There are a multitude of techniques the modern day hacker may employ to try to turn your world upside down. The best way to protect yourself, might be the easiest way: use common sense.
It might be hard though, when you have your smart phone in one hand, and a bag of groceries or child in the other. But, a little awareness goes a long way in keeping your personal information and your devices safe from being compromised.
Here are three of the most common routes a hacker might take to ruin your day.
1. Phishing
If you looked in your email inbox right now there are probably a few of these sitting in your spam folder. Phishing is when a hacker tries to get you to reveal personal information via email – such as a password, account number, or social security number – by disguising themselves as a trusted source: a friend, your bank, someone from your company, or a company you may have done business with before. They might inform you that your bank or credit card account has a discrepancy, ask you to donate to a charity or individual, or ask you to click on some great travel deal that sounds too good to be true.
How to protect yourself:
Look carefully at the source of the email. Does it look legit? Is the company’s name or URL spelled correctly? Does it sound like a scam? Does it have an attachment? (Don’t open it!) If you’re on the fence and it seems like an important message from your bank (for example), pick up the phone and call someone there.
2. Typosquatting (or URL Hijacking)
Have you ever mistyped the address for your bank, credit card company, search engine, or an online store? Of course you have – especially on the little keys of your mobile device. This is the logic behind a typosquatting attack. The user has the intention of going to a certain location, but a hacker has created a fake website that is so similar to the intended destination that they don’t notice. (example: myfreecreditreport.com vs myfreeecreditreport.com)
Hackers will buy variations on domain names that have typos and emulate the landing page of the legit site on the fake site. When you visit, you might get asked to enter personal info. Hackers may also, send these misspelled web addresses as part of a phishing scam (see above).
How to protect yourself:
Look at your URL in the address bar after you typed it or as its linked in an email. Is it spelled correctly? If you do get to a fake site on error and you’re going there to enter personal info especially, does it look like the site you always visit? Take a good long look before you enter any personal info.
3. Social Media Scams
Everyone gets duped on social media. With so many users on Facebook, Instagram, and Twitter, it’s a scammer and hacker’s dream. Fake news stories, gossipy clickbait articles, and fake user profiles are everywhere. "Your favorite actor died suddenly, click here." "Watch this ridiculous video of this current event that just happened, click here."
Don’t do it. It might be an attempt to gather your info or make you download a malicious plug-in. (Example: after you click a video link you might be instructed to download a plug-in to play the video, or asked to take a survey before viewing the article so your personal info can be stolen).
It’s better to get your news from a news source, not clickbait. Just because your friend shared it, doesn’t make it legit. Also, beware of fake friends bearing fake messages. If you’re on a dating site, you probably know of the “catfishing” phenomenon. Fake profiles are all over social sites, and some of them are hackers who might pose as someone you know or might want to know better.
How to protect yourself:
Although social media has been around for years, it’s still a relatively lawless land when it comes to ethics or safety. Be careful what you click on and know who you’re talking to. Your computer, mobile device, or personal information may be at risk.