For years now, we’ve heard about the dangers of computer hacks and security breaches. People have been warned about not clicking on unsolicited or unusual emails and never clicking on suspicious links.
But still, the behaviors continue with people infecting their home and business computers with viruses, malware, ransomware and the newest bug to hit the Internet — cryptocurrency mining malware.
Two of the biggest vulnerabilities for users have been through their email accounts and web browsers. So, let’s look at a few different ways you can protect these two areas from making you the target of hackers.
Protect Yourself from Cryptocurrency Mining Software
Strengthening Email Accounts
- Don’t click on unknown links — If you receive an email from someone, whether it’s someone you know at work or someone you’ve met through your business, you should never open links they send you. Hackers may infect a user’s email account, stealing access to that person’s address list, and then send spam emails to the people on that list posing as the originally infected user. Once you click on this link, the spammers will load the same malware onto your computer and replicate the process. If you’re not absolutely sure of a link’s legitimacy, contact the sender directly and ask them.
- Other phishing techniques — Another common phishing technique is to send an email pretending to be someone from Windows/Microsoft support or even from your company’s own IT department. They’ll send you to a link that’s made to look like an official company site and request that you sign in using your company credentials. Once you do this, the hackers will have access to your username and password. If you’re not sure if this message is really from who they claim to be, look at the email address first. Usually, there’ll be something “off” about the address, but even that is becoming harder to detect. You can also hover your cursor over the link to see if it’s taking you to your company’s website or an actual Microsoft site. (Chances are, it won’t.)
- Strengthen passwords and logins — The best way to protect yourself, apart from not clicking on these links, is to create strong passwords that are difficult to hack. Passwords should be a minimum of twelve characters long with a random mixture of lowercase and capital letters as well as numbers and special characters. Using password managers can be a great help here.
Users need to activate two-factor authentication (2FA). This means that when you sign in, your email account will send a text message to verify it’s you. Users would have to possess both the password and the registered cellphone to be able to log in. (Even better, set up 2FA to use an authenticator app such as Google Authenticator.) Finally, limit the number of login attempts before the computer locks you out of the account until the administrator resets it. This will prevent brute force attacks that try to randomly guess the password.
Strengthening Web Browsers
Many people think that the web browser they’re using is “as is” and there’s nothing that can be done to tweak or tighten security. This is erroneous and security on these programs can be tightened as well.
- Saving logins — It’s very convenient to have a web browser like Google Chrome to remember your login information. But some companies are actually experiencing physical hacks of their computer systems by having intruders enter their building to login from a company computer. If your username and passwords are saved on your browser, you are literally handing your company server and your information over to the hackers.
- Browser extensions — Browsers can also have extensions added to them to make them more secure. The HTTPS Everywhere extension can allow you to fully encrypt your data if the website you’re visiting supports https connections. There are also a variety of browser extensions that can do everything from blocking pop-up ads that may contain malicious code to blocking tracking on websites you visit.
Remember to Stay Alert and Vigilant Against Hackers
As you go about your day to day work schedule, it’s important to remember certain security protocols that can keep both your data and that of your company safe from hackers. By being proactive and taking time to tweak your Internet browser, you can ensure your work can continue unimpeded.
INSUREtrust is committed to keeping you digitally safe. To learn even more about the details of preparing your company for a cyber-attack, download our free Incident Response Plan Guide. Have questions? Contact us for a free consultation.