We all read about major corporations suffering data breaches from hackers. In 2023 alone companies such as TopGolf, American Airlines, Reddit, Suzuki, Forever 21, and even the US Department of Transportation had their databases compromised to hackers. It's easy to think that your personal devices or your small business would never attract the attention of hackers as they go for bigger fish. You'd be wrong.
Our personal computers, tablets and phones are extensions of our lives. They hold our most personal data including photos, work documents, text and chat conversations and browser search histories. This makes our devices prime targets for hackers. And why not. They're good at it, and they can do it from half a world away. Understanding how hackers gain access to your devices is crucial. There are ways to protect yourself and the first step is understanding where the threat is coming from.
How Hackers Access Your Devices
Malware or "malicious software" is a broad term for software designed to damage or gain unauthorized access to your device. It comes in various forms but the common ones we will talk about are viruses and spyware.
Viruses are more commonly created to infect computers but can be made to infect smartphones as well. A virus will have a purpose such as corrupting files and causing damage, turning the device into a bot for spamming, or using it's CPU resources for a collective purpose such as Bitcoin mining. Viruses can infect your device a number of ways, but it's usually an action taken by the user, such as:
Opening an infected email attachment. E.g. You get a random email that says, "Here's your receipt for your recent purchase at Home Depot." which you click on because you had not been to Home Depot and you think something is wrong.
Downloading a file from the internet. Usually disguised as a piece of software you wanted or needed but downloaded from a website made to look like a legitimate company that distributes the software.
Clicking on a link in an email, text or direct message. Known as a "phishing scam" the message tries to lure you into clicking the link to see something important such as a tracking number or an article about something urgent.
Spyware is type of malware that is specifically designed to enter your device, gather your data, and forward it to a third party without your consent. However, don't confuse true spyware with common advertising cookies. While advertisers tracking cookies also collect data you may not want advertisers to have, they are not truly malicious in nature. Their purpose is to deliver targeted advertisements and resell your preferences to other marketers. Definitely annoying and intrusive, but not malicious. In contrast, real spyware's sole purpose is to record your activity on the device and gather any information it can, including browsing history with screenshots, user names and passwords, credit card numbers, and more. Anything you do on the device infected with spyware is copied and sent to the third party behind it. This should be a frightening thought because that person can now access everything you have accessed on that device and see much of what you looked at.
Identity Theft
Once your data is compromised by malware, it wont be long before your personal identifying information such as social security number, date of birth, address, etc. are either utilized by the hacker behind the malware, or sold on the dark web to other hackers that specialize in identity theft. This can result in credit cards being established in your name along with leases, loans, etc. While credit card charges and other types of credit can cause a lot of damage, it can typically be corrected over time. Once the identity theft has been reported, new credit can be locked down and then the work begins to notify all financial companies involved. In most cases the victim will not be responsible for these fraudulent accounts, but that can take time. The immediate damage is done. It will take many hours over weeks or even months to make certain there is no lasting impact to your credit score and regain your access to capital.
Extortion/Doxxing
Blackmail and extortion. This may seem over the top, but it's not just in the movies anymore. Hackers are frequently obtaining personal data from smartphones via spyware, and then threatening to make the information public. Sometimes referred to as an extreme form of Doxxing. Hackers access an individual's browsing history, texts, social media use, and photos and then use this as leverage against the victim. Threatening to send any sensitive, incriminating or embarrassing information to the victim's family, friends, work associates. Basically anyone on the victims contact list. This is the threat unless a ransom is deposited to an untraceable cryptocurrency account. The psychological and financial impact can be devastating. Leaving victims feeling isolated and scared. Often afraid to tell others or go to the police for fear of having to explain what personal information is being used against them. This unfortunate situation almost never gets resolved because the victims that pay the extortion fee are almost always revisited by the same, or new, hacker for another ransom. The cycle continues until the victim cannot or will not pay.
Make Yourself a Hard Target
Your first line of defense should be "digital smarts". Teach yourself, and your family to...
NEVER respond to or click on links or attachments if they do not know the sender and the reason it is being sent. Even if you know the person, realize that their account may have been hacked and is now a "bot" sending out malware. You can usually tell by the vague message that comes along with the email or text. Messages like "look who died" Or "look who got in an accident" with a link or attachment.
NEVER download an app or software from a random website or link. Make sure you are in a well known app store, or a website that is a direct extension of a well known software provider.
NEVER trust a email or text message from a bank that is not yours, or ANY bank that asks for your personal or account information.
AVOID using public WIFI. Your much safer using your phone's hotspot.
NEVER use public WIFI to access sensitive data such as your banking information or even to access your email. Public WIFI is NOT secure.
ALWAYS change the passwords to any account you accessed on public WIFI if you had to.
Your second line of defense should be anti-virus/anti spyware software.
Antivirus and antispyware software protect your phone and computer from hackers by using a combination of:
Real-Time Protection: These programs monitor your device in real-time, blocking malware before it can infect the system.
Firewalls: Many antivirus programs include firewalls that control incoming and outgoing network traffic, preventing unauthorized access.
Phishing Protection: They often include features that alert you about suspicious websites or emails that might be phishing attempts.
Detecting and Removing Malware: They scan your device for known malware signatures and behaviors, removing any malicious software found.
Regular Updates: The software is regularly updated to defend against the latest threats.
The cost of antivirus/antispyware software is typically $30 to $50 per year and will often provide up to three licenses for multiple devices.
Your third line of defense is using a Virtual Private Network. A Virtual Private Network (VPN) creates a secure tunnel for your data to travel through the internet. It encrypts your data, making it unreadable to anyone who intercepts it. Additionally, it masks your IP address, hiding your location and browsing activities. Benefits of Using a VPN:
Privacy from Companies and Advertisers: VPNs prevent companies and advertisers from tracking your online behavior.
Protection on Public Wi-Fi Networks: They encrypt your data, keeping it safe from hackers on unsecured Wi-Fi networks.
Accessing Geo-Restricted Content: You can access content restricted to certain countries by connecting to servers in different locations.
A really good VPN provider will include:
Strong Encryption using robust encryption protocols to secure your data.
A No-Logs Policy: They don't track or store your online activities, ensuring your privacy.
A Global Server Network: Allowing you to enjoy fast and secure connections anywhere.
Conclusion
In our interconnected world, cybersecurity is not just a luxury but a necessity. Hackers employ sophisticated methods to access your devices, and the consequences of such breaches can be severe. Using the suggestions and tools listed is a simple yet effective way to protect your digital life. Consider your current online practices and the potential risks, then take the steps to protect yourself and your family. Remember, you don't have to have an impenetrable fortress protecting your devices. There's really no such thing. But if you follow the guidelines shown, you will be 99.9% percent protected because hackers will look for easier targets.
Have questions? That's why were here. We've been in the investigations and data security field for over 25 years. Send us a question and we'll be sure to respond. info@askadetective.com
Comments