A Quick Guide to Personal Security
In today’s digital age, overlooking security is no longer an option. Technology is pervasive as it transcends all ages, cultures, and socioeconomic groups. Its widespread presence creates more opportunities for cyber threats to become increasingly prevalent, which is why individuals need to be well-educated and adhere to safety precautions to shield themselves against the emotional and financial alarms caused by cyberattacks. So, in honor of Cybersecurity Awareness Month, here are four different methods hackers can use to access your account and ways to ensure you are fortifying your digital presence and logging in with confidence.
- Protect Your Password at All Costs
Your password is the gateway to your identity, as it serves as the initial defense barrier against hackers and their ability to access unauthorized personal data. Here are the most prominent risks that come from leaving your password unprotected and how to avoid them:
a. Cybercriminals will purposely keep your password unchanged when they hack your account to avoid drawing your attention.
Change your password at least twice a year and always use 2-factor authentication to enhance security in digital interactions.
b. Hackers are aware of our forgetful nature and inability to recall our passwords. Hence, we stick to the same password across all accounts.
Always have a minimum of 2 passwords to prevent a domino effect if one of your passwords is violated.
c. Hackers may try to steal your password, sometimes even by asking you directly and posting as a trusted individual or entity.
You should never give your passwords, PIN codes, or OTPs to anyone, no matter who they claim to be.
- Shield Yourself from Identity Theft:
Your identity is intrinsically tied to your data and privileges, making it a prime target for hackers to steal. Understanding and learning how to combat these critical risks is pivotal to protecting yourself. Here are some common methods used by hackers to steal your identity.
a. “Phishing,” is a type of cyber-attack that occurs through email by manipulating you into believing you have received a shipment or a money transfer. These deceptive tactics can often trick you into revealing sensitive information, such as usernames, passwords, credit card details, and personal identification numbers (PINs)
Always ensure that your emails are being sent from legitimate sources and that the link leads to your actual service provider domain.
b. “Smishing” attacks through mobile messages (SMS) by convincing you that your bank account is suspended and asking for your password.
Financial and government institutions will never ask you for your credentials, so don’t fall for the trick or click on any of the links included in these messages.
c. “Vishing” is a form of cyber-attack that stands for “voice phishing.” It involves cybercriminals using phone calls to trick you into believing your details need to be updated.
Financial and government institutions update data only in their branches and never through the phone, so do not respond to such requests and immediately hang up respectfully.
- Don’t Fall for the Bait:
Hackers and cybercriminals may often try to manipulate you using “social engineering” methods into disclosing confidential information to grant them unauthorized access to your account. Unlike traditional hacking methods that exploit technical vulnerabilities, social engineering exploits human psychology and behavior, as listed below.
a. “Rumors” that salary increases have been put on hold or that one employee’s salary is higher than others.
Usually, the threat actors use this provocative misinformation to push people towards collecting information from them; hence, it is always recommended to never overreact to rumors in order to ensure your safety.
b. “Over-Friendliness” through asking for personal details, such as birthdays, birthplace, family details,
Many individuals include personal details in their passwords. This makes passwords predictable and susceptible to being cracked. Be very careful with whom you share data with and opt for robust, unique passwords not associated with readily available information about you.
c. “Personal Overtelling” involves someone pretending to have an intimate or close relationship with you to persuade you into sharing personal information.
Threat actors will give you fake intimate data about themselves to push you to do the same; never feel obliged to reveal your personal life, no matter how trustworthy they are.
- Guard your Social Media Privacy:
When hackers and threat actors target individuals, they regularly follow a process that begins with information gathering about their target. This phase is essential to them as it allows them to understand their targets’ vulnerabilities, habits, and routines before trying to attack. Here are some examples of how the information-gathering process may occur:
a. Through public personal profile details, usually referring to information that is intentionally made available to the public, including your name, profile picture, location, etc.
Hackers and threat actors may try to guess your password based on your personal details. Therefore, never leave your personal details public or include them in your password.
b. Fake recruiters: Threat actors may masquerade as recruiters/talent acquisition to get your CV, which contains personal details.
Always make sure the recruiter’s email is not a public domain email (gmail.com, hotmail.com, etc.), and always visit the website in the email domain to ensure this is a real company.
c. Location and travel sharing: Usually, threat actors are interested in knowing your location to approach you with social engineering techniques.
Keep your live location private and share your experience after the travel but never during it.
In conclusion, personal security is a dynamic and ever-changing process that requires continuous proactive measures. By embracing an unceasingly educational, vigilant and adaptable culture, individuals can confidently navigate the digital world while safeguarding themselves from personal threats.