Top 4 Common Security Threats and Mistakes

Posted on the 31 October 2019 by Anees @ZulfiqarAAnees

In our day to day lives, we make mistakes, but we naturally learn from them, however, in the world of cybersecurity, any small mistake can have grave implications for the victim. With all the advancements in cybersecurity, you’d think our systems would be less prone to penetration from these hackers and security threats, but the reality is that the hacking communities evolve to compensate for the increased sophistication.

No electronic device you connect to the internet is truly safe from hackers, but if all the necessary precautions are taken, it can go a long way in minimising the influence these hackers have over our technology. This can be done by avoiding some of the more common mistakes and security threats out there. You want to do your utmost not to aid these cybercriminals by making common mistakes that they like to exploit.

In this article I intend to highlight the most common security threats and mistakes end users are prone to, because of their lack of understanding and awareness.

4 Common Security Threats and Mistakes

1. Utilising a Weak Passwords

When you sit down and look at some of the more common security mistakes end users make, one of them, probably the first one to enter the list, is the use of a weak password. This is an issue that’s been there since before computers were in circulation, and doesn’t look like it’ll ever truly be stamped out. Most applications, security tools and suites, come with default passwords, but not taking the time to change them, to something more complex, is no different from leaving your front door option, at night, while you sleep. One of the easiest and most effective ways of gaining access to another’s computer is by guessing their password, and it’s always been the first line of attack for hackers.

Fortunately, this situation can be fixed, simply by spreading awareness about the use of complex passwords, and how they can safeguard ones computer system. Today, more and more systems and services are implementing security measures which ensures that end users use complex passwords for access to their accounts.

2. Spyware

Spyware has a way of getting onto peoples systems, and it’s usually through application downloads. It’s usually the freeware and shareware downloads, but you can also pick up infected apps from peer-to-peer file sharing services. Like <a href=””>Google redirect viruses</a>, spyware is capable of compromising sensitive data on your system, but in most cases it’s simply used as a marketing tool. The purpose is for it to gather data about the individual, by monitoring the different things they do, while on the internet; collecting data which can later be sold or used to market products to the victim(s).

3. Phishing

Phishing has been around for some time now, and it’s a technique whereby, a hacker will trick an unsuspecting computer user into downloading a specific attachment or clicking on a link, within an email. This can also extend to social media services and ads, which may come across as legitimate. In most cases, when the end user clicks on one of these links, they are sent to a forged website that looks almost 100% like the original. The end user is then prompted to enter sensitive information into the site, such as their credit card number or social security details, which is then sent to the hackers.

Over the years, hackers have become more and more proficient at creating these phishing sites, making the sites look more and more authentic. They’ve even spent time in perfecting their emails, making them appear like they’re actually sent by the company they’re trying to lure you into giving them information on. An end user may get an email from what appears to be PayPal, then click on the link contained within the email and is taken through to a site that looks a lot like the real thing.

Fortunately, there are measures that can be taken, on your part. End users can be sufficiently trained to be more sceptical about things that they encounter while online. End users should only click on links in emails that have been verified.

For employees, company employers can hire security experts to ensure that each and every employee is aware of the risks. Using not just theory, but also practical test emails, to see whether or not these unsuspecting employees fall prey to it.

4. Rootkits

Rootkits are malicious files like any other, with one major difference, they are very difficult to detect. They are usually activated while an operating system starts up, before the antivirus tool on your system is initialised. Rootkits allows the hacker(s) to install programs onto your system, as well as siphon sensitive information from your computer. There are specialised rootkit detecting tools that you can use to locate and remove these virus types. Thus, it’s recommended that you have at least one security tool installed on your system, with the capabilities of detecting and removing these types of viruses.

About Author

Uchenna Ani-Okoye is a former IT Manager who now runs his own computer support website

Back to Featured Articles on Logo Paperblog