7 Cybersecurity Threats That Can Sneak Up on You
There's a certain kind of security threat that catches the headlines—the massive data breach, or the malware that hijacks your computer for a ransom—but it's also important to keep your guard up against some of the lesser-known attacks out there too.
These threats may not have the same high-level profile as an unfixable iOS bug, but they can still do some serious damage as far as your data and privacy goes. Here's what to look out for, and how to make sure you aren't caught out.
Rogue USB Sticks
A small USB stick may not look very dangerous, but these portable drives can carry a major threat—particularly if they've been specially engineered, as some are, to start causing havoc as soon as you plug them in. You should be very, very wary of connecting a USB drive to your computer if you're not absolutely sure where it's from.
Even if the USB stick isn't configured to release some kind of payload as soon as it's attached, it can carry disguised viruses as easily as email attachments—and experiments have shown that we're often far too curious when coming across USB sticks we don't know the origin of, so apply some common sense.
Besides being cautious, the usual rules apply to stay safe against this sort of threat: Keep your computer operating system right up to date, make sure effective security tools are installed, and keep them updated as well. If you're not sure about files on a USB drive, run a virus scan on them before doing anything.
In this fast-paced, hyperconnected age, it's all too easy to forget about all the social media, language-learning, job-finding apps and sites that we've downloaded and used. But every account you leave behind gathering dust is another one that could potentially be hacked into.
As we've previously explained in detail, it's important to take the time to shut down these accounts rather than just uninstalling the associated app from our phones and then forgetting about them. If any of them should then suffer a data breach, for example, your data won't be included if you've scrubbed the account.
It's also worth running a regular audit on the third-party apps and services linked to your main accounts, like dating apps you might have hooked up to Facebook, or email apps connected to your Google account. These give hackers more targets to aim at, which is why you should regularly disconnect and delete the ones you aren't actively using.
Untrusted Browser Extensions
The right browser extensions are able to add useful functionality and features to your daily window on the web, but these add-ons need to be vetted like any other piece of software—after all, they have the privilege of being able to see everything you're doing online if they want to.
Pick the wrong extension and you could find it selling your browsing data, harassing you with pop-up advertising, or installing extra software that you don't actually want. We'd recommend keeping the number of browser extensions you have installed down to a minimum and sticking only with the extensions you know and trust.
Identify safe extensions the same way you would identify safe apps: Look into the background of the developers, check the permissions that they ask for, read up on reviews left by other users, and stick to extensions that are actually useful.
Bogus Online Quizzes
You've probably seen friends and family take quizzes on Facebook to find out which Hogwarts house they'd get into, or which celebrity they're most like, and so on. They may seem like harmless fun—and some are—but they can also be used to harvest personal data that you don't really realize you're giving away.
These quizzes can and have been used to build up more detailed profiles of people and their friends, collecting not just the answers to the quizzes themselves but also other information stored in the linked Facebook accounts. Note too how often these fun quizzes ask for personal data, like the first road you lived on or the name of your pets, which could be used to impersonate you in some way.
Be wary of anything that requests personal information or personal photos from you—like the recently viral FaceApp app—or that requires a connection to one of your social media accounts: Knowing which president you're most like probably isn't worth it.
Leaky Photo Uploads
There's nothing wrong with posting photos to your favourite social channels but think twice about the information that other people can glean from any pictures you make public—particularly the places where you might live and work.
While a lot of apps, like Instagram and Facebook, automatically strip out the location data saved with photos, some, like Google Photos, can keep this data embedded in the file after it's been shared. Plus, whether you keep the original location data with the image, an associated check-in on social media can add the location right back in.
How is this dangerous? Well, information such as knowing where you work or which road you live on can help someone run an identity theft scam, or get past security questions on your online accounts, or visit you in person when you'd rather not see them. The less your public photos say about you, the better.
Smart Home Snooping
Our homes are getting smarter, which gives hackers and malware peddlers a whole new set of devices to try and target—the end result could be doors that don't stay locked or home security camera footage that's viewed by more people than you'd like.
