
Cybersecurity 101 – Part 5: Protecting Yourself From Online Threats
This series of articles will explore cybersecurity concerns in the modern workplace. We’ll explore the myriad of potential risk factors facing today’s organization, and look at tools and solutions to help your company fend off the bad guys. If you missed earlier entries in this series, you can find them here.
In this edition, we’ll discuss tools and tactics that will help to protect your systems and data from various online threats.
This article combines knowledge with best practices that serve to protect end-user information assets and educate remote workers about staying safe from cyber threats when working in a virtual office environment. Protecting oneself from online risks requires that you be aware of cybersecurity protocols and procedures, understand the dangers, and take the right steps to avoid becoming a victim.
How To Choose Virus Protection
Our systems contain a wealth of sensitive information that must be protected. If our devices are not adequately protected, identity thieves may be able to get access and steal information like banking credentials and other sensitive data. Spammers can even use your computer as a “zombie drone” to send spam that looks like it originated from your email address. Malicious viruses or spyware could be deposited on your computer, slowing it down and even destroying files.
Installing the right antivirus program can protect your computer from viruses and keep it enabled at all times. A few simple practices like automatically updating your OS and security programs can help protect your devices and privacy. Running vulnerability scans can also lower your risk while you’re browsing online.
One of the most important factors when choosing an antivirus comes from how well it protects your computer system’s against threats. Since new malicious programs are continually emerging, it is evident that everyone needs a robust antivirus product. But with so many options out there, it can be challenging to choose the right one.
The best antivirus solution will make it extremely difficult for cybercriminals to gain access to your computer system by incorporating multiple layers of protection like dual scanner technology. A sophisticated approach like this can help maximize the chances of removing any suspicious software, once detected.
It is worth noting that many antivirus software vendors collect data from your computer to improve the performance of their products and may upload some of your files to their scanning cloud. Being aware of privacy settings is a must for any antivirus software that you purchase and choose to download on to your computer. Understanding the vendor’s privacy policy will let you know what kind of information you will be sharing with them.
Better antivirus software also features a user-friendly interface that is easy to understand and navigate. It should also be efficient with system resources and have a small impact on your daily system use.
Keep your antivirus software up to date and avoid any products that come bundled with bloatware that you’re not going to use. Avoiding antivirus products loaded with irrelevant features can help you choose the right product and give you the peace of mind that you are protected. It’s well worth taking the time to read reviews and comments from real users of a product to get a sense of how well it performs.
Proper Use of email
Modern email, both business and personal, has largely moved into the cloud. While this has added a layer of protection between the user and email-borne threats, vigilance is still required to stay safe. Most organizations use platforms like Microsoft 365 and Google G Suite for performance and convenience. Regardless of what platform you are using, there are additional steps you can take to ensure your safety and security against vulnerabilities in your email.
Most malicious email payloads like worms and trojan horses are activated when you click or open them, so cybercriminals are highly interested in infiltrating your inbox. Hackers realize that email is still the most common form of web communication in today’s workplace. It follows that they use social engineering and phishing to trick end users into violating standard security practices. Once you get hacked, the crooks can use your email for just about any purpose that they see fit, including propagation of more spam or phishing, running various scams, distributing malicious payloads, and identity theft. Understand the best practices that you can use right now to prevent this from happening to you. A few simple steps can go a long way towards avoiding a disaster.
For starters, look and decide if the sender’s email address is a trusted resource or not. If anything looks suspicious or if you are unsure who sent the email, be sure to proceed with caution and watch out for any malicious attachments. If you don’t know the sender, do not unsubscribe to that email because it may send you to a malicious webpage containing a viral payload. Instead, report as spam and delete.
In the scenario when a victim does accidentally click on a malicious attachment, a script or program will be loaded and run on to the victim’s computer, allowing the attacker to take control. Once in command, the attacker will typically scan the victim’s accessible storage volumes and data, capturing any sensitive information and account credentials. The attacker is now in full control; he can log every keypress, share documents, record content from the microphone and webcam, and install more malicious software.
Most antivirus programs will allow scanning of email attachments, either automatically upon receipt, or manually on command. Scanning these attachments for malicious content before you open them is critical.
Other threats can include URL hijacking, also known as typosquatting, which is usually spread via phishing emails. This exploit relies on providing a link to a web address that incorporates an intentional misspelling of a legitimate URL. Online banking websites, social media, and major shopping sites are popular destinations to be spoofed. If the recipient clicks the link, it takes them to a webpage that seems official but is, in reality, a counterfeit page under the control of cybercriminals. The fake site presents the user with a prompt to log in, fooling them into providing their account credentials. To combat such a threat, never blindly click on anything. If you are in doubt, reach out to an IT or security expert.
How to stay safe on the internet
The internet can be dangerous, with cybercriminal threats lurking in the shadows. One careless click could expose personal and work-related data and infect devices with malware and other malicious code. Most web browsers have settings available to protect end-user privacy and secure sensitive information. By keeping these settings enabled, a user can take advantage of privacy-enhancing features so hackers won’t have the opportunity to glean data from their browsing history, data entry history, and so on.
Cybercriminals use enticing content as bait, tempting users to let their guard down. It is essential always to be vigilant when surfing the web. Be careful when downloading anything because malware is often disguised as legitimate applications. When in doubt, don’t download an app that looks suspicious or comes from a site that you don’t trust.
Don’t save financial information on shopping sites
Be sure to only supply personal information to sites that provide secure, encrypted connections. You can identify secure sites if you see an “s” after “http” in the URL of the site: “https://www.somedomain.com.” There should also be a padlock icon or security symbol next to the address bar that shows the specific page’s security details. If that icon shows any kind of warning, be wary of that site and avoid it altogether if possible.
Create strong and unique passwords
Password-based authentication has been in use since before the dawn of the Internet. It continues to be the most common means of controlling access, and as a result, most of us have more password-based credentials than we can remember. The problem with this is that most people tend to choose easy-to-remember passwords, and modern password cracking tools can easily guess a weak password in mere seconds. Use a strong password is unique and complex – at least 15 characters long, mixing letters, numbers, and symbols. If remembering strong passwords is an issue, consider using a password manager.
Use a firewall
Even if your network is secured at its perimeter, you should still use a firewall on your computer. This electronic barrier blocks unauthorized access to your device and is present with nearly all desktop and server operating systems.
Conclusion
Cybersecurity is a collection of methods and practices that should be employed diligently and consistently. Lead by example – set the tone for your employees and reward them when they succeed in adhering to best practices. Remember: even the best tools are of no value if you don’t use them. Do the hard work to stay protected. It’s worth it.