Cybercrime is rapidly on the rise. As we saw in our ‘Understanding Cybercrime’ post, it has surpassed illegal drug trafficking as a criminal money-maker and in 2015, UK consumers lost £1.7 billion to cybercrime.
Pretty serious stuff.
The National Crime Agency believes that ‘organised crime has taken advantage of the opportunities presented by the internet, particularly the growth in e-commerce and online banking.’
So let’s take a look at the three main types of cyber-attack – and most importantly, how you can do your best to avoid them.
1. Distributed Attack
This is where malware is installed on multiple computers. There are various ways that a distributed attack can reach your PC or mobile device:
a) Encryption/Ransomware: hackers encrypt your files and hold your data to ransom! Never pay the ransom! More often than not, they’ll take your money and still not unlock your data. The only solution is to restore your data from back-up.
b) Browser manipulation: the malware can manipulate what you see on your browser and steal your data e.g. the malware inserts a few extra lines of code into your bank’s website. The website looks the same but the malware is stealing your data.
c) Key Logger: this type of malware sits in the background of your PC and captures what you’re typing, to learn your behaviour and potentially catch your personal data.
d) Distributed Denial of Data (DDOS): bombards your website with traffic until the server collapses and goes offline.
How might I get caught by this malware?
You install it! It could be in the form of a website download, pop-up box (the “You’re a winner!” type of messages), email attachment or USB drive.
How do I avoid it?
Don’t click on any links or pop-ups that look suspicious or that you’re not expecting. If in doubt, don’t click! On a PC, you can press Alt + F4 to close the window completely.
2. Central Attack
This is where a central system is hacked in a bid to get customer data, usually for financial gain. Alternatively, a central attack may be done in the name of Hacktivism; for moral/social/political reasons – a prime example of this was the Ashley Madison hacking scandal in July 2015.
How do I avoid it? Unfortunately, you can’t. That’s to say you have absolutely no control over whether or not this happens. But central systems are becoming more and more vigilant and resistant to such attacks.
3. Personal Attack
This is exactly what it says on the tin – a personal attack on your data. The most common types of personal attack are:
a) Email spoofing
b) Telephone spoofing
c) Letter spoofing
How can I avoid it? Be cybercrime aware – stay vigilant and use your common sense. If someone calls you from ‘Microsoft’ to remotely log in to your home computer, the chances are it’s fake. Ask yourself if it’s too good to be true – if the answer is ‘yes’ then it probably is.
Want to be more Cybercrime aware?
Then why not join projectfive for a Cybercrime Awareness Training Course! It will help you and your team to recognise these threats and take practical measures towards making yourself – and your business – less vulnerable. Email firstname.lastname@example.org for full details.