Learn from my Mistakes: Advice from a CS Student to protect you from Online Attacks!

Published in

cictwvsu-online

6 min readMay 28, 2024

While browsing the internet, an interesting news article caught my attention. Without hesitation, I clicked on it. However, a wave of disappointment struck me when the screen prompted me to log in to my Facebook account. Without thinking, I quickly entered my email and password. Moments later, a notification informed me that my Facebook password had been changed; my account had been hacked. I realized that I had logged into a phishing website — a fake site designed to mimic a real one and trick people into entering their credentials. This incident highlighted how deceptive digital attacks can be in targeting online users and underscored the importance of digital literacy, particularly the knowledge of potential online threats. Fortunately, this blog post will provide comprehensive advice on how to prevent such incidents.

There are different types of online threats, each with a different method of execution. Here are some of the most common online threats that are still relevant today:

Social Engineering

It is a form of online fraud that uses deceptive tactics to trick individuals into divulging personal information like credit card details, passwords, and account numbers. According to an article by IT Governance, the most common form of social engineering is phishing. While phishing attacks are commonly executed through email, they can also occur via instant messages, social media platforms, and text messages. Have you ever been to a sketchy link that lets you spin a wheel and let you win the rewards but before you could claim it, it will redirect you to a login page? That could be a form of phishing attack. To prevent it, check the site’s legitimacy through clicking the button on the left side of the website link and it will show if the website is legitimate or not. Remember, if it is too good to be true, it is.

Guide to determine whether the site is secured or not.

Malware

Have you ever downloaded a third-party application from a website and you notice that your device runs significantly slower than before? Well, that could be a sign of a malware attack. Malware refers to malicious software created to harm or disrupt computers and computer systems. It can propagate through email attachments, file-sharing networks, online advertisements, and compromised websites. To prevent this, keeping the antivirus software up to date can greatly help as it also keeps up with the latest malwares. Personally, I find Microsoft Defender Antivirus sufficient as it does all of the duty in protecting your device in real time. Additionally, if you are using Windows as your operating system, there is no need for you to install as it is pre-installed into the system.

Ransomware

This type of attack is one hardest to recover as it restricts access to your personal data, and holds you under pressure. A ransomware is a type of malware that encrypts or locks files on your computer, demanding a ransom for their decryption. Such attacks can be particularly damaging for businesses, potentially leading to the loss of critical data or the shutdown of essential systems. To prevent ransomware attacks, it is crucial to regularly back up data, keep software and systems updated, and use robust antivirus software.

Prevention is better than cure, they say. The more informed we are, the stronger our defense will be against potential threats. There is no doubt that conducting precautionary measures will take us one step ahead of those who seek to take advantage of us. Here are some measures we can take to negate incoming online attacks:

Creating Strong Passwords

There is no sweat in putting an extra effort into making the password stronger. To create strong passwords, avoid sequential numbers or letters like “1234” or “qwerty,” and don’t include easily accessible personal information such as your birth year. In addition, use a combination of at least eight characters, including letters, numbers, and symbols, to increase complexity — such as “M0l#eb9Qv?”. Moreover, combine unrelated words to form a unique passphrase, steering clear of phrases from popular culture. Utilizing a stronger password improves account security as it is harder for the attackers to decipher and predict your account password.

If you want to create a stronger and more unique password, check this article by Webroot.

Regular Software Updates

When you are notified by your system that there is a new software update, do not hesitate to click it. Software updates are essential for various reasons. They patch security flaws that cybercriminals exploit, preventing malware infiltration and recommending password updates for enhanced security. Updates also bring new features, remove outdated ones, protect personal data from dark web exploitation, improve software performance by fixing bugs, and ensure compatibility with the latest technology for seamless integration and functionality across devices and platforms.

Vigilant Email Practices

Be cautious with email attachments and links, especially from unknown or suspicious sources. Phishing attacks often disguise themselves as legitimate emails to trick users into revealing sensitive information. Verify the sender’s email address and avoid clicking on links or downloading attachments unless you’re certain of their legitimacy.

Example of a phishing attack that offers a high-paying job position.

Two-Factor Authentication (2FA)

Enable 2FA whenever possible for an extra layer of security. This method requires a second form of verification, such as a code sent to your phone, in addition to your password. Even if your password is compromised, 2FA helps protect your accounts from unauthorized access.

Add a 2-Step Verification for your Google Account.

Data Backup and Recovery

Regularly backup important data to secure locations, such as external drives or cloud storage services. In the event of an online attack or data loss, having backups ensures that you can recover your information without relying solely on the affected device.

If you want to see a comprehensive guide on how to back up your data, check this article by UpGuard.

Firewall Protection

Enable and configure firewalls on your devices and network to monitor and control incoming and outgoing traffic. Firewalls act as a barrier against unauthorized access and can block malicious activities from compromising your system.

A YouTube video by P&T IT BROTHER to check if the firewall is activated or not.

Secure Online Transactions

When making online purchases or conducting financial transactions, ensure that the website uses HTTPS encryption and has a valid SSL certificate. Avoid entering sensitive information on unsecured or suspicious websites to prevent data breaches and identity theft.

A site that uses HTPPS encryption with valid SSL certificate.

As I have become more exposed to using social media, I have learned a great deal about measures to deal with online attacks, and I am happy to share this knowledge with you. Remember, being proactive in your practices is key to safeguarding your online identity and assets. Stay vigilant, stay informed, and encourage others to do the same to create a safer digital environment for everyone!

If you are interested in in-depth details about online attacks and how to prevent it, you can check these resources, which was also utilized to write this blog post:

References of the attachments used: