The 10 Internet Security Myths You Need to Forget
Myth #1: This can’t happen to me, only important or rich people are targeted.
Boy, if I had a nickel for every time I heard that!
This security myth is named by many security experts security through obscurity.
In other words, it is considered that the internet is such a big place that no one cares about you. And even if someone would try to attack your system, there wouldn’t be too much valuable data to be stolen.
In most cases, the users who embraces this kind of thinking don’t actually want to lose time addressing their system vulnerabilities.
Such wishful thinking often ends with the experience of a cyber attack.
This happens because it’s not about how important you are. It’s nothing personal.
Cyber criminals use automated tools to exploit your system’s vulnerabilities.
And they’ll take anything they can get, from your personal information to your internet-connected system. Yes, even that’s a valuable asset, since they can use it for further malicious actions.
So even if you think that you’re not important or that your personal or financial data is insignificant, a potential identity theft or IT criminal can still exploit the little information discovered about you.
They can relate it to other information taken from multiple sources (hello, social networks) and have a complete picture.
Why risk when there are so many protection mechanisms and tools – some even free – that will keep you safe?
So stop thinking that nobody will attack you and that you’re safe. As long as you have a digital identity, you’re a valuable target.
Myth #2: If I install this security application I’ll be fine.
You can also call this security myth the search for the magic bullet that can solve all your system security.
Users that pay for a security program expect that their system is now bulletproof, just because they installed the purchased program.
This myth represents a false image that was created by the marketing departments.
The PR, marketing or sales people will tell you anything about their product, just to reach their sales target. They’ll create the impression that everything is taken care of just by installing that single program.
The truth is, no security solution is bulletproof. Anyone trying to convince you otherwise is lying.
Putting your trust into one security program that’s supposed to cover your system, your online actions, keep you safe against data and financial stealing malware and other non-traditional attack vectors means that you place too much trust in a single line of defense.
What you need is to think about your system the same way you would imagine a fortress: the treasure in the middle and all the defense walls around it, to keep the enemies at bay.
One by one, you need to build those security walls. Don’t place your trust into a single one.
And more than anything, you need to stay up to date with your security level. Educate yourself and reject false stories that promise total protection by installing a single security program.
Myth #3: I don’t need security software, I don’t access unsafe locations.
How many times didn’t we hear someone saying that they don’t need anti-malware protection, that they’re too smart to fall for the tricks used by cyber crooks?
The truth is, many people believe that simple common sense is enough to stay safe from malware, phishing, identity theft and so on.
And if they’re thinking about spam email attachments or clicking on intrusive pop-up ads, they may be right.
But that’s not the only danger. There are plenty of other malware attacks and vulnerabilities that are not visible.
Cyber attackers are able to exploit safe websites and insert malware into their ads and, further more, into your system.
You can access a safe, perfectly legitimate website that doesn’t even require you to click on something and still get infected.
You can get infected just as much as on a risky, illegal website.
Malicious software and their methods of spreading are in a constant evolution. And just because they can’t be noticed, it doesn’t mean that they’re not there.
To be safe online is quite similar to driving your car. You may have common sense and pay attention to potential dangers, but can you always predict what others around you are doing?
And there’s also the increasing danger posed by financial stealing malware. It’s supposed to stay hidden while collecting precious data from your banking operations, so it could be days, even months until you become aware of its existence.
Do you still believe you don’t need security?
Myth #4: I set a strong and complex password to my account, so I’ll be OK.
Tsk tsk. Don’t count on that.
Yes, it’s strongly recommended that you set a strong password, so don’t skip this essential step.
It should be one that has more than 15 characters, both upper and lower cases, and must contain various numbers and symbols. Set a random one, so it will be even more difficult for someone trying to break it.
But keep in mind that having a strong password is not enough to keep cyber criminals away.
It’s just one of the many security layers that will keep you safe.
Next safety measure that you should check: your password should be unique. Don’t reuse it between accounts, otherwise a cyber crook will have access to all your digital assets, just by breaching one of those accounts.
Afterwards make sure you activate second-factor authentication wherever it’s available. It will work as an extra defensive wall that’s even harder to be knocked down.
However, these long, unique and complex passwords have a major inconvenience: they are hard to remember.
We all have tens of digital accounts, so it’s easy to understand how setting these passwords, changing them constantly and still remembering them can become a burden.
Try not to write them down, not on your PC, not in an email draft, not on some piece of paper that you keep on your desk. This will only increase the risk of unauthorized access to your accounts.
Instead, to make things easier, you can keep them safe (and encrypted) with a password management software such as LastPass. It will also notify you if the passwords you set are too easy or not unique.
Here you can find more tips on how to manage your passwords.
Myth #5: Internet security is expensive.
Our modern generation spends most of its time online. Our activities do not include only socializing with friends on social media networks, but we also work online, shop online, access our bank accounts and so on.
