Whenever a new form of technology breaks through, there is a new opportunity for cybercriminals to use hacker tricks to take advantage of their users. Every day, millions of devious cybercriminals look for different methods for exploiting security vulnerabilities in a business network. This allows them to steal data, extort money from victims, send spam, and promote their viewpoint.
What tricks do hackers use to access your network and devices?
- Fake Wireless Access Points: Cybercriminals can set up phony wireless access points at coffee shops and airports with portals requiring you to create a username and password. They call their network a legitimate-sounding name such as “Starbucks Wireless Network.” Once the unsuspecting victim enters their information, they can access your data in clear, unencrypted text. Once these hackers receive your username and password, they attempt to access your accounts on popular sites, such as Facebook, Twitter, and Amazon. To avoid these types of hacker tricks, use your mobile carrier’s (AT&T, T-Mobile) hotspot, which usually shows as WPA or WPA2. If you’re using a hotspot that doesn’t support a WPA or WPA2, use your company’s Virtual Private Network (VPN) so the network encrypts your private data.
- Password Cracking Programs: Many people set up their passwords the following way —capitalize the first letter of the word, use a name of a place or a common word as the seed, and use numbers, or special characters for a letter. For example, California would now look like this “C@l1f0rn1@.” Unfortunately, hackers are aware of these patterns and developed password cracking programs. With their software, these cybercriminals can try billions of password combinations in seconds. To create strong passwords, make sure they are at least eight characters long and there should be at least three upper and lowercase numbers, punctuation, symbols, and numbers. Also, make sure to change your password often and not use the same password for everything.
Cookie Theft: Whenever users navigate a website, a cookie will track and store information, including username and password. This makes it easier for them to navigate the page by not having to enter login credentials each time they go on the site. Cybercriminals can use a cookie theft plugin in Firefox called Firesheep. Once users log into a public network, hackers can steal unprotected cookies from them and then take over their entire session. If you plan to use a public network, make sure to clear the cookies on your browser beforehand. If you use Firefox, you can set the browser to clear your cookies each time you close the window.
- Phishing Scams: A hacker can send malware to your email account by sending a phony package delivery notice to your email account. The attachment file names are usually something that encourages unsuspecting users to click on them. Once the user clicks on the attachments, malware will install on your computer. Do not open attachments from an unknown sender. If you need to view an attachment from a known sender, save the files to disk before opening them. You can also use email filtering software, such as Symantec Mail Security for Microsoft Exchange. This type of software will scan for malware and then filter the bad emails out of your inbox.
- Free Software Downloads: Many users download free applications that provide premium fonts, file conversions, and free music downloads. However, many of these “free” applications contain malware and can take over your entire computer once it downloads. Make sure you download applications from trusted software manufacturers, such as Microsoft, Adobe, and TrendMicro.
- Cracking HTTPS: Many computer users learned that a closed padlock icon and the “S” in HTTPS mean you established a secure connection. This is no longer the case since cybercriminals learned how to hack this protocol. If you are on a site with the HTTPS closed padlock icon and you get a prompt about an invalid certificate, you may not be on a trustworthy site. Also, you have the option of viewing the website certificate information and deciding if the issuing authority, such as VeriSign and GoDaddy, is trustworthy.
- Text Message Malware: Cyber criminals send their victims an SMS message with a picture attachment bundled with malware. Once they download the picture, the malware will install on your smartphone. Afterward, the malware will force the smartphone to send SMS messages to sites that charge users each time their account sends a message, thereby racking up their phone bill. The malware can also steal usernames and passwords stored on their phone. Make sure to keep your phone’s software up to date, since most of the malware tends to circulate on older Android operating systems. Also, do not share your cell phone with websites that ask for your number as a part of a survey or sweepstakes. Finally, do not click on any suspicious links in text messages, especially from unknown senders.
Keep in mind this is not an exhaustive list of hacker tricks used to attack victims, especially since technology is constantly changing. Many cyber criminals constantly test the network security of devices we use to get confidential information and extort money.
A managed service provider can help you protect your devices from hacker tricks by finding the holes in your security, using an Intrusion Prevention System, and setting up employee technology use policies. Furthermore, they will use a comprehensive monitoring system to ensure the safety of your device usage.
If you’re interested in a review of your business IT security and advice on ways you can avoid hacker tricks, contact SwiftTech Solutions by calling 877-794-3811 or emailing firstname.lastname@example.org for a free consultation.
Grimes, R. 7 sneak attacks used by today’s most devious hackers. (2013, September 30). Retrieved from: http://www.infoworld.com/d/security/7-sneak-attacks-used-todays-most-devious-hackers-227557
Sabhlok, R. 5 Top Targets for Today’s Hackers. (2013, August 8). Retrieved from: http://www.forbes.com/sites/rajsabhlok/2013/08/02/5-top-targets-for-todays-hackers/
Pinola, M. Your Clever Password Tricks Aren’t Protecting You from Today’s Hackers. (2012, August 23). Retrieved from: http://lifehacker.com/5937303/your-clever-password-tricks-arent-protecting-you-from-todays-hackers
Glassberg, J. On the Lookout: New Hacker Threats. (2013, July 31). Retrieved from: http://www.foxbusiness.com/personal-finance/2013/07/31/7-new-hacker-threats-to-watch-out-for/
Phifer, L. How to know if you’re connecting to fake or real access points (APs). (2008, January). Retrieved from: http://searchnetworking.techtarget.com/answer/How-to-know-if-youre-connecting-to-fake-or-real-access-points-APs
Microsoft. Create strong passwords. Retrieved from: http://www.microsoft.com/security/online-privacy/passwords-create.aspx
Brown, M. How to Prevent Online Cookie Theft. (2009, October 31). Retrieved from: http://voices.yahoo.com/how-prevent-online-cookie-theft-4746492.html