Keeping your smart home secure starts with what you buy: It's a good idea to stick to well-known, established brands with a strong track record in hardware, as much as possible. After that, make sure both your smart home devices and your router—which acts as a gateway to them all—are kept up to date with the latest software. Most reputable smart home devices do this automatically, another good reason to stick with brands you trust.
If your smart home devices and accounts do need passwords, make sure you don't stick with the default. Instead, pick a long and difficult-to-guess password that you aren't using anywhere else, and turn on two-factor authentication, if available, as an extra layer of protection.
Malicious Charging Cables
The standard charging cables that come with your gadgets are designed to power them up, and perhaps sync some music when needed—but specially engineered cables that look very similar can do much more than that.
Take a look at these fake Lightning cables now capable of being mass-produced, cables that look just like the genuine products but which can give hackers remote access to a device once they're plugged in. All that the end-user has to do is use a doctored cable, then agree to "trust this computer," a common alert that's easy to dismiss without a thought.
The fix is to only use the cables that come with your devices, or from reputable sources—something you should do anyway for the well-being of your gadgets. As with USB sticks, don't assume any cable that you find lying around is legit.
source wiredLatest Jobs
-
- Cyber Security Senior Consultant | London | FS
- London
- Apply today
-
London | FS | Cyber Security Senior Consultant We are looking for experienced cyber security consultant with experience helping clients within the financial services industry. The role will include, but not be limited to; Conduct cyber security assessments, develop strategies, and provide advice to clients. Oversee and deliver security improvements projects. Help clients understand and comply with financial sector regulations. Provide insights and thought leadership on emerging trends in cyber security. Current experience within a client facing, cyber consulting role within Financial Services is essential. All the usual badges are nice to have, although not essential- for example; ISO27001, CISSP, CISM etc etc Sponsorship is not available for this role. Applicants must be UK based and able to travel on occasion to client site and the office in London To find out more reach out to me on 07884666351 or chris.holt@dclsearch.com
-
- Senior Penetration Tester - UK - Ability to achieve security clearance.
- United Kingdom
- To attract the right person
-
Senior Penetration tester, who has the ability to achieve security clearance. (Visa sponsorships NOT available - sorry) UK based - remote first - occasional travel. Red teaming experience desirable. The successful person needs to have a history of engaging directly with customers (consultancy experience) technical delivery of penetration tests AND report writing. Limited travel - company operates a remote first approach. Must be living in the UK. Not one of the usual names in the pen testing industry. Looking for someone highly technical but looking to grow and develop their skills. Apply here or Reach out to me on chris.holt@dclsearch.com or 07884666351 All details kept discreet
-
- Cloud Architect- German Speaker
- Hungary
- Upto €48000 per year + bonus + benefits
-
As a Senior Pre-Sales Solutions Architect, you will play a pivotal role in driving our sales success by translating complex technical solutions into compelling proposals that resonate with our clients. You will collaborate closely with our sales teams to understand customer needs, design tailored solutions, and negotiate successful deals. Responsibilities: Solution Design: Develop comprehensive technical solutions that align with customer business objectives and industry best practices. Proposal Development: Create compelling proposals, including requirements gathering questionnaires, presentation materials, and Statements of Work (SOWs). Customer Engagement: Build strong relationships with clients, understanding their technical, business, and commercial requirements. Collaboration: Work closely with sales teams, delivery teams, and third-party partners to ensure successful project execution. Pricing Strategy: Define and deliver pricing strategies that align with customer needs and company objectives. Requirements: Experience in technical pre-sales or sales support roles. Proven track record in designing and delivering successful customer solutions. Strong technical foundation in areas such as VMware, Azure, AWS, cloud computing, and data center technologies. Excellent understanding of sales principles, account management, and negotiation techniques. Ability to explain complex technical concepts clearly and concisely. Experience working in international teams and supporting clients across multiple regions. Fluency in German and English is essential. Benefits: Competitive salary and benefits package Opportunity to work on challenging and rewarding projects Collaborative and supportive work environment Potential for career growth and advancement Please note that this role is focused on supporting German clients, but will also involve global client support as needed.