Cybersecurity is a never-ending fight. New threats are always emerging, and with that, the need to stay informed on scams and malware is an ongoing process. In this cybersecurity guide, I’ll try to cover the most common kinds; providing simple solutions to them.
The year 2020 has become a distressing period for all in the wake of the Coronavirus (COVID-19) pandemic. The world is not just under the strain of a biological threat, but online threats have also emerged. Phishing scams are taking advantage of the panic and targeting people online.
As countries around the world observe lockdown – pushing people indoors and under the refuge of the internet – the scams and malware have access to more people than ever before.
What makes the new phishing scams worse is that they are much likely to succeed due to mass paranoia and the urge to stay updated on the health crisis. So, I’ll make it a point to discuss it further in the guide, showing you what cybersecurity measures to take in order to stay protected against them.
First, before moving on with the rest of the guide, let’s go through common threats to cybersecurity, and maybe clear a few misconceptions along the way.
What is Malware
Malware is an aggregation of two words Malicious Software. It’s an umbrella term for all computer programs that are intended to infect a system and cause harm in one way or the other. The delivery, the process of infection, or the time it takes for the malware to start causing noticeable performance degradation might differ, but malware has only one purpose: cause harm.
Malware exploits vulnerabilities in programs, web browsers, or the operating system. Phishing scams are the most common way malware enters your system. Hence, malware enters because we allow it – most of the time anyway.
There are several types of malware out there; each category witnesses new additions, and 2020 will be no different. Some malware have sub-categories based on distinguishing features but follow a similar pattern in the abstract. As you’ll learn in the blog, some malware may become carriers for other types of malware.
Virus
Contrary to popular belief, a virus is a type of malware and not the other way around. If you’ve gone through multiple cybersecurity guides, you might’ve noticed how people tend to call every other malicious program as a virus, but that’s not the case. A virus has different behavior.
It attaches itself to programs and files and executes the malicious code when the program/file runs. The virus spreads to other devices on the computer, including external drives – that’s how you end up with infected USB thumb drives. The virus will alter the functionality of the program/file, preventing access to it. You might end up losing your data if the anti-virus is not capable enough to disinfect the file.
Rootkit
Rootkits are dangerous – especially – because of their stealthy nature. A rootkit malware gives an attacker remote access to your system. It can access, steal, or manipulate data on your storage. A rootkit may be undetectable because it avoids being out for too long.
Rootkits can enter your system through unknown vulnerabilities in a program or the operating system itself. You may find yourself in a situation where reinstalling the operating system is the only way to return things to normal.
The more severe forms of rootkits can hide in the computer hardware’s firmware. A firmware is a set of essential instructions that makes the hardware usable. Once a rootkit has infected firmware or bootloader, you may even have to part with the hardware.
Rootkit’s ability to remain undetected by security programs make them difficult to remove but are not impossible to eliminate.
Worm
Worms share the self-replicating characteristic with viruses, but they are not dependent on the execution of the host program or file. Once a worm infects your system, it will eat resources to reproduce itself and spread to other devices and other computers on the network.
Worms can also carry payloads, which can be thought of as a piece of code that can execute certain actions, such as delete or corrupt files. The payload could be another type of malware, such as ransomware.
Ransomware
It’s regarded as a safe practice to always back up sensitive files. Ransomware will make you follow that practice, and will guide you to the right path of cybersecurity measures.
Ransomware is designed to lock you out of your data in exchange for monetary payment. When ransomware hits your system, it will attack your files and encrypt them. Encryption is the process of scrambling data into cipher-text; the decryption of the data into a readable format requires a password.
The attacker would be happily inclined to give you access in exchange for money that can be in thousands of dollars.
In a more scary thought, what’s stopping the attacker from refusing to unlock the files even after you have paid the ransom?
Trojan
Remember the story of how Greeks infiltrated Troy by using a big wooden horse with Greek soldiers hiding inside? Trojan malware shares the same concept.
Trojans involves social engineering to trick the user into visiting a malicious website or a file. But that’s true for nearly all malware. It could take on the disguise of a legitimate program but is a backdoor for an attacker to your system.
Trojan malware can be thought of as a delivery method for another type of malware. Although it cannot self-replicate, it does not make it any less harmful because the payload it carries may be more dangerous.
Spyware
As the name suggests, spyware is a type of malware that monitors your activities. It works from the shadows and keeps an eye on your browsing history, login credentials, or whatever it is that you are doing on your system.
Spyware infects your system through a backdoor in the hardware or software, or you may inadvertently allow it access through a legitimate program (Trojan). Adware and key-loggers are a type of spyware; the latter record your keystrokes on the input device to catch valuable information, such as what keys you type on a login page.
