Latest  Cyber Trends: How to Keep One Step Ahead of the Hackers

Posted by Rebecca Prince on March 7, 2017

Security Blog Header.png

Technology.  On good days, it makes our lives easier and connects us to friends and family.  On bad days...  It can quite literally cost us everything in our bank account.  There are many ways cybercriminals intrude upon our lives, and it’s up to us to learn what we can do to prevent it.

So, we turned to the experts at Stickley on Security.  In this blog, CEO Jim Stickley shares about some of the newest ways hackers are attempting to steal your personal information.

Typosquatting is becoming more prevalent all the time. This happens when someone sets up website that looks like a real one. The catch is that there is only one character off in the address. Stickley gives the example of using a site he created for a Today Show segment, www.todayshow.com. He replaced the “d” with an “s.” They are only one character off on the keyboard, which makes it an easy mistake. When the site comes up, it does indeed look just like the actual Today Show website at www.today.com; except for a warning that pops up, then turns the screen blue.

Many would panic and the cybercriminals know this. That’s why they conveniently put a phone number on that popup dialogue. Supposedly, it is to help you get support. What happens when you call the number? They want money to help you “fix” it.

How do you know it’s fraud? According to Stickley, “You have to pay attention to where you’re going. Any time there is a phone number in a popup like that, it should always be eyed with suspicion."

The next typo used was replacing that “d” again with the letter “f.” Again, it looked exactly like the Today Show site. It even allowed him to click on the images and stories. However, within seconds another popup dialogue box appeared stating the Adobe Flash Player needed to be updated. Most people have seen these appear and sometimes they are real. However, they are also often fake and download malware. In this case, when he clicked it, malware was installed.

How does one avoid this? Stickley said, “The best thing you can do is watch what you’re typing in the address bar.” Also, if the dialogue wants you to install something to “fix” an issue, just ignore it. Typically, if you can’t make the dialogue go away other than by clicking a link or button on the popup box itself, reboot your computer. Often there are buttons that you can click for "yes" or "no." If those are your only choices, shut down the entire browser and restart your computer. Don't just click them away.

Don’t forget that hardware can be compromised too. “What people don’t realize is that your hardware can get hacked as well,” said Stickley. He showed that if you accidently go to a malicious site, it may look normal, but in fact it is manipulating the hardware inside the house and controlling where the user can go. Because he has never found a bank that would agree to let him hack its site, he created a fake site for demonstration purposes. When first visited, it looked normal, but after he had browsed away and landed on a malicious site and subsequently clicked back to his demo site, there were clear indications that something was wrong.

 His advice for this is to make sure you do the updates on your hardware. You can find the model numbers on your hardware devices. Then go to the manufacturer’s website and they will usually walk you through updating the products. He also recommended that whenever you get the indicator that your phone has an available update, don’t delay. Install the updates right away.

Sometimes you may receive an email letting you know someone has logged into one of your accounts from a different device. “This is a really bad sign. It means somebody has hacked your account,” says Stickley. Log into your account and change your password immediately. If you use the same password on multiple sites, it’s particularly important that you change all of them and use unique ones for each site. This prevents cybercriminals from possibly getting into multiple sites with one password.

Sideloading is yet another trend. This is when you download an app from a site that is not the official app store. People do this because it allows them to get apps for free or get pirated games, for example. The simplest tip he provides is to just don’t do that. The apps in the official stores go through additional scrutiny that is not done when the apps are available elsewhere. While no guarantee those are safe, it's still less likely that they will contain malware.

Technology cannot keep up with the cybercrime trends. So, it’s up to people to keep an eye on them so they don’t take advantage of us. Stay alert, take time to read popup dialogues, don’t panic, update your software AND hardware, and don’t get your apps from anywhere other than their official stores.

How DuGood Can Help

At DuGood, protecting your personal and financial information is a huge priority for us!  Are you interested in more articles like this one?  Check out our Security Center!  You’ll find all kinds of great resources to help you spot scams before it’s too late.

We also offer several Identity Theft Protection Plans.  For only a few bucks a month, we’ll cover all your financial accounts – not just those at DuGood.

Here’s to staying one step ahead of the hackers!

Topics: Security