Protecting Yourself

How to protect yourself from cyber security attacks

Cyber security attacks are common, and cause significant harm and disruption to a large number of businesses and individuals each year. As a result, everyone should be aware of the main cyber security threats, and the steps they need to take to protect themselves from cyber attacks.

In this article, we will look at some of the measures that an individual can take to protect themselves and the organisation they work for from experiencing a cyber attack. Before we do, it is important to note that the list of measures discussed in this article is not exhaustive, and that high-risk individuals and organisations may require additional measures not mentioned here.

Use strong passwords

One of the main tasks that you can do to protect yourself is to use strong and unique passwords for every online service you use. Having a different password for each online account ensures that if one account is compromised and the password obtained, all other accounts will remain safe.

Using separate passwords is especially important for certain accounts, including email, banking and social media accounts, which can contain sensitive information.

One good way of creating strong and memorable passwords is to use a series of random words. For example, DesolateWalnutJargon is highly likely to be unique, making it harder for an attacker to guess, while also being easier to remember than a random selection of characters.

This password can also be improved by adding numbers and symbols to make it longer and more difficult to crack.

Good password

Use a password manager

Using a password manager is another way of ensuring that you are using strong and unique passwords. These managers can be used to create strong passwords, store passwords and credit card information, and alert users to fake websites that may be attempting to steal their login information.

There are several reputable password managers available, such as 1Password and Bitwarden. Most browsers, including Google Chrome, Safari and Microsoft Edge, also have a password manager built in, and can sync passwords between devices to make accessing them easier and protect them in the event that a device is lost or stolen.

Use two-factor authentication

Two-factor authentication requires you to submit additional information in order to access your account. For example, a service may send a text message containing a code to your phone that must be inputted after your password.

Using two-factor authentication is a good cyber security measure because it prevents attackers from gaining access to an account, even if they have the password. It also provides an early warning that the password for an account has been compromised.

Most online banking services use two-factor authentication by default. It is also possible to enable two-factor authentication on most common email and social media accounts, including Gmail, Yahoo, Outlook, Facebook, Instagram and Twitter.

Two-factor authentication

Understand phishing

A significant number of cyber attacks involve a form of social engineering known as phishing. For this reason, it is incredibly important that you are able to identify and avoid phishing attacks and emails. Some of the most common signs of a phishing email include:

  • Sender: The name of the sender can easily be spoofed, so it is important to look at the full address that an email came from and ensure that it is coming from an address that you recognise.
  • Spelling and grammar: Many phishing emails are run through machine translation services so that they can be used to target users in a range of countries. These services are not always accurate and will create spelling and grammar errors that would not be present in a legitimate email. These emails may also use generic and unusual greetings, such as ‘Hi Customer’, instead of the user’s name.
  • Deliberate mistakes: In some cases, phishing emails will contain deliberate mistakes that internet-savvy people will spot easily. These mistakes are used by attackers to help them target those that are less familiar with the internet and are more likely to fall for a scam.
  • Links and attachments: Phishing emails usually contain some form of link or email attachment that is used to take the user to a malicious website or deliver malware to their computer. Attachments should only be opened if the sender is legitimate, and all links should be checked before they are opened to ensure that they point to a safe address.
  • Urgency: Some phishing emails will try to create a sense of urgency by saying that a request must be completed immediately, or by claiming that an account will be permanently frozen unless immediate action is taken.

Use security software

Antivirus software and firewalls are both used to detect malicious software and prevent cyber attacks from compromising a device. They do this in a number of ways, including:

  • Scanning a system for known malware attacks and other cyber threats, such as viruses or ransomware attacks.
  • Preventing a device from connecting to malicious websites.
  • Analysing applications to identify suspicious behaviour and potential threats.

Use public Wi-Fi safely

Those that operate public Wi-Fi networks can view information about the devices connected to it, including the websites it visits and the information it shares with them. If an attacker is connected to the same Wi-Fi network as your device, or has set up a malicious Wi-Fi network, they may also be able to view your information and steal it using a man in the middle attack.

When using public Wi-Fi, you should consider using a virtual private network (VPN) service to secure your connection. A VPN reroutes and encrypts a user’s traffic so that it cannot be seen by those on the same Wi-Fi network as them, or by those who operate it.

You should also check that the website you are visiting begins with https:// and displays a padlock in the address bar before entering any personal information on it in order to ensure that it is encrypted in transit. This is an important measure to take at all times, but is especially important when using a public Wi-Fi network.

Use safe app sources

Often, malware will pretend to be a different, legitimate application in order to convince users to download it. This means that it is important to be aware of where an application is being downloaded from, and to ensure that this source is legitimate.

The safest places to download applications are from dedicated stores, such as the App Store (on iOS and macOS), the Google Play Store (on Android mobile devices), or the Microsoft Store (on Windows). If an application is being downloaded from a website or other source, care should be taken to ensure that it is legitimate before running or installing it.

For example, Adobe Acrobat Reader DC is a popular piece of software that is used to view PDF documents. It is created by Adobe, and should only ever be downloaded from their website, which is adobe.com.

App sources

Update your devices

Software and operating systems that are out of date will contain known vulnerabilities that attackers can exploit. For this reason, it is important that you keep your devices up to date to ensure that these vulnerabilities cannot be used by attackers to gain access to them.

Most devices have an automatic update feature that will keep them up to date without user input. However, some software updates must be completed manually and, if this is the case, they should be done as soon as possible in order to limit the time a device remains vulnerable.

Backup your data

Backing up data means creating a copy that is then stored on another device or on a cloud storage service. This is important because it ensures that any data that is lost, stolen or corrupted can be recovered quickly, minimising disruption.

Most devices have an automatic backup feature that can be used to ensure that its data is regularly backed up and securely stored. Nowadays, these features usually store data on a cloud storage service by default because they are more readily available than external hard drives or other storage devices that can be unplugged or lost.

At Commodious, we offer a Cyber Security Awareness training course that explores the importance of cyber security, the main threats that individuals and organisations face, and some of the measures that can be taken to protect information systems from cyber attacks. To find out more about this course, use the link below: