to the latest major sporting events. If your IT team is anything like ours, you know how busy they are. So let’s make their jobs easier by educating ourselves about the latest cyber security threats including spyware, malware, ransomware and phishing – and how to avoid them.
Cyber criminals’ “big four” – spyware, malware, ransomware and phishing
The surge in cyberattacks and identity theft have a lot of people wondering if they’re at risk for either. The short answer is yes. Cyber criminals are well organized, well funded and incredibly savvy about the latest technologies and how to hack them. However, knowledge is power, so it pays to understand the differences among the latest online threats.
Spyware is software that enables a user to obtain information about you and your computer activities by transmitting data from your hard drive without your knowledge
Malware is a broad group of hostile or intrusive software that can damage your computer. Malware can include computer viruses, worms, trojan horses, etc.
Ransomware is spyware on steroids. It threatens to lock you out of your computer or encrypt your files, then demands a ransom or payment in order to get them back.
Phishing is an attempt by hackers to get your sensitive information such as user names, passwords, and credit card info by posing as a trustworthy source. Usually this is done through emails that look “official,” however social engineering (tricking people into abandoning standard security protocol) is also used.
5 ways to protect against cyber threats
As we emphasized in our latest webinar, Holiday Prep for E-Commerce and Retail: Latest Cyber Threats and Strategies, people and processes are just as important as technology when protecting against cyber attacks. Following are some easy activities that you can do to safeguard your data and applications. Trust us – your IT team will thank you.
1) Enable two-factor authentication
Setting up passwords used to be enough to protect yourself against cyber attacks. Today’s spyware can easily steal passwords, so it’s essential to have an additional layer of security. Two-factor authentication combines your password with a second factor such as text message or verification code. Even if hackers have your password (which you should change immediately, BTW), they need the second factor to access your data. Enabling two-factor authentication also helps prevent against spyware and phishing.
2) Install your security updates, pronto
We get it. Those messages you receive that beseech you to install software updates, even when they contain security patches, can be annoying. It’s easier to click on “Remind me later” – especially when you’re racing to get in your weekly fantasy football picks. But while you’re trying to decide whether or not Peyton Manning and the Broncos can pull out a win over Tom Brady and the Patriots, hackers are already dissecting the latest security updates, determining the issue they can address, and constructing malware to exploit it.
Most software let you put off installing updates indefinitely. Install updates as soon as you receive them. That goes for patches too. It goes a long way in protecting yourself against spyware, malware and ransomware.
3) Keep your passwords to yourself
Yes, your parents taught you to share. But just like your toothbrush, your passwords are yours alone. Keep in mind that your IT team has the right access privileges to perform whatever activities are required for your environment – without your password. So no one who needs to know that your password is your dog’s name plus Peyton Manning’s jersey number. And you can keep yourself safe against potential phishing attacks.
4) Stop clicking on links in emails (please!)
You make your IT teams crazy by doing this. We understand that most people are experiencing email overload. However, by clicking on a a URL, you can often end up on a malicious website. Often these sites look legitimate but are part of an elaborate phishing attempt. If you must click on the link (and we can’t imagine why you would,) manually enter it into the web browser. Better yet, forward the email to your IT team so they can tell you if it’s a legit email. By avoiding clicking on links, you are protecting yourself against phishing and malware.
5) Perform regular offline backups
Ransomware is becoming more prevalent these days – with cyber criminals holding your data hostage until you pay a ransom. But seriously, do you really think they will give you your data back after you pay them. An offline backup allows you to restore your files without paying a ransom. Be sure to do regularly scheduled backups so that you can access the latest data.
Need more tips for protecting yourself against the latest cyber threats? Check out our on-demand webinar, Holiday Prep for Ecommerce and Retail: Latest Cyber Threats and Strategies.