Adware
Adware intends to bombard ads on your screen with links to malicious content. Have you ever been annoyed by ads while surfing the internet? Now multiply that by ten, and that’s what adware looks like.
It will frequently push ads on your screen even while you are away from the web browser. It will set malicious websites as your homepage and redirect you to other websites.
In the digital world, ads are one of the ways that generate money. Although adware is considered less harmful than other malware, it can learn about your browsing history and deliver targeted ads, thereby letting the advertiser earn money off your vexation.
File-less Malware
I saved the most interesting – and the most dangerous – for the last. Malware is typically an infected file or program sitting on your storage; it consumes some amount of storage space even if it’s in the firmware and just a few kilo-bytes. A File-less Malware is one that loads directly into the system memory and continues to operate there.
Although many of the file-less malware are not completely file-less, there are documented malware that are truly namesake.
File-less malware target vulnerabilities to enter your system, load into system memory, then work under legitimate processes of Windows – such as Windows Power-Shell – to stay under the radar while it carries out an attack. Its ability to blend in with white-listed processes makes it difficult for detection.
What is Phishing?
Phishing is the technique of sending emails that are designed to convince you to click on them. It’s a fraudulent technique that aims to steal valuable information such as login details. Spear Phishing – on the other hand – is more targeted in nature. The attacker involves social engineering to make you believe the email is coming from a trusted source.
Let’s take a scenario. You receive an email from Apple alleging that you have been locked out of your account. Worried about your account’s safety, you click the link in the email, and it brings you to a login page. The page looks convincing, so you enter your credentials in the hope of reactivating the account.
This was a phishing scam designed to steal your credentials. The first step – for you – should have been to check the email address from where the email came. Such login pages are designed to convince you that they are real, and most of them don’t work if you click on anything except the login fields – because that’s the center of attraction. It’s a dead giveaway that something is wrong.
In Spear Phishing, the scammer would don the profile of a trusted face – your coworker, for example – and ask you to send over important documents or wire money for an important project. The success of the scam relies on convincing you with little details that the scammer may have collected through social media.
Coronavirus-related Malware
It’s an unprecedented time for everyone. There’s panic globally, and as more people use the internet to work from home and stay up-to-date on the situation, scammers have developed phishing scams to take advantage of that.
To give you an idea, more than 4000 domains related to coronavirus have been registered since January 2020, according to Check Point’s report.
The Federal Trade Commission (FTC) is actively monitoring new digital threats and revealing them to the masses through its blog. Just this week, the FTC announced that people had suffered a collective loss of $4.77 million, based on more than 7,800 reports from consumers it has received.
Phishing emails are going out that appear to be coming from health organizations. The emails promise to contain the latest information on COVID-19 in the attached file or the link. Once the user downloads the file, the malware gains access to the system.
Another ransomware is attacking users by tricking them into installing an application that allegedly gives you a realtime heatmap of Coronavirus-affected population in the vicinity. After installation, the app will ask for certain permissions, then lock you out of your phone by changing the password. Your data will be held hostage against you until you pay.
Similarly, a banking Trojan named Ginp has been discovered by Kaspersky. The “Coronavirus Finder” webpage alledges to show infected people near you for a price of €0.75. The webpage lets you enter your Credit Card details for the scammer to know.
Malware Affects the Uninitiated
It’s a common observance that older people who are not as familiar with computers, and technology in general, are more likely to fall prey to malware scams. But that does not mean the young generation is entirely out of harm’s way. According to FTC, younger adults lose money more often. Meanwhile, older people – aged 80 and above – reported higher dollar losses.
Social media scams and WhatsApp fake news are prevalent. Although social media scams that ask you to share posts to enter a giveaway are not harmful, some e-stores with exceptionally low prices might deliver you fake goods.
A Simple Cybersecurity Guide to Stay Protected Against Malware
I really cannot stress this enough that protection against malware starts with you. Yes, you can install an anti-virus, but it may not detect everything. It’s why you must always be mindful of what you download and what links you click on.
If you look below, I’ll guide you across very simple cybersecurity measures that you can look into, and adapt to:
Accept trusted sources only
Make it a point to accept attachments from trusted sources only. If you won a lottery, received a reset password link, or a health advisory PDF from “CDC,” then don’t click on the attachments. You don’t need a cybersecurity guide to tell you that.
Emails are the most common way that malware enters a computer or smartphone because not everyone pays attention to the actual URL or the sender’s address. Emails can be engineered to look convincing. A password reset link or an alert that someone tried to access your account, for example.
Don’t fall for giveaways
Social media posts that claim to have awarded hundreds of people with money or free airline tickets are nothing but a way to gain reach. You might see a picture of Bill Gates with a message saying that he has decided to give away X amount of money to 10-20 people.
