Bad guys on the internet are an increasing population. Many nefarious characters scheme to rip off big companies. In 2017 alone we have seen data breaches at government agencies, telecommunications companies, hotel chains and retailers. But attacks against individual PCs, whether personal machines at home or assigned computers at the office, are on the rise as well. What, then, can individuals do to protect themselves against the bad actors of the internet?
First, let’s try to understand the criminal mindset of those who target individuals versus those who target large businesses or government agencies. The large organization is typically targeted as part of a longer, more drawn-out scheme that could take weeks or even months to pay off.
Large amounts of data, often including personal and financial information of the target organization’s clients and staff, is stolen. Such data is then sold off, or used by the crooks themselves, in a mass effort to generate large profits.
Penetration is typically through the target’s internet connection, and prevention of such large incursions is usually the responsibility of the target organization’s information technology department.
Individuals, on the other hand, are typically targeted for a quick hit. This is often done via a scheme known as phishing. Phishing first surfaced in the early 2000s, and bad guys have gotten really good at it since that time. “Successful” phishing schemes combine publicly available information, social engineering and reliance upon a not-so-diligent user. The nature of such a scheme makes it virtually immune to contemporary spam, virus and malware filters.
For example, the target is sent an email purportedly from his/her bank, seeking clarification of an account number. The sending email address is cleverly faked, such as substituting the number “1” for the letter “l.” Once the crook gets your info, your bank account is emptied.
We also see phishing targeting individuals in a corporate setting as well. The most common scheme utilizes the same fake email address method but also combines other information to make it more believable.
For example, criminals identify the chief financial officer and controller in an organization, and craft an email purportedly from the boss advising a wire transfer. Oftentimes the bad guys can even go so far as to figure out patterns of wire transfers from the target organization, making the request seem even more authentic.
Ransomware also targets individuals but often crosses over to the corporate side, depending on its success level. Ransomware typically comes in via email, often with a fake email address, and tries to trick the recipient into opening an attachment. Once infected, data on all attached hard drives, including network hard drives, is encrypted. As such, an individual connected to a corporate network could then cause data stored on servers to be encrypted as well. A ransom is demanded to decrypt the data.
Purveyors of ransomware often set the price of the ransom to be commensurate with whatever the target can afford. Anecdotal evidence suggests that individuals at home have a ransom of a few hundred dollars. Infected corporations have been said to pay tens of thousands of dollars.
What does this tell us? Be extremely wary of any emails talking about money, bank accounts or other financial information. Even if it seems to make sense, if it involves money, double-check the email addresses.
Don’t hesitate to take extra precautions, such as calling the sender. Apply the same caution to opening attachments. In this day and age of expected immediate response, a few minutes to be safe will go a long way.
John Agsalud is an IT expert with more than 25 years of information technology experience. Reach him at jagsalud@live.com.
