Protect Yourself From Cyber Extortion
Yep, the cybercriminals are after YOU, too: the little guy, the tiny fish in the big sea.
Perhaps the most common (and easiest) way these criminal hackers succeed in pulling off their crimes is by tricking the victim into clicking a link inside an e-mail or opening the e-mail’s attachment. These simple acts can lead to all kinds of viruses and security issues such as cyber extortion and holding your data for ransom. In some cases the hacker will steal risqué photos from the victim’s device or take unclothed pictures with their webcam. The fact is none of us are prepared to deal with this kind of invasion.
The crime of cyber extortion involves infecting the computer with ransomware, which blocks the victim from accessing their files, as they are now encrypted with the malicious software from the infection—triggered by clicking on that trick link or downloading that attachment.
The user must then pay the extortionist in bitcoins for the “cyber key” to unlock the files.
Many of these phishing e-mails request sensitive data. Such e-mails should set off alarm bells in the recipient, but in many cases, the recipient blindly, without question, follows the e-mail’s instructions (e.g., a password reset for their PayPal account—but the message was actually sent by a hacker impersonating PayPal).
Avoid Becoming The Next Cyber Extortion Victim
- Exclude the following from your passwords: names or words that can be found in a dictionary; keyboard sequences; shortness (under eight characters). If this means resetting 25 passwords, then do so. Now.
- Every account should have a unique password.
- Enable two-factor verification for all accounts that offer it. Every time you (or someone else) tries to log in, a one-time code will be sent to your phone. Scam-alert bells should sound inside your head if someone like your bank asks you to send them the code in what’s called a “man in the middle attack.”
- The ideal password is an incoherent mix of upper and lower case letters, numbers and symbols—like what a two-year-old would produce if poking around on your keyboard.
- Never click links inside e-mails. Not only might a single click download a virus, but in other scams, the click takes you to an authentic looking site that lures you into typing in your password, username and other personal information—such as an e-mail whose subject line is “Your Account Might Be Suspended.”
- These e-mails are designed to look like they came from your employer, bank, PayPal, UPS, IRS, heath plan carrier or even a relative in need.
- They have a sense of urgency about them: “Act now,” or “within 24 hours” or “You must…”
- Never open attachments. This includes attachments from a company or individual claiming they want to hire you for work.
- Don’t post personal information on social media. Hackers can use this information to figure out login information, e.g., Princess1972 (a combination of the victim’s cat’s name + birth year).
- Have one e-mail account for business and one for personal.
- Never use public Wi-Fi for sensitive transactions or shopping. If you must, use a virtual private network!
Some of this might sound extreme and even inconvenient. And I’m sure at some point you’ll have to click on a link in an email or download an attachment. But take it from me; you are being targeted right now. I’ll guarantee there are malicious files and links in your inbox or spam folder waiting for you to take the bait. Be careful out there.
Latest posts by Robert Siciliano (see all)
- Online Shopping: Identity Theft Risks and Prevention Tips - December 1, 2016
- Cyber Monday Scams & Identity Theft Risks - November 22, 2016
- Social Security Number Protection - November 17, 2016
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- February 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- May 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013