2021 has been one of the most profitable years for cybercriminals so far. Nearly 19 billion records were disclosed in the first half of the past year alone. As we start the new year, we need to review our digital life and make new decisions. ESET, the world leader in cybersecurity, has identified 10 cybersecurity habits that need to be changed as we start a new year.
A good sense of security means a reduced risk of identity fraud and financial loss. The cost of these scams reached US$56 billion in 2020, and most of the scams took place online. To understand the scale of the problem, data from the US Identity Theft Information Center needs to be considered. According to data, one-third of identity theft victims in the US say they don’t have enough money to buy food or pay for their food due to fraud. ESET experts recommend that in 2022, increase cyber hygiene and act carefully and quit the 10 bad habits shared below:
- Using outdated software
Vulnerabilities in operating systems, browsers and other software on your computer and devices are the best places for cybercriminals to attack. When you enable the auto-update function and confirm the update when prompted, this issue does not interfere with your daily life too much.
- Weak password security
Passwords are the keys to our digital world. Unfortunately, we don’t use them securely enough these days because we have so many passwords to remember. Using the same password and easy-to-guess login credentials for multiple accounts gives hackers a huge advantage. Using software, these attackers crack weak encryptions, try common variants yellow, and try to use the compromised passwords on other accounts. Instead, use a password manager to remember strong and unique passwords or login keys. Also, switch to two-factor authentication (2FA) on all accounts where possible.
- Using a public Wi-Fi network
We’re starting to go out more these days. Therefore, public Wi-Fi networks are used more. However, this is a risky issue. Hackers can use the same networks to learn about your internet usage, gain access to your accounts, and steal your identity. To be safe, you should avoid using these access points in public areas. Do not log into your important accounts while connected to the public network, in case you have to use it.
- Don’t think before clicking
Phishing is one of the most profitable types of fraud. A technique known as social engineering is used. In social engineering, attackers try to trick their victims into clicking a malicious link or opening a malware-laden attachment. They take advantage of our inner goodwill and try to get us to make a quick decision with messages about an emergency. The most important rule we must follow to thwart these attacks is not to click without thinking. Double-check the sender or company to make sure the incoming email is genuine. Don’t act hastily.
- Not using security on all devices
In an age of revenue-generating cyber threats, you should use malware protection from a reputable provider on your computers and mobile devices. But how many of us use security software the same way on our mobile devices and tabledollar series? According to research, we use these devices for almost 5,000 hours each year. We are likely to encounter malicious apps and websites during this time. Secure your device now.
- Using unsafe websites
HTTPS sites use encryption to protect traffic from your web browser to the site you entered. This has two purposes. Verify that the website is genuine and not a phishing or fraudulent website; making sure that cybercriminals do not spy on your communications to steal your passwords and financial information. This isn’t a 100 percent guarantee as many phishing sites use HTTPS these days, but it’s a good start. Always make sure there is a lock symbol e.
- Sharing your work and private life
Many of us have lived through most of the last two years in a way where the sharp line separating our business and private lives has disappeared, and the two sides have become entangled. The more this line becomes uncertain, the greater the cyber risks. Consider the use of business emails and passwords to log into consumer shopping and other sites. What if the data on these sites is compromised? Hackers can take over your corporate accounts. In addition, the use of unsafe personal devices for work also increases the risk. You should make an extra effort to keep your work and private life separate.
- Sharing your information on the phone
Voice phishing, also known as voice phishing, uses social engineering to trick users into clicking something, as does email and SMS-based phishing theft. It is an increasingly popular way to obtain victims’ personal and financial information. Scammers often hide the real number to make the attack look like a real communication. The rule of thumb is not to share any sensitive information on the phone. Depending on who they are and where they’re calling from, check the information by calling the company directly without using the number provided by the caller.
- Not making a backup
Ransomware costs companies hundreds of millions of dollars each year. So, we sometimes forget that there are many variants waiting for consumers. Imagine suddenly your home computer is locked. All data on your computer and possibly cloud storage can be lost forever, including family photos and important business documents. Regular backups give you peace of mind in case you run into bad situations.
- Not protecting your smartphone
Almost a third of homes in Europe are equipped with electronic devices such as voice assistants, smart televisions and security cameras. But the connectivity and machine intelligence they provide also make these devices an attractive target for criminals. They can be hijacked to turn them into botnedollars to attack others, or they can be used to gain access to other devices and data. To keep these devices secure, change the initial default passwords. Also, be sure to select vendors that have a track record of fixing known vulnerabilities in their products and research potential vulnerabilities before purchasing an electronic device.