For starters, Bill Gates is quite a busy man who actively invests his wealth in philanthropic work. Secondly, if such a giveaway did exist, it would be from his official page or another official page with him as the sponsor.
Reddit’s Secret Santa is an example of how Bill Gates reaches out to people.
Hang up on scam calls
Calling you directly is another method a scammer could trick you into giving up personal information. The scammer would impersonate to be from your bank, who wants to verify your credit card number because your account has been frozen. They’ll even guide you through the process without you knowing, and that’s why cybersecurity is so important today.
It’s easy to feel excited hearing that about a free vacation, but don’t let the excitement better of you.
Always verify where the call is coming from. Banks will never call you up and ask for your credit card/personal information.
Don’t Torrent
Torrenting is based on the P2P protocol that’s very useful of sharing large files over the network. And although torrenting is perfectly legal, downloading copyrighted material, such as movies, games and TV Shows are illegal. Such content is protected by copyright laws, and copy infringement can land you hefty fines and even jail time is severe offence.
However, the real reason why I brought up torrents in this cybersecurity guide is because they are swarming with malware. It’s the easiest way for hackers to bait and attack. Malware-ridden files are prevalent on public torrent websites.
Anti-virus comes in handy here. If the downloaded file contains malware, it will be quarantined.
HTTPS
HTTP stands for Hyper-Text Transfer Protocol. It’s a protocol for web communication like POP3 and IMAP are protocols for email. HTTPS is a secure version of it that uses SSL/TLS encryption. It relies on what is called a “handshake” where your browser and the web server exchange session keys and public keys to establish secure communication.
So, whatever you send over the internet is encrypted, and not exposed to any third-party. The receiver then decrypts the received data using its private key.
Ecommerce websites and banks all use HTTPS for secure communication during login and transactions. Most websites today use HTTPS. Whether you are logging into a forum or filling up a contact form, the details remain private to you and the website. It boosts confidence in the website’s ability to keep your data secure and is also seen as a good sign by search engines like Google.
You can check for HTTPS by hovering the cursor over the padlock icon next to the URL address bar in the web browser. The lock denotes a secure channel.
Most websites will redirect you to the HTTPS version if you don’t mention any prefix, but if the website does not, then try adding https:// just before the address to invoke that version.
Use a VPN
There is every reason to use a VPN. For starters, you can bypass restrictions on the internet, and secondly, encryption is a fundamental part of a VPN.
Commercial VPNs have come to rely on AES 128-bit and AES 256-bit encryption. Both offer powerful protection against third-party intrusion. It’s useful – especially – on unsecured networks like public Wi-Fi. Man-in-the-Middle refers to a type of attack where a third-party can sniff the data packets flowing over the air between the user’s device and the Wi-Fi access point.
VPN also hides your browsing history from the ISP and data retention. Once you establish a connection, internet traffic passes through the ISP but encrypted. Hence, the websites you visit is unknown to the ISP. It can only see that you have requested the data packet to be delivered to a location in the US, for example. From there, the VPN will unwrap the request and deliver it to the intended web server. Additionally, installing a VPN Windows on your devices further enhances this security, ensuring that your online activities remain private across different platforms and devices.
Also, note that the web server receives the request from the VPN server, not from you directly. That is how you achieve anonymity and bypass geo-restriction and censorship.
You can check out our reviews the top VPN services and decide. Here’s a quick comparison.
Invest in an Anti-Virus
A computer without an anti-virus is an open invitation for malware. Windows Defender can only do so little; it’s not robust enough to catch all types of malware. Because of that, anti-virus is a must.
I understand that it’s an investment of $40 or more, but the security you get in return is something you can easily justify. It’s a cost that will continue to give protection for years and receive updates throughout. Buy one during a sale and it will shave off a few more bucks off the cost.
Anti-virus firms have research teams that are always on the lookout to identify new threats and move forward quickly to push an update. This is something you cannot expect from Windows’ built-in malware protection, not to the same degree, at least.
A robust anti-virus is capable of identifying every malware we have discussed – and more. It will scan webpages and emails for any malicious links. External drives will be automatically scanned upon insertion, and threats will get quarantined before they enter your system. A quick scan during bootup will root out malicious code that executes.
Conclusion
With all that said, it comes down to where I started; cybersecurity is a never-ending process, hence a guide is just a start. Just take the example of the recent coronavirus-related scams.
Enterprise domain is one domain where the cost of attacks can accumulate damage worth in millions. It’s a long and arduous process but one that ultimately ensures that each employee holds the knowledge to identify phishing attempts, which then builds the foundation of an infrastructure that encompasses several layers of security.
Leave a Reply