Connect with us

Hi, what are you looking for?

Tech & Science

Cybersecurity: How to avoid getting hacked

Spear-phishing is similar to phishing, but the attacks prioritise quality over quantity.

The Akira hacker group is suspected of carrying out the cyber attack in Sweden
The Akira hacker group is suspected of carrying out the cyber attack in Sweden - Copyright AFP Chris DELMAS
The Akira hacker group is suspected of carrying out the cyber attack in Sweden - Copyright AFP Chris DELMAS

On average, 1.4 billion social media accounts are hacked every month? Furthermore, 98 percent of cyberattacks rely on some form of social engineering (such as tricking and manipulating people) to compromise their target, meaning sometimes it is difficult to know if an individual has been involved in a scam.

Cybersecurity always remains challenging for businesses. The hardest and most sophisticated scams to spot are spear-phishing campaigns. Further challenges are on the horizon, is where AI will play a large part in future online scams due to its proclivity for volume

To find out more, the experts at Independent Advisor VPN collaborated with Dr Phil Legg, professor at the University of West England and cybersecurity expert at Independent Advisor, to provide answers to common cybersecurity and hacking questions and give tips on how to stay secure online.

What is the hardest type of scam to spot? 

According to Legg: Spear-phishing campaigns are becoming more and more sophisticated. They require time and effort to build a convincing case for somebody to interact. Again, this does also come down to the level of perceived risk – most people are not going to be the target of a spear-phishing attack, since an attacker can make much more money going to high profile targets than an everyday user.”

Spear-phishing is similar to phishing, but the attacks prioritise quality over quantity. Spear-phishing emails, texts or phone calls are highly personalised for a specific organisation or individual. They are more likely to deceive potential victims due to the amount of time and research spent personalising messages that appear to be from legitimate senders.

What are the tricks and techniques scammers are using more of that you think are the most clever?

Legg considers:AI will become a major part of how the volume of attacks are conducted in the future, be it brute force password attacks or phishing campaign emails. The ability to generate sheer volume of content will mean that it will become harder to identify legitimate content in time, as AI generation improves over time.”

Are there any ‘bad habits’ people have on social media that could be revealing sensitive information to hackers?

On the subject of people, Legg proposes:Historically, people would over-share information such as pet’s name or school names, that could relate to weak passwords.”

He adds: “Oversharing of information can still remain a problem – for example, hackers targeting an organisation may make use of LinkedIn profiles, and use information about you against your organisation. I would often take the view that if you would not be comfortable saying something out aloud in person (say in a busy pub), then do not say it online – you do not know who may be reading/listening.” 

If you were a hacker, what’s the first thing you look for on a social media account?

Legg states: “Most cyber criminals are not targeting individuals, they are targeting organisations. It is important to realise that cyber criminality is an ever-increasing business model, and so it is about the financial incentive in most cases. Therefore, information you provide on LinkedIn about your employer may be used against them.”

“However, it is also possible that if an organisation is compromised, the employees or customers may be targeted next, since the hackers would have information about them that could help support an attack – always think twice before acting if there are suspicious emails or phone calls that claim to be from an organisation.”

What’s one thing you wish more people were aware of when it comes to protecting their identity online?

Here Legg advises: Use haveibeenpwned.com to check whether your email address appears in recent data breaches. This can help to identify accounts that have weak security, and where credentials should be changed. Some platforms, such as Apple and Dashlane, have now built in this level of monitoring into their own password managers.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Business

Every manufacturer is different and relies on different areas and aspects of their business to set themselves apart from the competition.

Social Media

Online privacy campaigners said they had filed complaints in several European countries against six Chinese companies including TikTok.

World

From the initial panicked evacuation to the terrible firefight that saw hydrants run dry, the opening day of the disaster was just the beginning.

Social Media

French researchers have developed an application to help users migrate their whole online community from Elon Musk's X to rival social platforms.