Beware cyber criminals, warns IT expert
Cyber criminals are smarter, better-funded and more numerous than ever, an IT expert has warned.
Caroline Rance, a board member of ISACA Bermuda, encouraged computer users to remain cautious, thereby reducing the risk of cyber attacks.
“In the early days, hackers were mainly interested in showing off,” Ms Rance said.
“Today, hackers are organised and they are found everywhere.”
Attacks can come in multiple forms, she added.
Phishing e-mails see the sender solicit personal information or money transfers, by posing as an institution such as a bank or service provider.
These e-mails are often well-written and researched — a long way from the infamous “Nigerian prince” con of yesteryear, which promised improbable sums of money via poorly-worded e-mails.
And they often work through scare tactics, for instance by telling the recipient that they have an overdue bill which needs paying.
“To be successful, the criminals only need a few people from their target group to respond,” Ms Rance said. Spear-phishing attacks go the extra mile — targeting a specific company or person, the latter usually a high-profile individual such as a celebrity or company CEO.
And our modern-day addiction to social media plays right into the cyber criminal’s hands.
“We as consumers post a lot of our private information on sites like Facebook and Twitter, which makes their research much easier and makes the email more believable,” Ms Rance said.
“Be very careful what you publish, as all information can be used by others — even information that you delete.”
Malware is malicious software which is hidden in either the link or attachment of a phishing e-mail. Once clicked, it can hijack all manner of vital information. It can come in many forms — including ransomware, which encrypts a computer’s hard drive until a ransom is paid, keystroke logging, which registers the user’s sensitive information as they type it, and spyware, which surreptitiously monitors internet use.
Ms Rance urged computer users to stay on guard at all times when checking their e-mails, as well as downloading a trusted antivirus programme.
“First verify that the sender’s e-mail address is correct,” she said, “and if you’re not sure the e-mail is authentic, call the company before you click on the link.”
ISACA Bermuda, the local chapter of the worldwide organisation for IT audit and security professionals, is holding its next TechTalk on Thursday January 28 from 5.30pm.
The talk will take place at the Royal Hamilton Amateur Dinghy Club, and the topic will be “Data Management and Security”.
For further information, see www.isacabermuda.com. To confirm your attendance, e-mail rsvp@isacabermuda.com