7 Cybersecurity Threats That Can Sneak Up on You
There's a certain kind of security threat that catches the headlines—the massive data breach, or the malware that hijacks your computer for a ransom—but it's also important to keep your guard up against some of the lesser-known attacks out there too.
These threats may not have the same high-level profile as an unfixable iOS bug, but they can still do some serious damage as far as your data and privacy goes. Here's what to look out for, and how to make sure you aren't caught out.
Rogue USB Sticks
A small USB stick may not look very dangerous, but these portable drives can carry a major threat—particularly if they've been specially engineered, as some are, to start causing havoc as soon as you plug them in. You should be very, very wary of connecting a USB drive to your computer if you're not absolutely sure where it's from.
Even if the USB stick isn't configured to release some kind of payload as soon as it's attached, it can carry disguised viruses as easily as email attachments—and experiments have shown that we're often far too curious when coming across USB sticks we don't know the origin of, so apply some common sense.
Besides being cautious, the usual rules apply to stay safe against this sort of threat: Keep your computer operating system right up to date, make sure effective security tools are installed, and keep them updated as well. If you're not sure about files on a USB drive, run a virus scan on them before doing anything.
In this fast-paced, hyperconnected age, it's all too easy to forget about all the social media, language-learning, job-finding apps and sites that we've downloaded and used. But every account you leave behind gathering dust is another one that could potentially be hacked into.
As we've previously explained in detail, it's important to take the time to shut down these accounts rather than just uninstalling the associated app from our phones and then forgetting about them. If any of them should then suffer a data breach, for example, your data won't be included if you've scrubbed the account.
It's also worth running a regular audit on the third-party apps and services linked to your main accounts, like dating apps you might have hooked up to Facebook, or email apps connected to your Google account. These give hackers more targets to aim at, which is why you should regularly disconnect and delete the ones you aren't actively using.
Untrusted Browser Extensions
The right browser extensions are able to add useful functionality and features to your daily window on the web, but these add-ons need to be vetted like any other piece of software—after all, they have the privilege of being able to see everything you're doing online if they want to.
Pick the wrong extension and you could find it selling your browsing data, harassing you with pop-up advertising, or installing extra software that you don't actually want. We'd recommend keeping the number of browser extensions you have installed down to a minimum and sticking only with the extensions you know and trust.
Identify safe extensions the same way you would identify safe apps: Look into the background of the developers, check the permissions that they ask for, read up on reviews left by other users, and stick to extensions that are actually useful.
Bogus Online Quizzes
You've probably seen friends and family take quizzes on Facebook to find out which Hogwarts house they'd get into, or which celebrity they're most like, and so on. They may seem like harmless fun—and some are—but they can also be used to harvest personal data that you don't really realize you're giving away.
These quizzes can and have been used to build up more detailed profiles of people and their friends, collecting not just the answers to the quizzes themselves but also other information stored in the linked Facebook accounts. Note too how often these fun quizzes ask for personal data, like the first road you lived on or the name of your pets, which could be used to impersonate you in some way.
Be wary of anything that requests personal information or personal photos from you—like the recently viral FaceApp app—or that requires a connection to one of your social media accounts: Knowing which president you're most like probably isn't worth it.
Leaky Photo Uploads
There's nothing wrong with posting photos to your favourite social channels but think twice about the information that other people can glean from any pictures you make public—particularly the places where you might live and work.
While a lot of apps, like Instagram and Facebook, automatically strip out the location data saved with photos, some, like Google Photos, can keep this data embedded in the file after it's been shared. Plus, whether you keep the original location data with the image, an associated check-in on social media can add the location right back in.
How is this dangerous? Well, information such as knowing where you work or which road you live on can help someone run an identity theft scam, or get past security questions on your online accounts, or visit you in person when you'd rather not see them. The less your public photos say about you, the better.
Smart Home Snooping
Our homes are getting smarter, which gives hackers and malware peddlers a whole new set of devices to try and target—the end result could be doors that don't stay locked or home security camera footage that's viewed by more people than you'd like.
Keeping your smart home secure starts with what you buy: It's a good idea to stick to well-known, established brands with a strong track record in hardware, as much as possible. After that, make sure both your smart home devices and your router—which acts as a gateway to them all—are kept up to date with the latest software. Most reputable smart home devices do this automatically, another good reason to stick with brands you trust.
If your smart home devices and accounts do need passwords, make sure you don't stick with the default. Instead, pick a long and difficult-to-guess password that you aren't using anywhere else, and turn on two-factor authentication, if available, as an extra layer of protection.
Malicious Charging Cables
The standard charging cables that come with your gadgets are designed to power them up, and perhaps sync some music when needed—but specially engineered cables that look very similar can do much more than that.
Take a look at these fake Lightning cables now capable of being mass-produced, cables that look just like the genuine products but which can give hackers remote access to a device once they're plugged in. All that the end-user has to do is use a doctored cable, then agree to "trust this computer," a common alert that's easy to dismiss without a thought.
The fix is to only use the cables that come with your devices, or from reputable sources—something you should do anyway for the well-being of your gadgets. As with USB sticks, don't assume any cable that you find lying around is legit.
source wiredIndustry: Cyber Security
Latest Jobs
-
- Senior Presales Consultant | Managed Security Services | London
- London
- N/A
-
Senior Presales Consultant – Managed Security Services Location: London-commutable (Hybrid) A well-established cyber consultancy is seeking a Senior Presales Consultant to drive growth across its managed security services / advisory portfolio. This hybrid role bridges commercial and technical expertise supporting solution design, shaping customer proposals, and guiding conversations from scoping through to delivery. Key experience: Background in managed security services, including SOC operations and threat detection Strong knowledge of cloud and on-prem security tooling (SIEM, EDR, IAM) Penetration testing Proven ability to translate technical concepts into clear business value Confident in customer-facing engagements and pre-sales delivery Experience contributing to bids, proposals, and RFI/RFP responses To find out more contact me on 07884666351 Visa sponsorship is unfortunately not available for this role.
-
- Senior SOC Engineer - Microsoft | Splunk. Permanent. London
- London
- N/A
-
Senior SOC Engineer – Hybrid London Type: Full-Time A well-established cyber security provider is seeking a Senior SOC Engineer to strengthen its managed services function. This role is ideal for someone with a strong operational background in SIEM and EDR tools who can confidently lead customer onboarding, fine-tune detection strategies, and act as a senior point of contact for technical escalations. You will need to be SC clearable. Bonus points if you have SC clearance currently. You will be responsible for ensuring smooth integration of new clients into the service, optimising alerting capabilities and delivering meaningful outcomes during investigations. This is a hands-on position, working closely with internal teams and external stakeholders to maintain robust security operations across multiple environments. Prior experience in a cyber-focused MSP or MSSP Strong hands-on capability with platforms such as Microsoft Sentinel, Defender for Endpoint, or similar Proficiency in scripting and query languages such as KQL or PowerShell Knowledge of detection logic, investigation workflows, and cloud-based infrastructure Confident communicator with strong documentation and reporting skills Apply today for more information.