With the increase in largely-publicized security breaches to corporate giants such as Google, Facebook, and Target, terms such as “phishing” and “ransomware” have been growing in popularity. You may know them as the fishy emails from seemingly legitimate companies telling you something is wrong with your account and urging you to insert your credentials.
What you may not know is that your credentials may very well be compromised, as they are often copied, thus putting you at risk, both financially and personally.
1. Secure yourself from phishing scams.
What is phishing and how does it work?
Phishing is a popular tactic used to try to gain access to a person’s financial resources (commonly via email) by posing as a well-known person or company. Typically, one receives an email urging them to enter a cloned website that appears legitimate (i.e. to update their credit card details, etc.). Once they enter their login credentials, they are then recorded and stolen on the spoofed site. These attacks can be targeted towards a specific individual (such as a CEO of a bank) or to the masses at random.
How common are phishing attacks?
A new phishing site is created every 2 seconds on average, a figure that has grown by 65% over the past year and is continuing to grow in 2020. The most popular form of phishing is via email, with 1 out of 99 emails received being a phishing email. This form of attack accounts for 90% of all data breaches, costing billions of dollars of losses to the economy and an average of $53,987 annually for a small business.
Ransomware through phishing:
Ransomware is a type of malware sent by a cyber criminal that encrypts a victim’s files and demands ransom in exchange for returning the files back to the user. It can be passed by phishing emails (urging the recipient to download the ransomware-containing file) and by entities with low security measures in place. Just how big is the ransomware market? In 2019 it was estimated that the damages caused by ransomware exceeded $7.5 billion, with roughly 47% of businesses having been targeted.
2. Conduct safe web searches.
One of the easiest and fool-proof ways to protect yourself from cyberattacks is to avoid accessing malicious sites. Common web browsers may indicate if a website is dangerous or not, however they often fall short, issuing warnings only after the user has entered the site. Ensuring you use a safe search engine that lets you know which sites are safe or not prior to visiting them is crucial in protecting yourself from malicious sites, as shown in the image below.
A safe search engine may also protect your data from being stored and shared with unauthorized entities, who may use it to track your activities online.
3. Only download safe documents.
Web downloads are a common way to spread malware to one’s computer. In fact, in 2019, about 60% of malicious email attachments and 20% of malicious web downloads were transferred through common document formats such as PDF, Microsoft Office Word, Excel, and PowerPoint.
Here are the top document formats used to deliver malware by email in 2019:
Based on Check Point ThreatCloud
What should you do if you fall victim to a cyber-attack?
Whether you’ve become a victim of phishing, ransomware, or malware, there are ways to overcome this unfortunate situation.
