Almost all of our formal & informal communication, financial transactions have been digitalised. Digitalisation has made our life easier. But, it is also important to be aware of the threats and risks that this medium possesses. Illegal attempts to steal user information, using someone else’s credit/debit card details for online transactions, or hacking into someone’s social media accounts are some of the threats that the cyber medium possesses. Undertaking some simple precautions can help us stay safe from these cyber attacks. Here is a brief explanation of some cyber attacks and the measures you can undertake to stay secure from these threats.
1. Use a different password for each account
Suppose you use the same password for sites like Gmail, Facebook and Outlook and your password for Facebook gets revealed to someone. That person can then access your Gmail and Outlook accounts as well. To avoid this, use different passwords at least for all important sites like email, social networking and online payment accounts. Prefer random text over meaningful words as password.
A trick to form strong passwords is using acronyms. First, form a sentence like:
I study in COEP Computer Engineering. Now use the first letters of all the words to form a password like “IsiCCE”
2. Important software like browser, payment wallet apps should be updated regularly
Browsers may contain some vulnerability which attackers can exploit to steal information. The developers of these software keep repairing such flaws thorough updates to these software. So it is important to update these software regularly.
3. Avoid opening links of lotteries, prizes, gifts, discounts
It is rightly said, “If you are not paying for the product, then you are the product.” Next time you get an email telling you have won a huge amount in the lottery (even though you did not purchase any lottery ticket), or telling you that you have won an iPhone, do not open any link from the email and report the email as spam.
4. Download all software from authentic sources, avoid downloading software (executable files) from torrent sites
Software from non-authentic sources may be modified by attackers to steal user information. Always download software from authentic sources.
5. While using third party computers or mobiles for browsing use the private/incognito mode
The browser’s private/incognito mode does not store browsing history and user credentials. So prefer it when using third party computers.
6. While using third party computers, use an on-screen keyboard while entering important details
There are software known as keyloggers which capture all the data entered by the user using the physical keyboard. It is possible that third party computers might have these
keyloggers installed and might steal data like passwords you enter using the keyboard. Using an on-screen keyboard bypasses these keyloggers.
7. Use a good anti-virus software suite
Choose a good antivirus software (free or paid) that provides protection against viruses, malware, worms and internet threats. Each time a USB stick is inserted into PC, make sure to scan it before using it. Turn on the safe browsing feature of antivirus, to avoid accidentally visiting malicious websites.
8. While logging in to any site, check the URL (the one in the address bar), it should be exactly the same as the site you want to log in to
Attackers sometimes create a fake login webpage similar to that of standard websites and ask users to enter their login credentials. However, when entered, the login username &
password go to the attacker instead of the intended website. This attack is known as phishing. To identify fake web pages, check the URL (website address) of the webpage. Fake webpages have a different URL that that of the site you intend to visit .
9. Ensure the URL of the site contains HTTPS instead of HTTP
HTTPS is a protocol for browsing internet that uses encryption techniques and is more secure than HTTP. So, ensure that important sites like those for email and financial payments contain “https://' rather than “http://”.
10. Tips for Gmail
Most of us use Gmail accounts. Gmail provides something known as Two Factor Authentication method. When this option is enabled, each time you login to gmail, it sends a One Time Password (OTP) to your registered mobile. In this way, even if your password is revealed, your account cannot be accessed.
Suppose you log into Gmail from a third party device and forget to logout. In that case, open Gmail in a browser, scroll down to the bottom of the webpage. There is an option named “Details”. Click on it. A pop-up appears with a button to sign out from all web sessions. Clicking on that button will sign you out from all existing sessions other than the current device.
For any cyber attack to succeed, the attacker has to be technically stronger and more informed than the victim. So the best tip to prevent cyber attacks is to keep acquiring knowledge and staying informed about the different cyber threats. Elders and children are more prone to cyber attacks, so share your knowledge of cyber security with them and help the society in staying safe from cyber attacks.