Our featured Guest Blog post this month comes from our IT Manager, Chris Austin… News you can use from the Eberl “Nerd Cave” 🙂
As we deal with weather disasters and help people rebuild their lives, we must also protect ourselves from the digital hurricanes that happen thousands of times a day. Getting “hacked” can produce just as much destruction to your life and the company you work for as any hurricane or F4 tornado. And, don’t assume that because you have anti-virus, anti-malware and a firewall in place that you are protected. Especially, if you are on the road! Attack vectors are constantly evolving on many fronts including viruses, social engineering and sneak attacks. Some common attacks to watch out for these days are:
- Fake wireless access points. How many times have you connected to the WiFi in a hotel, library, church, coffee shop or the airport? What the hacker does is advertise their computer as an available WAP (Airport Free Guest Access) and then pass the traffic through to the real network that they are connected to. The hacker now sits between you and the internet and will sniff unprotected data to the intended end point or site. A lot of times this is how they will get your username and password, which you may use commonly across other sites like your banking site.
- Lost and Found USB thumb drive. Hackers will drop flash drives out on the ground in front of businesses and hotels to get unsuspecting victims to plug in the thumb drive and execute the file with a clever names like LargeClaimFinancials.xlsx.exe but the file looks like LargeClaimFinancials.xlsx in Windows Explorer. When victim clicks to open the file it runs the executable and installs the virus that will be used to obtain information.
- Google Map Phone Numbers. It is extremely easy to spam phone numbers into Google maps and mask the numbers for real businesses on the map. The victim then calls the number and the hacker on the other side answers as if they were the business. Depending on the business they will collect all kinds of personal information such as credit card numbers, usernames or passwords.
What can you do?
- Be conscientious about your browsing habits and the networks you are connecting to.
- Use VPN when connecting to corporate networks
- Download with discretion
- Think before you click
- Use long and complex passwords, and change them frequently
- NEVER share your password with ANYONE
- Do NOT use unverified removable media (flash drives, CD’s/DVD’s)
- Always question suspicious computer behavior and suspicious people in the area