I was reading an article in an On-line PC Magazine where certain companies stage Mock Phishing Attacks in order to monitor how their staff react. It appears that no matter how many security systems companies have in place such as your PC and Mobile devices being securely locked down with a strong complex password when not in use, a cross-device security tool in order to block unwanted traffic on both your PC and Mobile device as well as protecting your sensitive data. There appears to be one weak link irrespective of how good all the security measures are, and unfortunately the Achilles Heel is YOU.
We go to great lengths to physically protect our home with security gates and burglar bars that are strong and sturdy which almost guaranteed once installed to keep burglars OUT and our property securely and safely protected. Some additional security can be included such as electronic beams and alarm systems which will be set off whenever an unwanted intruder try’s to enter our home without our approval.
In both situations the potential intruders will try different methods in order to gain your trust with the aim of obtaining your approval in order to gain access to either your property or your PC and Mobile systems. These criminals are continuously looking for different ways to illegally obtain your possessions, whether they are physical or personal. In both situations we need to be aware that this can and does happen and that we need to be more diligent in who and what we trust.
We need to remember that we are in general the weakest link when it comes to digital security.The tools that we and our companies have in place can guard against known threats and can even identify and block suspicious activity from many unknown threats. But if we click on a malicious link in a phishing scam email, then our security tools are more likely to view the activity as legitimate because we were the ones to initiated it. If you open an attachment from an email that claims to be from the Bank or any other trusted source, and fill in sensitive, personal information as requested, there is little these security tools can do to protect us.
This might sound odd to compare Football Players to Cyber-Criminals as you would be correct in assuming that they are very different people. In truth they have nothing in common.
Where there is a common element is that there are times where they are both doing something in order to influence a third party to make a decision/s that will benefit them. Lets look at a couple of different examples and the benefits to the influencer.
The primary purpose of the tackle is to dispossess the opponent of the ball, to prevent the opponent from gaining ground or to stop them from carrying out what they intended.
How often do we see a footballer deliberately make a tackle look a lot worse than it really is, a term oft used is to “dive”. The purpose behind this action is to try and influence the referee to award him a penalty (if he has taken a “dive” in the penalty area) or get a free kick and or to get the referee to penalise the offending player further by giving him either a yellow or a red card.
A Cyber-Criminal’s purpose when sending you an email either trying to get you to send him your personal information or pointing you to a false web site with the same goal and that is to try and find ways to obtain as much personal information about you with the intention of using this information for devious means.
The methods and intentions are different, as are the outcomes and end results are used differently. The Footballer wants to create an unfair advantage in order to score goals and to ultimately win the game. The Cyber-Criminal wants to capture your personal information for illegal means and financial gains.
I recently came across an article that was reflecting on the very first IBM PC and thought that it might be of interest. If IBM had never developed the Personal Computer and we had continued to work with mainframes would we be experiencing the current Phishing and Malware attacks today? We can never answer this question but I am sure that the Cyber – Criminals would still be trying to “steal” our personal information in some form or another.
Here is some text from the original article:
“The system has much to commend it, both for serious and fun applications, since it can grow from a fairly expensive cassette-based configuration to a full-blown twin disk/colour graphics machine that offers the competition a fair run for its money. It almost goes without saying that the computer is well made, keeping up IBM’s legendary reputation for quality.”
IBM kept their plans to launch a personal computer very quiet and swore key people and companies to secrecy. Microsoft were very involved from the very beginning and initially the PC was only sold in the US. At the time IBM were not able to comment on whether or not the PC would be sold in Britain.
IBM also mentioned that “the whole design is very pleasing and all the parts clearly belong together. Everything is designed with a first-time user in mind. IBM has gone overboard to make the system as easy as possible to configure and use.”
The author made some final comments mentioning that this was probably the most professionally put-together system that they had ever seen. the only thing that they felt was missing was a wide selection of packages but they felt that the whole world and it’s grandmother would be frantically trying to fill that gap.
We have certainly come a long way since 1981 what with Smart Phones and Tablets being all the current rage and we are more and more reliant on these products for our day to day lives.
Small Business are just as susceptible to on-line piracy, phishing scams and identity theft as are the larger firms.
Smaller businesses do not always believe that their key information such as bank data, customer lists, contracts and any other vital information is at risk. The threats to these businesses (and the general public in general) are very real, and it is therefore important to obtain and install great security software in order to protect this key data. As a result it is necessary to create and implement security policies that manage and control what your staff are allowed to download. It is also important to create an awareness of fraud pertaining to social media.
One of the main areas of concern is key logging and it is important that whatever software is installed includes keystroke logging software.
It is important that choose the correct software when considering what software to install in order to prevent the cyber-criminals from obtaining data such as user names/passwords, credit card/bank account details and any other identity based or sensitive data entered into a web based application. A solution such as Entry Protect prevents identity theft and theft of important data whilst at the same time being completely invisible to the user and as a result no user education is required.
Entry Protect protects both login details and any other personal data that is entered when a user is working with a web based application.
The surge in Malware targeted at Android devices has surpassed the Google Operating Systems rise in market share, according to the findings of a new report from Total Defense, a Malware detection and anti-crime ware specialist. The “2011 Internet Security Threat Intelligence Report” reveals that in total, more than 25 times more Android Malware was identified in 2011 than in 2010.
The Total Defense research team suggested that major platform vendors can do more to improve mobile operating system security.
“This past year can be viewed as the year of Android Malware with more than 9,000 escalations, clearly illustrating the exponential growth of threats targeting this platform,” said Paul Lipman, CEO at Total Defense. “The rise of Android Malware opens up an interesting debate about security architecture and the merits of Open versus Closed Systems. While users have the ability to install and code from anywhere, the problem is that criminals see this as an advantage too.”
“The Malware landscape is changing at a rapid pace with cyber-criminals producing new Malware variants at a exponential rate,” said Lipman. “The proliferation of consumer digital devices for convenient internet access, coupled with our global socio economic climate, continues to serve up the perfect store for on-line criminal activity.