Authored by Phil Muncaster, guest writer at ESET
The start of a new year means a fresh start for your digital life. Cybersecurity is becoming an increasingly crucial component of this. In fact, cybercriminals are already predicting that 2021 will be one of their busiest years yet. In the first half of the year, about 19 billion records were revealed.
With better protection, you should be less vulnerable to identity theft and financial loss. In 2020, the cost of these scams will have reached a new high of $56 billion, with the majority of it occurring online. Although the organisations with whom you engage have a duty, and often a legal obligation, to secure personal data, it’s also necessary for you to do your part.
Consider this if you’re still hesitant to find new ways to defend your digital world: According to the US Identity Theft Resource Center, a third of identity crime victims in the United States reported they didn’t have enough money to buy food or pay for utilities last year as a result of fraud.
To enhance your cyber-hygiene in 2022, be attentive, proactive, and break these 10 harmful habits:
Using outdated software
One of the most common ways cybercriminals attack is through flaws in operating systems, browsers, and other software on your PCs and gadgets. The problem is that in 2020, there were more of these flaws discovered than in any prior year: almost 18,100. Each day, more than 50 new software vulnerabilities are discovered. The good news is that this activity doesn’t have to take up too much of your time if you enable automatic updates and click through to upgrade when requested.
Poor password hygiene
The keys to our digital front door are passwords. Unfortunately, we tend to utilise them insecurely since we have so many to remember these days — over 100 on average. Hackers get a significant advantage by using the same password for several accounts and using easy-to-guess credentials. They have tools that can crack weak encryption, try common variants, and try to reuse passwords that have been compromised on other accounts (known as credential stuffing). Instead, remember and recall strong, unique passwords or passes using a password manager. Also, enable two-factor authentication (2FA) for any account that supports it.
Using public Wi-Fi
These days, we’re all getting out a lot more. And with that comes the desire to utilise public Wi-Fi. However, there are dangers. Hackers can spy on your online activity, gain access to your accounts, and steal your identity using the same networks. To be safe, stay away from these public places entirely. If you must use them, don’t use them to log into any critical accounts.
Not thinking before clicking
Phishing is one of the most common forms of cybercrime. It employs a social engineering approach in which the attacker tries to persuade the victim to click on a malicious link or open a malware-laden attachment. They take advantage of our hard-wired credulity and aim to compel quick decisions by instilling a sense of urgency in the message. To thwart these attacks, the first guideline is to consider before you click. To ensure that the email is genuine, double-check with the person or firm who sent it. Take a deep breath and relax. Don’t feel compelled to behave in a quick manner.
Not using security on all devices
Anti-malware protection from a trustworthy source should be installed on all of your PCs and laptops in this age of widespread cyber-threats. But how many of us protect our mobile and tablet devices in the same way? According to studies, we spend approximately 5,000 hours every year utilising these devices. In that time, there will be lots of opportunities to stumble across dangerous apps and websites. Now is the time to secure your device.
Using non-secure websites
Encryption is used on HTTPS sites to safeguard traffic from your browser to the site in issue. It serves two purposes: to verify that the website is legitimate and not a phishing or fake website, and to prevent fraudsters from listening in on your conversations and stealing passwords and financial information. Even many phishing sites now employ HTTPS, so there’s no guarantee that nothing untoward will happen. However, it’s a start. Always keep an eye out for the padlock symbol.
Sharing work and personal lives
Many of us have spent much of the last two years blurring the line that previously separated our professional and personal lives. Cyber-risk has crept in as the line has gotten more hazy. Consider registering on consumer shopping and other sites using work emails and passwords. What happens if those sites are hacked? Hackers may now be able to access your company’s account. Using unprotected personal gadgets for work comes with its own set of dangers. It’s worth the extra effort to keep business and pleasure separate.
Giving out details over the phone
Voice phishing, also known as vishing, is an increasingly popular means to obtain personal and financial information from victims, similar to how email and SMS-based phishing use social engineering techniques to deceive users into clicking. Scammers frequently hide their real phone numbers to give the attack more validity. The best rule of thumb is to never give out personal information over the phone. Ask who they are and where they are calling from, then call the company directly to confirm – do not use any of the caller’s phone numbers.
Not backing up
Businesses lose hundreds of millions of dollars each year due to ransomware. As a result, it’s easy to forget that there are still varieties waiting to be discovered. Consider being locked out of your home computer. All of the data on it, as well as any cloud storage, may be permanently destroyed, including family photos and crucial professional documents. Backups on a regular basis, according to the 3-2-1 best practise rule, provide piece of mind in the event of a disaster.
Not protecting the smart home
Smart devices such as voice assistants, smart TVs, and security cameras are installed in about a third of European homes. However, by adding connectivity and intelligence to these devices, crooks will find them more appealing. They can be used as a gateway to the rest of your devices and data, or they can be hijacked and turned into botnets to conduct attacks on others. Change the default passwords on startup to keep them safe. Also, before purchasing a gadget, make sure to find a seller with a track record of correcting known vulnerabilities in their goods and to investigate potential security problems.
We’re all excited to see what 2022 has in store. Improve your cybersecurity today to ensure that this year is full of only wonderful surprises.