To Prevent Cybercrime, Think Like a Cybercriminal

Think like a cybercriminal_header

As you sit at your computer, have you ever thought about how someone could gain access to your PC and online accounts by exploiting some weakness or loophole? If that thought has never crossed your mind, now is a good time to start thinking about it. After all, if you’re not taking time to identify and address potential weaknesses and loopholes, cybercriminals are sure to take full advantage of them and make you an easy victim of cybercrime.

Taking PC security seriously is the first step to strengthening your overall protection, though this does not mean you need to develop a paranoia that everyone is out to get you. Being serious about security means understanding that virtually everything has an Achilles heel, and to protect yourself, you need to identify and address those weaknesses.

To prevent yourself from being a victim of cybercrime, you should think like a cybercriminal. If you can come up with creative yet feasible scenarios to exploit a PC weakness, then you can develop preemptive measures to address them before an actual cybercriminal exploits it. Here are a few questions to ask yourself that can help you identify potential security weaknesses a cybercriminal might exploit to gain access to your PC or online accounts.

Is my PC or laptop password-protected?
The simplest way to thwart anyone trying to access your PC is by enabling a password to log in. For the most part, having a password at the login screen will prevent others from gaining access to your PC. But make sure that the password you’re using isn’t something easily guessed like “password1” or “abc123”. Using weak passwords defeats the purpose of having one, as hackers will think to try those options first. Here are some helpful tips to make your passwords stronger.

Keep in mind that there are other methods cybercriminals can use to bypass the login password. To thwart the more sophisticated thieves, using hard drive encryption software is highly recommended.

Are my passwords posted on my PC screen?
If you write your passwords on Post-it notes and stick them on your PC, we suggest you immediately take them down, rip them up, and throw them into the trash. No matter how strong your passwords are, if someone were to steal your PC, you’ve practically given them access to the any of the accounts you’ve jotted down the passwords for. Don’t make the convenience of having passwords readily available at your own disposal lead to thieves having that same convenience.

Do I have an antivirus and two-way firewall?
The two most basic components you need to protect your PC from malware and hackers are an up-to-date antivirus and a two-way firewall. Without these two components, your PC is highly vulnerable to attacks. Cybercriminals prey on human emotion by creating a sense of urgency or panic to take action. This may bait you into clicking on links in emails or on webpages. Consequently, falling for their schemes leads to malware being installed on your device, potentially creating a backdoor for cybercriminals to access your PC.

While being vigilant when browsing the Web and thinking twice before clicking on any links or downloading files is important, there are times we may do what we shouldn’t. You’ll be glad your antivirus and firewall are there as your backup if that happens!

Do note that relying solely on security software to protect you on the Web – without being vigilant – can likely get you into trouble. Security software does not mean you’re invincible to all online threats. By the same token, relying solely on being vigilant on the Web without security software can get you into the same amount of trouble.

Are my operating system, Web browsers, and other software up-to-date?
Another method cybercriminals use to gain access to your PC is by exploiting weaknesses in your operating system, Web browser, and other software applications. For example, a recent patch in the popular Web browser Mozilla Firefox 30 addressed 7 critical flaws in Firefox 29 that could’ve allowed for remote code execution. Failure to update any services or applications to the latest version leaves you vulnerable to the cybercriminals who take advantage of security flaws. Whenever there are updates to any software you’re using, you should immediately update to the latest version, even if it seems like an annoyance.

We also recommend users to stop using Windows XP, the operating system that Microsoft retired in April 2014. The end of support for Windows XP resulted in the suspension of new security patches and leaves XP users highly vulnerable to any new threats that arise.

Have I enabled two-factor authentication for my accounts?
Do you know of anyone who has had their email, Facebook, or LinkedIn account hacked? Perhaps it was your own account that had been compromised!

Cybercriminals can gain access to personal accounts by either cracking your weak password or simply bypassing your password all together by guessing the security question to your online account. Enabling two-factor authentication can prevent your online account from falling into the wrong hands. The second “factor” in two-factor authentication is a time-sensitive code, typically sent to your mobile phone or email. Anyone trying to hack into your online account won’t be able to do so unless they also have access to your second authentication method.

Learn how to enable two-factor authentication for the following:
How to turn on two-factor authentication for your email accounts
How to turn on Login Approvals for Facebook
How to turn on two-step verification for LinkedIn

Since two-factor authentication makes use of your mobile phone, it’s also important to secure your phone with a passcode or an unlock pattern that isn’t easy to guess. You may also consider installing a device-tracking application to locate your device or even remotely wipe information stored on it, should your attempts at physical retrieval fail.

Thinking like a cybercriminal creates better security awareness
In order for security to be effective, you should think of your security as multiple layers that work together rather than blanket protection that secures everything for you. You should assess the potential security weaknesses and take the appropriate action to address or remediate the issues. At the end the day, you’re responsible for your own security, and the security of your PC and personal information. Thinking like a cybercriminal can go a long way in preventing yourself from becoming a victim of cybercrime!

Get ZoneAlarm Extreme Security

Get it now

5 comments on “To Prevent Cybercrime, Think Like a Cybercriminal

  • Steve Drummer says:

    Turn off the “allow remote assistance connections for this computer” check box under “System Properties – Remote (tab)”. This thing is shipped turned on and has been the problem of many exploits. Turn it off and 90% of the security related problems will go away. I also agree using a good firewall and antivirus programs will get you to 99.99% secure

  • Jim McDougall says:

    I started using ZoneAlarm Firewall when it was just a firewall and continued when it became a firewall plus antivirus plus. Prior to using it I had used another popular security application and got hit with the old Michaelangelo virus which wiped my HD’s clean. I have never had a problem since I started using Zonealarm and I recommend it to everyone.

  • I have used ZoneAlarm since forever… it has never failed me, and just as important… it has not tried to take over every aspect of my computers, as a very popular anti virus program started to do to me after a year or so of use…. and then could not be fully removed.
    ZoneAlarm should be installed on every new computer before it is delivered.

  • At a previous place of employment, I kept a fake password written on a sticky note inside a desk drawer. I have no idea if anyone ever tried to use it but the idea was to make a snoop bang his or her head on the desk in frustration if they ever tried. It was a long, secure-sounding bit of gibberish that I had never used for anything at all. Of course, I wrote the word “password” on the sticky note also, just to be sure it wouldn’t be mistaken for something else.

    At a different place of employment, I tried the same thing but a manager made me remove it because it violated the corporate IT security rules. I tried to explain that it was a red herring, but his only response was to suggest that it might possibly be someone else’s password, and would thus violate the rules anyway. With twenty or so randomly selected characters, it seems unlikely that I would have duplicated someone’s password, but that particular manager turned out to be more bureaucrat than manager, and he had no business running that department.


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This site uses Akismet to reduce spam. Learn how your comment data is processed.