DynaRisk’s Intelligence Analysts have been hard at work mapping out this year’s trends; if 2018 taught us anything, it’s to expect a growth in cyber attacks.
DynaRisk’s Intelligence Analysts have been hard at work mapping out this year’s trends; if 2018 taught us anything, it’s to expect a growth in cyber attacks.
Last year was a big one for the cyber security industry with a number of high-profile data breaches reported in the media. In the latest scandal, hotel chain Marriott International revealed that approximately 500 million customers had been affected by a data breach. Stolen information included names, addresses, passport numbers and card details – although the company is unable to tell in what combinations.
DynaRisk’s threat intelligence analysts are confident that the scale of attacks will grow in 2019, especially for small to medium businesses. However from a consumer perspective, data is data and no matter which company your information is leaked from, the consequences are much the same.
Based on this year’s trends, here’s what to look out for in the year ahead and how to stay protected…
Artificial intelligence and machine learning cyber attacks will increase the frequency and number of breaches.
This technology will make guessing passwords quick, easy and automated therefore it’s important to be vigilant about the information you share online and use unique, complex credentials for each website. It’s also crucial to enable two-step verification on any platform that offers it; DynaRisk’s two-step verification tool, an important dashboard feature, can help to discover which sites offer extra protection.
The New Year will see an increase in social engineering attacks.
Social engineering is one of the oldest tricks in the book. Fraudulent phone calls posing as your bank, or as a colleague asking for an invoice to be paid are just some of the methods deployed by fraudsters. These scams aren’t always easy to spot and criminals have honed their tactics to ensure maximum return – at your expense.
If you are unsure about a phone call from your bank, a suspicious email or text message, it’s always best to err on the side of caution and refuse to engage. Remember: banks won’t ask you to move your money into a ‘safe’ or ‘holding’ account while they investigate suspicious activity concerning your current account. This tactic is usually combined with clever tricks like reciting potential transactions – however this information can be relatively easy to find (did you recently share a picture of your new boots on your public Facebook profile?).
To stay safe, here are some examples of precautions you can take…
- Never move your money to another account via a phone call, no matter how convincing the person at the other end of the line is. Your bank would never do this. Simply hang up, go to your bank’s website and call their helpline using the telephone number(s) provided. They will be able to run security checks and advise next steps.
- If you receive an invoice (from a builder or plumber for example) via email, call the payee just to double check the account details. Hackers can easily intercept these types of communications and create an identical, but fake, invoice or purchase order.
- If a colleague emails asking for an invoice to be paid, always check the ‘from’ address. It’s easy to create a fake email address that looks almost identical, so do a quick comparison. Similarly, if a ‘friend’ emails or texts asking for money, be sure to carry out a similar check and ensure that their details are correct.
Crypto mining malware is starting to target mobile devices.
This is a heavy subject but the simple premise is, hackers can use your CPU processing resources to run a script on your computer or mobile phone. Unlike other types of malware designed to steal your data, crypto mining (also referred to as cryptojacking) slows down your device by running a load-heavy script in the background.
It’s nothing to lose sleep over; affected devices will simply perform more slowly as the CPU is running overtime in the background – which can be a little annoying. If you want to protect yourself, a simple way is to browse using Opera, also available in Opera for Android devices and Opera Touch for Apple devices.
Exercise extreme caution when it comes to sharing information about yourself online and on social platforms.
Any personal information is a clue to cyber criminals so make good use of privacy settings and before sharing anything about yourself, stop to think about how it could be interpreted by fraudsters. The BBC published an article concerning writer Mike Tinmouth who tweeted Barclays to complain about the length of time it was taking to set up a business account. Initially he was pleased to see the company attempting to expedite the process by way of apology. What he didn’t realise was that he had actually been targeted by fraudsters posing as his bank and was about to transfer his money to them – not Barclays.
Thankfully the transaction was blocked by Mr Tinmouth’s current account provider, however without this he would have lost £8,000 and had no one to blame or recuperate the money from. In these cases, it’s important to remember that anything you share online could be a clue to criminals. If you have a complaint that you feel a brand is not taking seriously, contacting them via social media can have a positive outcome. However it’s important to be vigilant about the information you share and always check that the username and profile is authentic.
Want to do more to protect yourself this year?
The DynaRisk dashboard and tools aim to provide an extra layer of protection that antivirus software can’t. Find out more about how it works and sign up today.