Everything we do online is based on trust, we trust the cloud provider, the search engine, the software developers and the online stores. We give them personal and financial information, ranging from our pets names and first schools, to our credit cards and bank details. So, as a result it is very easy for the criminals to abuse that trust, because the opportunities to do so seem endless. All it takes is one untrustworthy person in the whole chain of events or one person with the necessary privileges to be tricked into creating a gap, opening the door so to speak for the criminals.
The criminals even pose as legitimate companies or specialists, pay to be high in the search engine rankings and like a Venus fly trap, wait for you to make contact. They entice us with ‘too good to be true’ special offers, play on our fears with unfounded warnings and like any good con artist, manipulate the situation where we think they are helping us or doing us a favour. Most of the time in the online world, this means that they need you to install something on your computer, click something, visit a certain website or just simply ask you for your password to get that foothold that they want. From then on, one of the biggest problems with being an online ‘victim’ is not actually knowing that you have become a victim, unless they make it loud and clear with a demand for money.
This is where adopting a mindset of zero-trust can help. Assume everyone is untrustworthy, until you are happy with the risks. So, if someone that you do not know calls, emails or texts you, and informs you that you have a problem, do not initially trust them. They may have some ‘truths’ they give you to validate themselves, like your username or password, but that may have been harvested from an online data breach dump. Question everything and most importantly never install software on your computers that someone has conveniently given you to help with the ‘crisis’ they’ve informed you about.
Read more practical, no-nonsense advice in Nick Ioannou’s book, A Practical Guide to Cyber Security for Small Businesses.
About the Author:
Nick Ioannou is an IT professional, blogger, author and public speaker on cloud and security issues, with over 20 years’ corporate experience, including 15 years using cloud/hosted software as a service (SaaS) systems.
He started blogging in 2012 on free IT resources (http://nick-ioannou.com) currently with over 400+ posts. Author of Internet Security Fundamentals, contributing author of two books Managing Cybersecurity Risk and the recently published Conquer The Web.
More free security advice and resources and information on how to contact Nick can be found at www.booleanlogical.com