Hacker Tricks: How You Can Protect Yourself

Whenever a new technology emerges, there is a new opportunity for cybercriminals to use hacking techniques to exploit users. Every day, millions of devious cybercriminals look for ways to exploit security vulnerabilities in a business network. This allows them to steal data, extort money from victims, send spam, and promote their viewpoint.

What tricks do hackers use to access your network and devices?

Fake Wireless Access Points: Cybercriminals can set up fake wireless access points at coffee shops and airports that require you to create a username and password. They call their network a legitimate-sounding name, such as “Starbucks Wireless Network.” Once the unsuspecting victim enters their information, they can access your data in clear, unencrypted text. Once these hackers receive your username and password, they attempt to access your accounts on popular sites, such as Facebook, Twitter, and Amazon. To avoid these types of hacker tricks, use your mobile carrier’s hotspot (AT&T or T-Mobile), which usually shows as WPA or WPA2. If you’re using a hotspot that doesn’t support WPA or WPA2, use your company’s Virtual Private Network (VPN) to encrypt your private data.
Password Cracking Programs: Many people set up their passwords as follows: capitalize the first letter of the word, use a place name or a common word as the seed, and use numbers or special characters to represent letters. For example, California would now look like this “C@l1f0rn1@.” Unfortunately, hackers are aware of these patterns and have developed password-cracking programs. With their software, these cybercriminals can try billions of password combinations in seconds. To create strong passwords, make sure they are at least eight characters long and include at least three uppercase and lowercase letters, numbers, punctuation, and symbols. Also, make sure to change your password regularly and don’t use the same one for everything.
Cookie Theft: When users navigate a website, a cookie tracks and stores information, including usernames and passwords. This makes it easier for them to navigate the page because they don’t have to enter login credentials each time they visit the site. Cybercriminals can use a Firefox extension called Firesheep to steal cookies. Once users log in to a public network, hackers can steal unprotected cookies and take over their entire session. If you plan to use a public network, make sure to clear your browser’s cookies beforehand. If you use Firefox, you can set the browser to clear your cookies each time you close the window.
Phishing Scams: A hacker can send malware to your email account by sending a phony package delivery notice to your email account. The attachment file names are usually designed to encourage unsuspecting users to click them. Once the user clicks on the attachments, malware will install on your computer. Do not open attachments from an unknown sender. If you need to view an attachment from a known sender, save the files to disk before opening them. You can also use email filtering software, such as Symantec Mail Security for Microsoft Exchange. This type of software scans for malware and filters out malicious emails from your inbox.
Free Software Downloads: Many users download free applications that offer premium fonts, file conversions, and free music. However, many of these “free” applications contain malware and can take over your entire computer once they are downloaded. Make sure you download applications from trusted software manufacturers, such as Microsoft, Adobe, and Trend Micro.
Cracking HTTPS: Many computer users have learned that a closed padlock icon and the “S” in HTTPS indicate that you have established a secure connection. This is no longer the case, as cybercriminals have learned to exploit this protocol. If you are on a site with the HTTPS closed padlock icon, and you get a prompt about an invalid certificate, you may not be on a trustworthy site. Also, you can view the website’s certificate information and decide whether the issuing authority, such as VeriSign or GoDaddy, is trustworthy.
Text Message Malware: Cybercriminals send victims an SMS with a picture attachment containing malware. Once they download the picture, the malware will install on your smartphone. Afterward, the malware will force the smartphone to send SMS messages to sites that charge users each time a message is sent, thereby racking up their phone bill. The malware can also steal usernames and passwords stored on their phone. Make sure to keep your phone’s software up to date, since most malware circulates on older Android versions. Also, do not share your cell phone number with websites that ask for it as part of a survey or sweepstakes. Finally, do not click on any suspicious links in text messages, especially from unknown senders.

Keep in mind, this is not an exhaustive list of hacker tricks used to attack victims, especially since technology is constantly changing. Many cybercriminals constantly test the network security of the devices we use to access confidential information and extort money.

A managed service provider can help you protect your devices from hacker tricks by identifying security gaps, using an Intrusion Prevention System, and setting up employee technology-use policies. Furthermore, they will use a comprehensive monitoring system to ensure the safety of your device usage.

If you’re interested in a review of your business IT security and advice on ways you can avoid hacker tricks, contact SwiftTech Solutions by calling 877-794-3811 or emailing info@swifttechsolutions.com for a free consultation.

SOURCES:
7 sneak attacks used by today’s most devious hackers. (2013, October 3). Retrieved from: https://informationsecuritybuzz.com/7-sneak-attacks-used-by-todays-most-devious-hackers-2/
Sabhlok, R. 5 Top Targets for Today’s Hackers. (2013, August 8). Retrieved from: http://www.forbes.com/sites/rajsabhlok/2013/08/02/5-top-targets-for-todays-hackers/
Pinola, M. Your Clever Password Tricks Aren’t Protecting You from Today’s Hackers. (2012, August 23). Retrieved from: http://lifehacker.com/5937303/your-clever-password-tricks-arent-protecting-you-from-todays-hackers
Glassberg, J. On the Lookout: New Hacker Threats. (2013, July 31). Retrieved from: http://www.foxbusiness.com/personal-finance/2013/07/31/7-new-hacker-threats-to-watch-out-for/
Phifer, L. How to know if you’re connecting to fake or real access points (APs). (2008, January). Retrieved from: http://searchnetworking.techtarget.com/answer/How-to-know-if-youre-connecting-to-fake-or-real-access-points-APs
Microsoft. Create strong passwords. Retrieved from: http://www.microsoft.com/security/online-privacy/passwords-create.aspx
Brown, M. How to Prevent Online Cookie Theft. (2009, October 31). Retrieved from: http://voices.yahoo.com/how-prevent-online-cookie-theft-4746492.html

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.