As part of Cyber Security Month, we have highlighted five of the most common cyber-attacks to help you stay safe and vigilant. Criminals and hackers use cyber-attacks to gain data and information from individuals or businesses and there are many ways that these attacks are carried out. This blog will give you a brief explanation about each attack, what to look out for and how to try and prevent them from happening.
Phishing attacks lure users into clicking unsafe links. They replicate trustworthy brands and businesses to obtain sensitive data and information. These attacks often appear convincing and real - but if the unsafe links are clicked, they can capture sensitive data and gain access to your accounts and details.
Phishing attacks often create a sense of curiosity or urgency to encourage users to act without hesitation. Hackers will pose as banks, online shops and even colleagues to achieve what they want. If you think you are a victim of an attempted phishing attack, carefully look out for spelling mistakes, no personalisation and URL redirects, as these are all signs of an attack. Contact the source directly by telephone and ask for confirmation that it is a legitimate email. If it is not, delete and report it immediately.
Email spoofing is a tactic frequently used in phishing and spam campaigns. It involves faking the sender address in an email so that it appears to be legitimate to the reader. Ultimately, spoofing is another form of phishing that aims to trick individuals into entering login details or making purchases on unreliable websites - allowing attackers to gain access to personal information.
If your email address has been used for a spoof or spam attack, you may start to notice undeliverable or bounce back notifications arriving in your inbox at a high volume, or you may notice sent items that you didn’t send. If you spot either of these things, we recommend running a full anti-virus check and changing your password as soon as possible to stop further spoofing. Most email systems have a good level of spam detection and filtering built in so it is important to check your security settings and ensure they are set to the highest level.
Malware & Ransomware
Malware is harmful software which is often accidentally installed by the victim, as hackers cleverly disguise it via links and email attachments. Once clicked it automatically installs - allowing hackers to gain access to data and information. This is extremely damaging to any business that holds personal data. Similarly, Ransomware is a type of Malware attack that locks users out of their accounts or files, demanding payment to regain access. These types of attacks can be carried out on individuals or entire networks.
Malware and Ransomware attacks are usually the result of clicking on suspect links and attachments. Unless you are certain that an attachment or link is from a trustworthy source, do not click it. Once an attack of this type has gained access and locked a user out, it encrypts data and demands a ransom payment to gain the decryption key. Ensure that your data is frequently backed up so that in the event of an attack, it can easily be recovered.
MITM attacks are when a hacker ‘listens in’ to your online activity - eavesdropping for any information that can be of value to them. The hackers monitor a user's online activity - whether that is over email, social media or web browsing - and will carefully choose their moment to intercept, usually for financial gain.
From monitoring email communications and hijacking at the right time, to the setting up of non-encrypted public WiFi hotspots to gain personal data from users, MITM attacks are sneaky and can happen without your knowledge. Make sure you only connect to secure WiFi hotspots when out and about. If you are in a public place and are unsure, it is best to ask someone before attempting to connect.
Password attacks are achieved by running programs that try to guess user passwords, either by using dictionary attacks or brute force attacks. Dictionary attacks try to guess passwords using common dictionary words and brute force attacks attempt every possible letter and number combination. If your passwords consist of common words, phrases or number combinations, chances are one of these attacks would eventually gain access to your account.
Unfortunately, password attacks often happen in the background without you realising. That is why it is vital to have strong passwords in place to prevent these attacks. If you’re unsure where to start, follow our seven tips for stronger passwords
to help you choose safe and secure passwords.
Preventing Cyber Attacks
The one thing that all cyber-attacks have in common is their motive - to gain access to sensitive information. By having trustworthy antivirus solutions and web protection in place, you can relax knowing that you are in control of your security - protecting your business and reducing the risk of a security breach.
We hope that knowledge of what to look out for and how to prevent these attacks from happening helps you to stay safe online. If your business needs IT support, we offer a wide range of security services including Web Protection, Antivirus Software, Proactive Monitoring and Backup Solutions.