Diamond IT Blog

5 cybersecurity traps to avoid

Written by Samantha Cordell | November 20, 2019

The security of your systems and technology is something that should always be top of mind. There are significant steps you can take to secure your systems, but actually taking the time to understand your systems is one of the most effective tools you can have. If you know how your systems can be breached, you can ensure a higher level of caution and security.

Here are five of the most common cybersecurity traps, and how you can avoid them.

1. You are tricked into installing malicious software

One of the most common ways a system’s security is breached is through downloaded malware. In almost every case where malware is installed, the user was tricked into downloading it.

A common trick used by hackers is planting malware in software hosted on warez and torrent websites. When users visit the site, they are informed that they need to download the software in order for the site to load properly. Once downloaded, the malware infects the system. In other cases, hackers send emails with a malware-infected attachment.

There are an abundance of ways you can be tricked into downloading and installing malware. Luckily, there are steps you can take to avoid this:

  • Never download files from an untrusted location. If you are looking at a website that is asking you to download something, make sure it’s from a company you know and trust. If you are unsure, it’s best to avoid downloading and installing the software.
  • Always look at the name of the file before downloading. A lot of malware is often disguised with names that are similar to legitimate files, with only a slight spelling mistake or some weird wording. If you are unsure about the file, then don’t download it. Instead, contact your IT provider so they can verify its authenticity.
  • Stay away from torrent sites with adult content and video streaming sites. These sites often contain malware, so avoid them altogether.
  • Always scan a file before installing it. Use your antivirus scanner to check downloaded apps before opening them. Most scanners are equipped to do this by right-clicking the file and selecting Scan.

2. Hackers are able to modify the operating system (OS) settings

Many users are logged into their computers as admins. Being an administrator allows you to change all settings, install programs and manage other accounts.

If a hacker manages to access your computer with you as the admin, they will have full access to your computer. This means they could install other malicious software, change settings, or even completely hijack the machine. The biggest worry about this, however, is if a hacker gets access to a computer used to manage the overall network. Should this happen, they could gain control of the entire network and do as they please.

To avoid this, limit the administrator role only to users who need to install applications or change settings on the computer. Beyond this, installing security software like antivirus scanners and keeping them up to date, as well as conducting regular scans, will help reduce the chances of being infected, or seeing infections spread.

3. Someone physically accesses your computer

These days, it seems like almost every security threat is trying to infect your IT infrastructure from the outside. However, there are many times when malware is introduced into systems, or data is stolen, because someone has physically accessed your systems.

Let’s say you leave your computer unlocked when you go for lunch and someone walks up to it, plugs in a malware-infected USB drive, and physically infects your system. They could also access your system and manually reset the password, thereby locking you out and giving them access.

Secure yourself by setting up a password to control access to your computer. You should also lock, turn off, or log off from your computer whenever you step away from it.

Beyond that, disable drives like CD/DVD and connections like USB if you don’t use them. This will limit the chances of anyone using these removable media to infect your computer.

4. Someone from within the company infects the system

We’ve seen a number of infections and security breaches that were carried out by a disgruntled employee. They could delete essential data, or remove it from the system completely. Some have even gone so far as to introduce highly destructive malware. The most effective way to prevent this, aside from ensuring your employees are happy, is to limit access to systems.

Your employees don’t need access to everything, so re-examine what your employees have access to and make the necessary adjustments. For example, you may find that people in marketing have access to finance files or even admin panels. Revoke unnecessary access rights and ensure that employees only have access to the files they need.

5. Your password is compromised

Your password is the main way you can verify and access your accounts and systems. The issue is, many people have weak passwords. With the steady increase in the number of stolen user account data, it could only be a matter of time before they can crack your password and compromise your account.

To add insult to injury, many people use the same password for multiple accounts, which could lead to a massive breach. Therefore, you should use strong and different passwords for your accounts.

To further enhance your password security, utilise multifactor authentication (MFA), which uses more than one method of verifying a user’s identity, such as a fingerprint or a one-time code.

If you are looking to learn more about securing your systems, contact us today to learn how our services can help.

Call us for security advice

Decisions from the critical to the mundane can be challenging if you're not able to keep up with the latest in cybersecurity. Our Business Technology Managers (BTMs) are your guide to making the best of security decisions with your technology budget.

If you need our assistance, call us on 1300 307 907 or contact us via the form below.

 

 

Published with permission from TechAdvisory.org.