10 ONLINE HABITS THAT HACKERS AND MALWARE LOVE

Everyone has a bad habit, and many of us have more than one. We pick them up; we repeat them on a regular basis, and we damage something in the process. And whether it’s something trivial like your fingernails or something important like your health, something is always damaged. Always.  

As an experienced IT company, we’ve seen bad habits ruin companies on a consistent basis. These bad habits break down network defenses and slowly pressure people into breaking standard security protocols. But what exactly do these bad habits look like? Here are 10 to get you started.

IS YOUR PASSWORD ‘PASSWORD,’ TOO?

Passwords act as your first line of defense against hackers. But for some reason, people everywhere still choose to protect their 130+ online accounts with passwords like ‘password,’ ‘123456’, and ‘football.’ These are the passwords hackers look for, and these are the passwords that are first on that data breach chopping block.

In fact, hackers barely have to lift a finger to crack your account. All they really have to do is use password-cracking software. This hacking tool will run through every word in the dictionary and every common phrase or word combination that people love to throw together.

In other words, use a bad password and your account will be hacked in mere seconds. Kind of impressive, right?

 

Source: Dashlane

WHY REMEMBER 130, WHEN YOU CAN REMEMBER ONE?

Depending on what type of site we’re talking about – low value (a gaming site) vs. high value (a bank account) – the password reuse rate can be anywhere between 20% and 50%. Even if you have the strongest password ever created by man, reusing it from one account to the next won’t do you or your data in favors.

If that password of yours is ever cracked, whoever or whatever has it will have easy access to each account using that password. In this case, you could quickly go from one hacked account to multiple.

 

 Source: InfoWorld

SHARING IS CARING, RIGHT?

While we’re on the subject of passwords, you should probably avoid giving those out to other people. Even it is your best friend or a brother from another mother, the more people you share your passwords with, the more likely it is that one of your passwords will end up with the wrong person.

Sure, you might trust your best friend with your life, but you can never know for sure who that person will share your password with or how good they are with online security. For instance, are they the type of person to write down a password on a sticky note? Maybe, maybe not.

 

Source: LastPass

WHO NEEDS 2FA ANYWAYS?

2FA (two-factor authentication) is a great way to pump up the security of your online accounts. It requires any person signing into the given account to provide two forms of authentication and could involve any number of things, like a question and a password, a password and a fingerprint, or an email and a passcode.

But usually, 2FA involves something you know and something you have. These two factors work together to add an additional layer of security to your online accounts, making it much more difficult for a hacking to take place.

This being said, the majority of people still choose to bypass 2FA and stick with a run-of-the-mill password instead. Generally speaking, this is often because people find 2FA to be “time-consuming.” That extra step must add like a whole 30 seconds to the sign-in process, right?

 

Source: SecurityWeek

IS THERE A “POSTPONE FOR ETERNITY” OPTION?

There are these things called “Updates,” and these are typically designed to – yup, you guessed it –  “update” your devices. Many times, these updates will involve the security of your devices, and you will be greeted with two choices – “Update Now” and “Remind me Later.” Sound familiar? However, for some odd reason, people love to click “Remind me Later,” even if they’ve already clicked “Remind me Later” ten times.

But you see, the longer you choose to postpone updates, the more vulnerable you’re leaving your devices. During this time, all those holes that hackers and malware can slip through will only grow bigger.

In other words… don’t postpone updates.

Don’t.

PUBLIC WI-FI WAS OBVIOUSLY MADE FOR PRIVATE DATA.

Believe it or not, there is such a thing as a fake Wi-Fi hotspot. These bad boys are malicious and mean to do you harm – steal your data, snatch your logins, send malware your way, or snoop your online activity.

So, first things first, you need to make sure that every time you connect to public Wi-Fi, it’s a legitimate connection. Secondly, you should always avoid accessing sensitive or private data on a public connection. Even if you know the connection is secure, it’s never a good idea. It’s better to be safe than sorry.

I SHALL LEAVE YOU HERE, AND YOU SHALL BE HAPPY.

There are too many people in this world who are far too comfortable leaving their devices anywhere – on a random table at a restaurant, in a grocery cart, on an office desk, on a towel at the beach…Do this and you’re just asking for someone to pick up your device and walk away with it.

Once someone has your device, they can do anything they please with it. And if your device isn’t locked, doing what they want to it will be much easier. They can hop into your files, jump into your inbox, or flip through your social accounts. At this point, walking away from that device of yours doesn’t seem like such a good idea, does it?

ALL EMAILS ARE CREATED EQUAL.

If you believe that all emails are created equal and that every email deserves an opportunity to be opened and read, then you should not be allowed to have an email address. Attacking people online with malicious emails is one of the biggest ways cybercriminals get what they want. Some of these emails are easy to spot, while others are written so well that they can dupe even the largest companies in the country.

Always remain suspicious of emails and take your time working through them. Don’t click, download, or respond to anything unless you’re 100% certain the email comes from a legitimate source.    

 

Source: Symantec

EVERY LINK IS A GOOD LINK.

The same logic that applies to emails applies to links. All links are not created equal. There are links that do exactly what they say they’re going to do, and then there are links that intend to deceive you and lead you down a dark path. Don’t click on a link just because an email, advertisement, or website tells you to click on it.   

MY SUPERPOWER IS DOWNLOADING BLINDLY.

Usually, a malicious download comes to you via email or a too-good-to-be-true online advertisement. And just like harmful emails and corrupt links, a malicious download intends to deceive you and lead you down that dark path we referenced earlier.

When you receive an attachment within an email, never download it unless you know the sender, and when it comes to downloads within an advertisement, it’s best just to avoid those altogether.

HOW CAN STRONGHOLD DATA HELP PROTECT YOUR BUSINESS FROM BAD ONLINE HABITS?

Human nature is human nature, and people will always be prone to picking up bad habits. But as an experienced IT provider, we can help minimize the damage these bad habits can have on your business.

We specialize in building and implementing professional security solutions that protect businesses from all threats, both internally and externally. With a layered approach and proactive monitoring, we watch over networks day and night to patch holes before they appear and to stop threats before they reach your network.

If you have any questions regarding network security or if you would like to learn how to better protect yourself from online threats, then give Stronghold Data a call today. We’d love to talk.