Internet access isn’t just a simple way of losing time and entertaining, it’s an integrated part of our lives.
How difficult is it for a cyber criminal to use the information we provide on our Facebook account and correlate it with data obtained from malicious software that infected our system?
And from that point, how far is the moment when our identity is being used for malicious purposes?
We all hear about cases when someone’s online identity has been stolen and money removed from the banking account. What we don’t hear is that recovering from such attacks takes time, perhaps even years.
And since an attack can occur from any part of the world, the perpetrators are rarely brought to justice.
When you draw the line, you realize that not having a proactive internet security approach is actually more expensive.
With this information in mind, should we still take a chance online?
Here’s a list of more than 50 free tools that will help you enhance your cyber security.
Myth #6: I only open emails from my friends, so I’m safe.
This is a perfectly valid argument. Until you find out that you were tricked and that email just appeared to be from someone you know.
How many of us already received a strange email from a friend or from a work colleague?
It’s not difficult to spoof an email in order to display anyone’s name as being the sender.
For someone who is less trained into detecting suspicious emails, all it takes is one click before getting infected with malware.
Clicking on links or downloading the email attachments that you receive may easily install on your system some dangerous financial stealing malware, that will remain hidden until the cyber crook gets all your information.
Such emails may also appear to be coming from your work colleagues or financial institutions. They can look real enough to trick you into giving away your sensitive information.
We have a comprehensive guide that covers everything you need to know about phishing: how to detect it, how to prevent it, and what you can do in case it’s already too late. Read it, learn it, apply it!
Myth #7: I only download and access information from trusted sources. This keeps me protected.
This is a security myth pretty difficult to break.
Most people think that accessing safe and secure locations (and even downloading from those websites) will keep them safe.
Another common misconception, somehow related, is this one: “It’s on the internet so it must be safe, otherwise it would have been taken down by law enforcement agencies”.
The reality is quite different. Even if we access and download from a trusted source, we are still vulnerable to online dangers.
Illegal websites can be launched overnight and disappear just as quickly, but they can also last for years and not get taken down. So don’t count on the law enforcement agencies, they’re usually overworked and can’t keep up with cyber criminals’ shenanigans.
Malicious software developed by crooks is designed to remain hidden from classical antivirus detection.
To stay safe, you can install a specially designed software that acts in a proactive way, before getting infected and leaking your data to malicious hackers. It offers a layer of security that works complementary to the reactive nature of normal antivirus products.
Myth #8: My social networks are safe places. Friends will be friends.
Are you sure about that?
When a social network becomes popular, you can bet that cyber crooks will be there. They can smell the potential new victims.
Since so many people are easily connected, scammers developed tricks that target these networks.
If online criminals can place malicious content like drive-by downloads and pop-up ads on safe websites, they can do the same with social media accounts.
Another danger encountered on social media accounts is posed by fake profiles and personas created by cyber criminals. These are used to collect personal information about others.
That information might seem irrelevant to you, but it will help them operate identity theft. Therefore, be careful who you add to your list of friends.
Here’s a security guide that exposes how social scams work.
Myth #9. I don’t have important information or sensitive data on my system / email account. Why should I worry?
Sure you do. You’re just not aware of it. Or you don’t consider it valuable.
Didn’t you let your browser remember all your passwords for your online accounts, banking websites and your e-mail address?
Isn’t your email account filled with personal conversations and photos? What about work contracts, invoices, tax forms?
And didn’t you connect it to all your other digital accounts, such as social networks, work accounts, cloud services, banking operations and so on?
You may think that your data is not important, but cyber criminals collect and assemble such information. Later on, they can use it to steal your identity or further sell the information on the dark market.
And even when there is no important data for a potential criminal on your system, they still can use your device in their own malicious purposes.
Are you worried now?
Here’s why cyber criminals want to hack your email and how they can use that information.
Myth #10: In case I get infected, I will see that for sure.
Don’t be so sure about this.
Indeed, this used to be true. In the past, when computers started to run slow and get annoying pop-ups all over the screen, it was a sure sign of infection.
Nowadays, cyber criminals improved their methods. They are more efficient and know how to disguise their attacks. In most cases, users can’t tell if their system is involved in spam campaigns or coordinated DDoS attacks.
Malware is built to be undetectable and untraceable even by antivirus software, in order to retrieve the needed sensitive information. It may be months before you even notice.
Install a good antivirus product against classical attacks and a security program against financial and data stealing malware, stay up to date with the latest security news and don’t forget to back it up!
Conclusion
The main problem with these cybersecurity myths is that they make you drop your guard.
Malicious hackers do what they do by placing themselves in your own shoes. They know that most Internet users show “safe” Internet behaviors. As a result, a lot of effort goes into disguising themselves and their plans as legitimate entities.
The most successful email phishing attacks are those that seem like the genuine thing.
That’s why it’s important for you to always be prepared and not fall into a false sense of security.
Courtesy Heimdall Security