This is a summary of a byline article written for IoT Agenda by Tony Giandomenico, Senior Security Strategist and Researcher at Fortinet. The entire article can be accessed here.
This summer, along with precautions like travel insurance, sunscreen, bug spray, and keeping your wallet in your front pocket, you need to also take cyber-precautions. That’s because cybercriminals want your money just as much as any pickpocket. And if they can’t steal your money, they will steal your other information and sell it on the dark web.
To make sure you are as safe online as you are on the beach, here are a few practical tips to keep you safe online this summer:
As you travel you will probably want to log into public Wi-Fi access points. While many of these are perfectly safe, criminals looking to steal your data will often post fake WiFi access points so they can intercept any data between you and your online shopping site, bank, home security system or wherever else you browse to. This is especially common at airports and coffee shops — places where you have a minute to sit down and log in.
This can also happen without you being aware of it. New smart devices automatically search for known connection points, like your home Wi-Fi.
“Sophisticated attacks simply ask your device what SSID they are looking for, and when your phone tells them it is looking for your home router, it replies with, “You’re in luck! I’m your home router.” And your phone, not being nearly as smart as it thinks it is, goes ahead and connects.”
Here are a two things you can do to protect yourself from fake WiFi connections:.
We tend to use a lot of websites that require a login, so remembering a unique password for each site may be impossible. It’s why people tend to use the same password for everything. However, if someone manages to steal your password for one account, they now have your password for everything
Here are a few things to do:
Never open an email or click on an attachment from someone you don’t know, especially when it includes an enticing subject line, such as a cash reward or a bill for something you didn’t purchase.
Also, take a minute to also look at those emails from people you know. Compromised email accounts are regularly used to send malware to the people in their contact list because recipients are far more likely to open those emails and attachments. So if an email message seems strange or out of character, check before opening it.
“For websites, does the website look professional? Are the links accurate and fast? Are there lots of popups? Is there bad grammar, unclear descriptions or misspelled words? If you hover your mouse over a link, you should be able to see the real URL. Does it replace letters with numbers, such as amaz0n.com, or is it unusually long? If so, don’t click on it. It’s a phishing attack, and all you are going to get is a stolen identity. These are all bad signs.”
Avoid announcing your vacation on social sites. While it might be fun to tell everyone what you are doing, it also lets folks know you are gone, which can put your home at risk.
Likewise, don’t post personal information about you or your family that could be used by an attacker to create a legitimate-looking email with malicious content.
We all live in a world where bad things can happen, so we lock our cars, deadbolt our doors, look both ways before crossing the street, and avoid dark alleyways. You need to develop the same cautions when you navigate your digital environment – except that you are never 100% safe online. Risk comes with the territory. But if you exercise a bit of caution, the digital world we all live in can become a whole lot safer. And so can your summer.
This blog is a summary of an article written for IoT Agenda, entitled “How to have a safe connected cyber summer,” written by Tony Giandomenico, Senior Security Strategist and Researcher at Fortinet, and published on June 7, 2019.
Read more about the latest cybersecurity threat trends and the evolving threat landscape in our latest Quarterly Threat Landscape Report.