Exercise Cyber hygiene to combat security attacks
by Keith Ncube
A user, whether at home or at work, you should be aware of basic online hygiene which will help you protect yourself, your assets and the organisations you work for. There are many ways of practicing cyber hygiene. Some of them include the following:
Password or PIN
Do not share your password or PIN with anyone. Your password should not be predictable simple, for instance, “john123” is an example of a bad and weak password that will make it easy for the hackers to guess. It is recommended that a password must be at least 8 characters and must include special characters and numeric values or numbers. Avoid using your year of birth for example, as your PIN. Desist from using the same password for several of your accounts. Using the same password for your Gmail, Facebook, Instagram leaves you at risk as breach of one account may lead to breach of all the accounts.
Make sure your device (mobile or otherwise) has up to date patches. There is a reason why software has to be updated. If the developer of the software discovers that there are security loopholes in their software, they develop remedies and allow users to download updates. Most people however choose to ignore or totally disable updates, resulting in an increase of their risk exposure. Regular updates are encouraged as this makes it difficult for the bad guys to penetrate your personal device.
People who are cyber-criminals create fictitious accounts on social media platforms and befriend their victims. Their aim would be to manipulate their victims to divulge personal information like date of birth, family life and other sensitive information. They can then either sell the information in the dark web or use the information to guess passwords for your other online accounts. Faced with this, please desist from befriending people you do not know as this may get you into problems.
Phishing emails or SMSs
Security researchers say phishing is the most common method that criminals use to steal sensitive information from victims. Phishing involves emails that falsely claim to be from legitimate sites or people which are used in an attempt to obtain the victim’s personal or account information. The innocent looking email comes with a link or laced attachment such that when “clicked”, it will redirect the user to the attacker’s site and ask for a user’s personal information. Meanwhile, the attacker will be harvesting your credentials for their malicious intentions. It is hygienic to always verify the source of the email before you open or click anything in it.
October 8, 2019