I’m savvy about online security, but I almost fell for a new scam. What are the latest online threats I need to know?
Your question concerns every online user. We wanted to answer you, even though others have written about this. The problem is always changing, since scamsters are constantly trying to infiltrate your computer with new threats. Here are the most current scams you may face.
According to cybersecurity researchers, social engineering has now taken over from automated exploits as a method of computer infiltration. Social engineering refers to exploiting the weakest part of the system, which is you. Most threats enter a computer or network via a malicious email attachment or web link that you click on.
While threats are always changing and evolving, the top current method of attack remains the same: letting the user do the work. The internet is awash with phishing scams, enticing the recipient to click a link or open an attachment that will infect your computer with malware.
At the moment, an email from ‘Microsoft account team’ is making the rounds, prompting users to click a link to verify their account, after “unusual activity” was detected. Similar ones could be from fake anti-virus companies, service providers, banks or airlines, warns Content Kite, a content marketing service.
Another method of social engineering is to convince the victim to make a phone call, either to pay for something or divulge personal information. The scammer may ask for your pin or credit card number, by claiming to be a bank representative.
Scams that involve stealing personal information are on the rise. Your data can be sold on to a criminal third party for profit. The worst-case scenario is identity theft, where fraudsters can actually pose as you in the real world.
Fortunately, there is action you can take, if you have been scammed or targeted by one. The FTC has compiled a helpful list that describes ten ways to avoid fraud.
As we have seen, the primary weakness in the online security chain is the user. Users need to exercise more care and be more observant, when dealing with emails and websites. You connect online with something you personally own, a computer or iPhone. The trust and convenience you have will often override safety concerns.
Not using a dated OS or browsers is an important step. Most users still delay or avoid downloading up-to-date security patches. You must have a basic user checklist. Do you recognize the link URL you are about to click? Is it from the source or a different domain name? Does it have a secure website (https) as opposed to open (http only)? Were you expecting that email attachment, and do you know exactly what it is?
There’s a sucker born every minute, P.T. Barnum.
(Jacob Maslow is the founder and editor of Legal Scoops).