The previous lesson covered the minimum steps you need to take to stay safe online.
Now, we know there is a lot of conflicting information out there, which creates controversy, but these stories or “myths” are now part of Internet culture and it’s difficult to separate fact from fiction, especially when so many people treat them as “real”.
Since it is a confusing topic that covers so many areas on the web, it is difficult to see beyond half-truths or falsehoods. The information and data in the online world shifts and covers new interests, therefore our security perspective must also keep up and separate fact from fiction.
Here are the top 10 most common security myths that need to be demolished, before you take any security action on our systems.
10 Internet Security Myths That You Need to Forget
1. This can’t happen to me. Only important or rich people are targeted.
This security myth is called by many security experts security through obscurity.
Simply said, the Internet is such a big place that no one wants to target you. And even if someone would try to attack your system, there wouldn’t be too much valuable data to be stolen.
In most cases, people who embrace this kind of thinking don’t actually want to lose time or money to address vulnerabilities in their system.
The problem with this type of wishful thinking is that it doesn’t take long until a cyber criminal tries to compromise your system by using one of its vulnerabilities.
This happens because it is not about how you are, it’s only about your system protection level.
By using automated tools, online criminals probe systems to discover vulnerable computers and networks to take advantage of.
And it’s not just about your personal information they are after: your Internet-connected system is also a valuable asset they can use for their malicious actions.
Even if you think there is no important personal or financial data on the system, a potential identity thief or cyber criminal can still use the little data discovered and corroborate it with other information taken from other sources in order to have a complete picture.
Why take a risk when there are so many protection products and even free tools to keep you safe from malware?
So, don’t trust the odds that tell you that you should be safe out there.
2. Install this security application and you’ll be fine.
This security myth is also called the search for the magic bullet that can ensure 100% security online.
This has probably happened to you as well: you bought an antivirus product, for example, and expected it to protect your system fully. But this myth creates a false image of what it means to have a complete security system.
Trusting one security program to cover all your bases – your system, your online actions, keep you safe against data and financial stealing malware and other non-traditional attack vectors – means that you place too much trust in a single line of defense.
Using only antivirus software or any other security program doesn’t mean that you’re fully covered on the Internet security front, though there are some antivirus products that try to create the impression that everything is protected by just installing that single program.
To ensure complete protection for your computer and your online actions, you should start by creating your own multi-layered security system: install an antivirus program that protects you against classical threats, such as viruses, worms, Trojans or phishing, use solutions against spam, data and financial stealing malware, an encryption program and a good firewall.
More than anything, you need to stay up to date with security and the latest news and reject false stories that promise total protection by installing a single security program.
Because cyber criminal attacks are evolving faster than antivirus can, next-generation anti-hacking tools have emerged! And we’ll tell you all about them in the coming lessons.
3. I don’t need security programs because I don’t access unsafe locations.
I’m sure you’ve heard this one and you have friends that believe common sense is all that’s necessary to keep you safe from malware, viruses, spam, phishing, identity theft, online attacks, etc.How many times have you heard someone saying: I don’t need antivirus protection, I’m too smart to fall for those tricks!
And if it’s about email attachments, risky web locations or pop-up ads, that may be correct.
But is that all?
What about malware attacks and vulnerability checks that are not easy to detect?
Or about malicious code hidden in legitimate websites?
To be safe online is quite similar to driving your car:
You may have common sense and pay attention to potential dangers, but can you always predict what others are doing around you in traffic?
Now you understand why security is important.
4. I set some strong and complex passwords to my accounts, so I’ll be OK.
It is a common recommendation for every user to set a strong password. Your passwords should have 10 or 20 characters and they must contain various letters, numbers and symbols. Making the password long and complicated is supposed to create serious difficulties for someone that tries to break it.These complex passwords that are set nevertheless present a major inconvenience: they are quite difficult to remember and you are forced to write them down in the PC or on some piece of paper, which increases the risk of unauthorized access to the account or to the operating system. At the same time, people have a tendency to dislike the hassle of password management and start to perceive this security measure as a burden.
Normally, most Internet users set quite easy to remember passwords to their accounts or they use passwords which are easy to guess, likes “123456” or “password” (these 2 are in the top most used passwords around the world – no wonder cyber criminals are successful!).
Therefore, most passwords and credentials, which are even used for online banking locations, are actually sniffed rather than cracked. Another well-known fact is that people reuse passwords for different online accounts, which makes the job much easier for an online criminal.
The need for a good password is part of a larger security scheme that includes security programs for classical and non-traditional vector attacks, spam detection and phishing attempts.
But fancy words won’t keep you safe.ACTIONS will! Password management and security is what lesson number 3 is all about!
5. Internet security is expensive.
I’m sure you spend some time online, running your business, sending messages to friends on social media accounts, purchasing various items on different websites, not to mention accessing your banking account to send and receive money.So, it’s safe to say that Internet access is an integral part of our lives, both personal and professional.
