I may have had a near panic attack last week when I thought someone had successfully hacked into my email. Especially as I consider myself pretty aware of most forms of cyber attack. As mentioned in my July recap, I was even going to do a post on Cyber Security. I get a lot of scam emails. And no, not just those ones from people who wish to give me a million dollars. But more phishing emails which seem very credible and appear to come from trusted persons/ organisations.
I’d just left the pub where my colleagues and I met up for drinks (and in usual fashion had a glass of white wine) when I got an email from ‘Microsoft’ notifying me that an attempt had been made to access my email from another device. they advised I log into my email to see details. No guys, this wasn’t even the wine acting, but I actually clicked on the link and put in my email address, before a light bulb went off in my head.
Thankfully I hadn’t put in my password. But I was still so freaked out. I rang the husband immediately and asked him to sign into my account and change my password (See why you should be okay with sharing passwords?). I don’t think any damage was done because I didn’t actually enter my password. But the day my day accounts get hacked. Not just emails, but bank details. And such attacks won’t stop anytime soon, because it appears that a single bank account number could be sold on for up to $400 on the US black market. And every second, 350 billion sophisticated attempts are made to hack online information. Yep, you read right. 350 billion per second.
We need to be extra careful. Let’s briefly talk about the different kinds of social engineering cyber attacks and then the top tips you need to know.
This pretty much what happened to me. It’s a type of social engineering cyber attack that relies on email messaging. It appears to be from a legitimate sender and requests you to take
This is slightly different from phishing as it appears to be from a familiar sender and contains specific content which seems reasonable. An example will be if my friend’s email gets hacked and the hacker sends
This is used to describe
To avoid being a victim of these scams, here are some top tips:
Reports suggest that it could take a sophisticated hacker less than 6 hours to hack a six-letter password. Believe it or not, the most common password is still “password”. A smart password attempts to strike a balance between being easy to remember and hard to guess. Names of the children, spouses and birthdays are often commonly used and should be avoided. Generally, a passphrase is a preferred option. It has personal meaning and could be from the lyrics of a song or a movie. Use of special characters is often advised. A passphrase like “don’t worry be
Even if it appears to come from a legitimate sender like Microsoft, Dropbox or your
3. If the email asks you to click a link, hover across the link first to see the address and check if it looks legitimate. I’ll admit that sometimes these hackers get a bit tricky, and I’ve seen fraudulent mails appear a bit convincing like ‘firstname.lastname@example.org’.
4. If you’re asked to click a website, avoid clicking it directly via your device. Instead, use a search engine or your browser to find the website. Also avoid replying directly to such emails, but open a new email and type a reply, if you must.
5. If possible, scan all attachments for viruses before opening.
6. Avoid as much as possible using unsecured connections / hot spots. These are connections which don’t request a password and are found in a lot of restaurants and airports. If you must use these, please avoid conducting any sensitive transactions on such connections.
7. When travelling, it’s advisable to put your electronic devices in your carry on hand luggage and not in your checked baggage.
That’s all folks. Stay safe online and I hope this is helpful. Please don’t forget to share!
Do you get such phishing / smishing messages. Had any bad experience or any tips to add. Are you one of those whose password is ‘password’? Share with us!
pS: Just before I posted this, someone on Twitter posted a phishing email he just received supposedly from his bank, asking him to click a link. Thankfully he checked the sender. Are you on Twitter? It’s becoming my fave social media account. Lets connect on there? Please comment leaving your handle or add me up: @KacheeTee