Your website is the embodiment of your company’s online presence and even if you are a small business you still may become a target for cyber-criminals.
No matter how big or small your company is, if your customers need to leave sensitive data with your website, it can come under the radar of different cyber threats.
If you did before, now you should not ignore your website safety. Just a little bit of practical knowledge and the right security precautions in place will save you from these looming threats.
Malware cyber threats
Every average internet user has by now heard about “malware”, a short for malicious software, which is a software made with malicious intent including data theft, data damage or destruction. A very alarming statistic points that a third of the world’s computers are infected with malware.
The most common malware behavior is that it will access sensitive data and spread itself. Reports state that thousands of new malware software are being produced every day. Many of these are simply “recycled” malware, just slightly altered to make them unrecognizable to antivirus programs.
Again, statistics show that the most common way malware spreads is email (92%) with the rest being a direct download from an infected website. The majority of these will not delete computer data from your computer data but rather only collect sensitive data such as passwords.
How to prevent malware?
The absolute basic protection would include at least a free antivirus software, while a multi-layered security program that uses anti-virus as a part of a more elaborate solution is better.
We would advise that you do not open email attachments from people you do not know and make sure anything you download from the Internet is from a reputable (trustworthy) website.
A specific kind of malware that restricts access to a certain file or computer while displaying a message asking for payment before removing this restriction is ransomware.
Ransomware may hold your data “hostage” behind a lock screen or file encryption.
How to prevent ransomware?
In a specific case of ransomware, your guideline should be better safe than sorry. Always have a recent backup of your sensitive files with an external drive unit, and if possible another one with a cloud service – your Google Drive for example.
A word of advice, do not pay the ransom for your data, because even if you do submit a valid payment to access your files will not be reinstituted.
It may sound silly, but the online phishing scam process is much the same as regular river phishing – the scammer will send you a bait in order to lure you “in a trap”, very often with a mail or a popup website, and ask for sensitive information, login and/or password data.
Phishing threats can be in a shrood disguise as an official or trusted authority for a specific source albeit bank, financial, legal or social.
Veteran phishing scammers will try to force a sense of urgency upon its victims, to hasten the victim into sharing information. In the case of providing your bank details, cybercriminals tend to use that information to breach your real bank account or sell it on the dark web.
How to avoid phishing scam?
Never haste to share any of your login or personal information, but instead take the time to read and ascertain the source is legitimate. The URL or link that they provided may seem right, but if you make a thorough examination you will notice that it does lead to a fraudulent address or website.
Free WiFi does not guarantee reliable protection. Many of us are accustomed to using free WiFi with our favorite coffee shop, and if you must then be sure not to put your personal data at risk by accessing bank accounts or making financial transactions.
Public access points have a much lower security level than a company or home does, so hackers can be connected there too and easily intercept data exchange and divulge critical information.
How to avoid the security pit-fall of public WiFi?
If you really have to use a public WiFi access point, make sure you have connected to the right one by verifying with establishment employees. Alternatively, you may get a VPN service for your mobile device and have your communication encrypted through a secure connection.
Social Network impersonations
Social Network is a big part of our daily lives, albeit for some it may be a work thing. Social Networks make it very easy to connect with different people and opportunities, and scammers know this too.
The best example is when a scammer creates a web page that resembles a social network login page and spreads them through already infected emails to their possible victims. Because the page looks identical to the impersonated Social Network, on a rare occasion user may notice URL difference.
Another example is when you get chat contact from another social network account, claiming they are staff members, and again, they will be asking for sensitive data including login.
How to avoid Social Network scam?
Again, the best practice is to be careful, do not accept random social network friend requests from people you do not know personally, do not share any login information with anyone asking for it because Social Network will never ask you directly for such information.
Two-factor authentication with email, SMS, software or hardware authenticator that provides a temporary code is a very good protection mechanism that we must recommend.
Unstoppable progression of online technology into our lives has introduced new threats and it can seem pretty exhausting to stay on top of all the latest ones lurking, so the best thing to do is to be prepared.
A strong headache, wasted time and money, caused by an online threat can be avoided simply by being careful and cautious, and by following our guidelines.