How difficult is it for a cyber criminal to use information from our Facebook account and correlate it with data obtained from malicious software already installed on our system in order to have a complete image of your life?
And, from that point, how long until your identity is stolen and used for malicious purposes?
I am sure you’ve heard about cases when someone’s online identity has been stolen and money removed from the banking account. What you don’t hear is that recovering from this online attack takes time, even years and since an attack can occur from any part of the world, the perpetrators are rarely brought to justice.
With this information in mind, should you still take a chance and go online unprotected?
It’s true you could install free antivirus on your system and there are many options online, but from our experience nothing beats good education that helps you choose the right security products for you and your business.
In order to help you select and buy the best security solutions you can afford, we’ve set up a guide in lesson number 4, with all the details included.
6. I only open emails from my friends, so I should be fine.
How many of us already received a strange email from a friend or from a relative?How difficult is it to spoof an email in order to display anyone’s name as being the sender?
If you are used to these types of tricks, you may be safe from clicking the malicious links included in the email or downloading an infected attachment on your computer.
But for someone who is less skilled in Internet security, just one click on the wrong link can get them infected.
Clicking a link may send the victim to a malicious website controlled by online criminals, and downloading infected email attachments can easily install dangerous financial malware, which remains hidden while stealing banking credentials and sending the data to malicious servers.
These types of emails may also appear like they come from financial institutions and they can look real enough to trick you into giving away private information from your online account.
In this case, if you have doubts about the origin of the email, simply contact the institution directly or the sender (if he/she is a friend/acquaintance) and ask if they sent that particular email.
Email is part of our lives just like our phone agenda, so you’ll learn how to keep cyber criminals out of your inbox in lesson 11.
7. I download and access information from trusted sources. This keeps me safe.
This is a pretty difficult security myth to break. Most of us think that accessing safe and secure locations will keep us safe.The reality is quite different. Even if you access a trusted source, you are still vulnerable to online dangers, and not just old viruses, worms or other usual malware.
In this particular case, there is a greater danger: malicious software developed by cyber criminals that target our private data and financial credentials, which is designed to remain hidden from classical antivirus detection.
This type of malware usually spreads through emails that come from an apparently trusted financial institution (or from a friend), through drive-by downloads, malicious content placed on secure websites that download onto your system, or simply through pop-up ads placed by online criminals on those websites that are considered safe to access.
To keep safe from this danger, you need an especially designed software to protect you against financial theft and data stealing software. This type of software offers a complementary layer of security which the normal antivirus products cannot provide. Don’t worry, we’ll tell you all about it when time comes.
8. My social networks are safe places. Friends will be friends.
But will they? Social media services, such as Facebook or Twitter, brought so many people online in the last years that it is difficult to find someone who doesn’t have at least a single online account, at least LinkedIn (which is focused mainly on job opportunities but has recently started to develop into a more interactive network).And since so many people are connected this way, online criminals have already developed tricks and methods that target these networks, especially online scams and identity theft attempts.
If online criminals can place malicious content like drive-by downloads and pop-up ads on safe websites, they can do the same with social media accounts.
Who doesn’t have that friend in the list that clicked an offer on a fake page spreading weird links to the entire list of friends as a consequence?
Another danger found on these types of social media accounts is posed by online criminals that create fake profiles and personas to retrieve personal information from other users.
By collecting information (that doesn’t seem very important initially) and connecting it to other data retrieved from other locations, cyber criminals can track online habits and build a user persona they’ll use for identity theft against the targeted victim.
Therefore, be careful who you add to your list of friends.
And remember that lesson 12 will feature need-to-know (and especially need-to-APPLY) tips about social networking – the safe way.
9. I don’t have important information or sensitive data on my system. Why should I worry?
First of all, are you sure there is nothing valuable on your system?Did you let your browser remember all your passwords for your online accounts, banking websites and your email address?
How much damage can you handle if your email account is compromised?
You may think that your data is not important for cyber criminals, but you should know they can collect and assemble information about you from other sources to have a big picture of your online habits. Later on, they can use the information to steal your online identity and use it against you.
And even when there is no important data for an attacker on your system, your device can still be used for various purposes.
Cyber criminals can use your system’s hard disk to store illegal content, install a bot to use your computer in a coordinated online attack, host phishing content or share criminal materials. At the same time, they can use your system’s resources, such as your Internet connection to access remote websites or your email address to send spam to your list of friends.
The possibilities are endless, unless you act to limit them.
10. In case I get infected, I will certainly notice.
Well, don’t be so certain about this.In the past, when a computer started running slow and pop-ups appeared all over the screen, maybe you could tell. But today, cyber criminal methods have evolved and increased their efficiency so that, in most cases, a normal user can’t tell his system is involved in spam campaigns or coordinated online attacks.
Current malicious software is built to be undetectable and untraceable by antivirus products, retrieving private information without you even noticing. Designed to evade normal detection systems and working in the background, the latest data-stealing malware retrieves private information, such as credit card details and account logins, without leaving visual evidence or even a trace on your hard drive
Comments
Post a Comment