In 2019, the well-known biological virus, Covid-19, broke out, causing an unexpected surge in digital viruses. The conditions of the pandemic forced most of us to retire, and businesses to sharply adapt to the prevailing circumstances. As a result, there is a situation where everyone sits at home and is forced to carry out various activities through the network: schoolchildren, students, their parents. At the same time, often using software that is not designed for such loads and in many cases is not sufficiently protected.
Also, many users are not aware of possible threats, for example, hidden behind the facade of a huge illuminated button “DOWNLOAD video with cute puppies.” According to PurpleSec cybersecurity statistics in 2021, over the past three years, the number of cyber attacks has grown by 600% and, unfortunately, this figure is not in favor of ordinary users. If you study the cyber attacks three years ago, you will see that various complex schemes were often created to extort money from companies.
Today, due to the huge number of users online, it is enough for a hacker to develop a simple scheme and scale it to a large number of users in order to get the same amount of money as with a complex scheme for companies. Thus, the number of hackers has increased, and their attack vector has shifted to ordinary users. In parallel, the grade of training of such hackers is not high: some schemes are incredibly elementary.
What is the most common vulnerability?
The answer is obvious – most often passwords are broken. Yes, passwords and more passwords. It is well-known that passwords need to be changed at regular intervals, but according to Wikipedia statistics, our favorite password is still in the top – “123456”, like all ten of the most frequently used passwords, cracked with a bang.
Does a complex, frequently changing password guarantee protection against hacking
Unfortunately no. At the moment, even complex passwords can be bypassed or found out through third-party services. For example, if you use similar passwords on different resources, then the loss of one password still entails the consequences of hacking others. But do not despair, there is a way out, and it is quite simple: you can use a bunch of passwords and SMS confirmation codes.
The solution is quite good and proven, almost all banks use it.
A small digression regarding SMS, the fact is that operator networks can be exposed to a large number of attacks, and the likelihood of losing your password is high, therefore it is recommended to use push notifications. Such notifications are sent to the Internet using more secure protocols.
But there is a small nuance here, even if you regularly change passwords, use SMS / push, this still does not guarantee the safety of your data. If it so happened that you suddenly lost your phone, in the case of which your credit card was, and you set a confirmation code for any write-off operation, then it would seem that you should be safe, but, unfortunately, this is not so.
If an attacker takes possession of your phone and tries to write off a big sum from your card, he will see an SMS or push notification with a code on the locked screen.
The fact is that the content of notifications is displayed on the locked screen. This can be very convenient for ordinary users: you do not need to unlock your phone in order to drive in a confirmation code, but this function of your phone is even more convenient for intruders. If you are worried about the safety of your funds, turn off pop-up messages on a locked device.
Cybersecurity Tips in 2022
- Update your passwords regularly.
- Use two-factor authentication.
- Issue separate bank cards for children.
- Limit access to applications.
- Remove geolocation.
- Set up your privacy on social media.
- Use mail to send documents.
- Issue separate credit cards for purchases.
- Use asset management consultancy.
- Update software on a schedule.
- Download software only from official sites
- Don’t use public Wi-Fi.
- Use antivirus software.
- Do not open or reply to
- suspicious letters.
- Give preference to the mobile version of the resource over the website.
- Make backups.