It is an unfortunate fact that as computer technology evolves, so do threats to user privacy and security. Hackers and cybercriminals are constantly developing new methods to infiltrate computer systems in order to steal data, sabotage businesses, or simply cause chaos. Since staying informed is key to defending your computer system from cyberattacks, TCSP has compiled the following list of different cybercrime methods.
Attempting to trick somebody into sharing personal information, usually by impersonating a trusted associate or organization. Cybercriminals engage in phishing in order to obtain access to a victim’s email, bank accounts, and private networks with the goal of committing theft, identity fraud, and even extortion. Common phishing “bait” can take the form of:
Sometimes the result of phishing, doxing is when someone’s private information (address, place of business, personal email etc.) is published on the internet. The goal of doxing is usually to invite harassment upon a victim or extort them in exchange for removing their information from the public eye.
Different viruses are designed to perform any number of harmful functions, which can include corrupting data, stealing personal information, rendering computers inoperable, and more. Like biological viruses, computer viruses are self-replicating and spread through interactions between affected systems. Cybercriminals and hackers typically engineer viruses to exploit some bug/loophole in an operating system, therefore it is extremely important to keep devices up to date with the latest vulnerability patches (e.g. computers, cell phones, routers etc.). Additionally, it is recommended to have an Antivirus software like Norton by Symantec that will identify and neutralize intruding viruses before they can damage your computer.
This form of malware (malicious software) encrypts files on an infected computer, preventing users from accessing their data and applications. As its name suggests, Ransomware is used by cybercriminals to extort users by locking their system until a ransom is paid (usually in some form of cryptocurrency). If a victim refuses to comply within a certain timeframe, their data may be destroyed or sold on the black market. Businesses that work with sensitive customer data are a prime target for Ransomware attacks. In 2017, the Wannacry attack (a form of ransomware) shut down 16 hospitals across the United Kingdom (in addition to hundreds more organizations worldwide). To learn more about Ransomware, click here: How To: Prevent Ransomware Attacks
Short for Advertising Supported Software, Adware is designed to bombard a user with pop-up ads when they attempt to use their device. Though Adware usually proves more of an annoyance than serious security threat, it is still harmful to workplace productivity as it makes normal computer operations difficult and can result in an overall slowdown. Additionally, there is the possibility that Adware will advertise/redirect users to content that is malicious and/or unsuitable for the workplace (ie. Adult websites). Users typically contract Adware by downloading infected programs or visiting compromised websites that trigger automatic Adware downloads. To defend against Adware, you should regularly update your system, install a firewall, and exercise caution when downloading anything online.
A Distributed Denial of Service attack is a form of online sabotage in which a targeted network is flooded with traffic/junk data in order to prevent it from functioning normally. A successful DDoS attack creates a path for hackers to install remote software and/or gain full access to a system. To understand a DDoS attack, picture a group of agitators blocking the entrance to a store and preventing regular customers from getting in. While the store employees struggle to deal with this disruption, some agitators take advantage of the chaos in order to sneak into the store and steal.
Since DDoS attacks are usually too complex for the average user to combat, an IT support group should be immediately contacted in the event of one. To proactively guard against a DDoS attack, make sure your company router is an up-to-date, business-specific model with proper security licensing.
More than anything, cybercriminals rely on targets being uniformed and unprepared. Most users are so accustomed to using computers without issue that they might overlook potential risks or assume they have “nothing worth stealing.” Unfortunately, this overconfidence opens the door to catastrophes ranging from identity theft to total system failure. As a business owner, you have a responsibility to protect not only yourself, but your employees and customers from cyberattacks. Therefore, you should defend against them by staying alert, browsing with caution, and above all, updating on a regular basis.