The majority of Internet security risk factors for the back-to-school-gang can be controlled with the right online tools, the right attitude (a willingness to learn and apply the necessary strategies) and the desire to become proactive versus reactive.
1. Weak Passwords
4. Mobile App Risks
5. Unsecured Wi-Fi
The web is often the perfect playground for cybercriminals’ to snare victims. Social media houses the glitter with connections, apps, games and traps. Major search engines feed the curious, but can also circumvent legitimate searches and replace them with offensive content.
1. Weak Passwords
Using the same weak password across multiple sites gives a hacker an entrance to highjack all your online accounts; has the potential to steal bank login information and potentially wipe your bank account out.
A weak password such as 123456, password, abc123, or using your first name or pet’s name as your password is the Achilles heel of online security.
Passwords are your first line of defense against cybercriminals. Create complex passwords for each site (do not share the same password at multiple sites), change them frequently and create accounts at sites that use good encryption.
The weakest link on social media sites is the use of weak (123456) or common passwords (password). If you use passwords that can be traced directly back to you (Example: getcocoon) or use the name of your family pet (Example: cocoonpuppy) – these type of passwords can easily be figured out with a bit of social engineering and access to your Facebook page. Never use passwords that are associated with something that can be traced directly back to you.
How long would an online attacker using a password cracker at 1,000 guesses per second take to figure your password out? Let’s take a look at how effective your password is at GRC:
If your password is 5 characters long and uses:
*Just numbers, the time to “crack” = 1.85 minutes (Example: 12345).
*The full alphabet but doesn’t mix upper and lowercase, the time to “crack” = 3.43 hours (Example: alpha).
*The full alphabet and numbers 0 through 9 but doesn’t mix upper and lowercase, the time to “crack” = 17.28 hours (Example: alp12).
*The full alphabet and numbers with mixed case, time to “crack” = 1.54 weeks (Example: Alp12).
Use a combination of uppercase, lowercase, numbers and symbols
*If we combine the alphabet, numbers, mixed case and use 6 characters instead of 5, the time to “crack” jumps to 1.84 years (Example: Alph12).
*If we go to 8 characters and throw in symbols like # % & *, the time to “crack” jumps to 2.13 thousand centuries (Example: Alph12*!).
2. Privacy : Online Tracking
There are a number of companies that track your movements on the web and sell the information to the highest bidder in real time bidding…
“Already, the web sites you visit reshape themselves before you like a carnivorous school of fish, and this is only the beginning. Right now, a huge chunk of what you’ve ever looked at on the Internet is sitting in databases all across the world. The line separating all that it might say about you, good or bad, is as thin as the letters of your name. If and when that wall breaks down, the numbers may overwhelm the name.” –The Atlantic
Acxiom has a reputation of collecting data better than anyone else. They collect everything including websites, loyalty programs, retail point-of-sale data, self-reported sources, public records, employment drug testing data, background checks, criminal histories, birth records, education data, vehicle identification numbers, driver’s licenses, marriage licenses, and you can bet that they know what you feed your dog too.
Internet users should be informed that there are tools available, such as Cocoon, which give Internet users control of their private information and places a roadblock against online tracking.
Malware, otherwise known as malicious software is created by cybercriminals for the sole purpose of bringing some type of harm to your computer or mobile device. Whether it is used for spying on you, stealing your passwords or personal data, holding your computer or device for ransom, conducting financial theft, or targeting you for membership in a botnet - the final outcome is never intended to be in your favor.
Malware is a blanket term that can include viruses, Trojans, spyware, root kits, adware, worms, key loggers, web hijackers and other malicious scripts. It can be hostile, intrusive, insidious, annoying; or lay dormant for a time.
Malware is no longer a threat that is exclusive to desktop operating systems. The RSA 2012 CYBERCRIME TRENDS REPORT white paper stated that 2011 marked the year of new advanced threats on a global basis. In 2012, cybercriminals are finding new and innovative ways to monetize non-financial data, while hacktivism is on the rise. They predict that “InfoStealers” for the mobile platform will emerge with Trojans that are designed to “keylog touch-screen input and monitor data traffic through the mobile device.”
4. Mobile App Risks
From unregulated practices in mobile advertising to cell tower dumps, our mobile privacy is under constant attack. We’ve come a long way since Martin Cooper’s Dyna-Tac 2.5 lb brick (1973); but in 2012 mobile users are still shaking at the short end of the mobile privacy stick.
Cyber-crooks develop rogue apps to steal private data such as passwords, credit card information and piece together personal information in order to commit identity theft.
A recent study on Mobile Privacy Policies from the Future of Privacy Forum, stated that out of the free apps surveyed, 66 percent had privacy policies, while only 33 percent of the paid apps had privacy policies.
Many mobile apps need advertising in order to continue offering “free” apps. Some ads are invasive and take too much data from a user’s phone or they may install software in the background without user knowledge. Many mobile apps also routinely send data to marketing companies and use the collected data to compile dossiers on mobile phone users.
*Only download apps from well-known and trusted sources.
*If a free app that you like has an upgrade and a no-advertising version is available – purchase it!
Mobile malvertising is another vector for attack. The ads look genuine, but when the user clicks on a malvertised ad they end up at a malicious site that downloads malware to their device.
Aggressive ad networks are much more prevalent than malicious applications. It is the most prevalent mobile privacy issue that exists,” Kevin Mahaffey, Lookout’s technology chief and co-founder, told Reuters in an interview.
5. Unsecured Wi-Fi
Airports, restaurants, coffee shops, businesses, dentists, libraries and even public parks offer public access to Wi-Fi for free. Surfing unsecured hotspots can open your data pipeline to some very unsavory characters. Whether you use it for convenience or because there is no other Internet connection available — the bad guys still have all kinds of tools to gather and steal information from you.
Browsing the Internet with Cocoon will route all of your traffic through our encrypted servers, so prying eyes cannot see it. This is especially valuable on a public WiFi network where man in the middle attacks commonly occur.
The use of Cocoon while surfing Facebook, banking, or shopping on a public network will keep lurking predators from hijacking your private session.
Cocoon’s encrypted tunnel will ensure that viruses and malware never reach your computer. This highly decreases your chances of becoming part of a botnet, having your personal data stolen, or worse. Don’t give cyber criminals the advantage, stay safe and be vigilant.