Computers have became part of everyday life; but security awareness is lagging behind.
- Computer is a set of electronic data processing and storing device. It could be known as personal computer, desktop, laptop, notebook, netbook, terminal, etc.
- Cyber is a relation between computers, phones, and Internet.
- Security is a state of feeling safe, stable, and free from fear or anxiety. Unlikely to have risk.
So, Cyber Security is all about protecting Computers, Phones, Internets and its Users from Danger, Anxiety and Risks. When people say Computer Security, it does not mean Cyber Security; it is just part of the Cyber Security.
Major Types of Threats
1. Social Engineering is an art of manipulating people to get confidential information of someone. It could be committed with the following methods:
- Human Based:
- Phone Call
- Attack help desk by impersonating a legitimate user, or referring to technical support y using names and some identities.
- Attack a user by impersonating technical support or authorized agent.
- In Person
- Shoulder surfing by watching what others are typing, noting, or saying.
- Dumpster diving by going through the trash.
- Phone Call
- Computer Based:
- Phishing by tricking computer or Internet user to verify account details or into volunteering confidential information for lucky draw, lottery, etc. This could be done via popup windows, spam & adware, free stuffs, chance to win something, false links or asking for help.
- Scamming by tricking the user into volunteering confidential information, screen imitates a real input page to collect authentication information, give them your information with bank account or even transfer money to them.
2. Malware is a variety of intrusive software which is harmful to electronic device and user’s information. It includes computer viruses, worms, trojan horse, ransomware, spyware, adware, and other malicious programs. It could be found in form of code, scripts, and other small application.
- Spyware is an application installed in the device to collect information without user’s knowledge. It can send out the information from victim’s phone and computer with any kind of platforms (windows, iOS/OSX, Android, Linux,..). It is generally used by spouses, investigators, managers, industrial spies and criminals. Spyware could access to SIM card information, SMS, MMS, Email, Call number, time & Internet content, voice information including interception and recording, geographical location (GPS), key logging, bank information and whatever you do with your device.
- Trojan Horse is a type of malicious code which is embedded in some software, especially cracked software. By doing so, users will not aware that they are bringing the threat into their devices. Millions of cracked software in the market nowadays might contain this type of malware. Users shall think of these two questions: 1) Why free? and 2) Who cracked it?
It is risky to use those cracked software; mostly, those software were cracked and injected with malicious code to open backdoor by hackers. It will collect information and send back to its servers once it received command.
3. Dictionary Attack is a kind of threat attacking username and password by testing correct words from dictionary. It can guess up to 76.1 billion passwords per second.
4. Replay Attack is another common threat using data from earlier, recorded, and/or valid sessions, etc. For example, the login username and password may not be deleted immediately after user finished or logged out the application or Internet browser. The session might be still online. Sometime, most frequently happened, users forget to log out from the application they used. So the next user might be able to access it.
- Don’t install unknown/necessary software, plug-in, add-on, etc.
- Scan all removable media/devices before use.
- Before login to any website, please verify the website and surrounding environment first. And, always close the application and/or browser after use.
- Log off and lock your device when not in use.
- Never accept, click, or reply to anonymous web link, email or messages.
- Get a license anti-malware(virus), make it up to date, and scan your device regularly.
- Online banking or shopping with public Internet is not recommended.
- Change password periodically. Click to See Standard Password
- Empty your recycle bin regularly.
- Never share private information in a single call or message.
- Use different login username and password for different system/software.