educational

Cybersecurity and You: The Latest Online Threats to Ward Against

Cybersecurity and You: The Latest Online Threats to Ward Against

Let us discuss the differences between the viruses of yesteryear and the highly-developed cyber intrusions of today, when we must be on the lookout for sophisticated attacks and those delivered via “social engineering.” How can you best defend yourself? Read on.

COMPUTER VIRUSES

Most manufacturers set up the administrator account on routers with the same username and password for every piece of equipment they sell, so log in and change those before a hacker does it for you.

In a nutshell, a computer virus is a type of malicious code or program written to alter the way a computer operates, and is designed to spread from one computer to another. Viruses need a computer file to act as the host of the virus, and the device receiving said file will become infected with the virus. Typically, viruses are transmitted via email attachments or from websites that may have been unknowingly attacked with malicious code injected onto their pages. After all, the reality is that successful viruses are often spread due to dumb luck or operator error.

Typically, the best way to avoid catching a computer virus includes not clicking attachments to emails without first vetting the source and nature of the attachment. An email from a trusted colleague, but with odd phrasing, is a red flag, as is an email from an unknown source offering attached materials. You should also be wary of clicking on pop-up ads, while using strong passwords, keeping your software up to date and installing some antivirus software.

PHISHING

Phishing is defined as a type of “social engineering” attack often used to steal user data, including login credentials and credit card numbers. Phishing, much like a virus, occurs when “hackers” masquerading as someone you think you can trust spoof an email address or use a legitimate company’s logo to trick victims into opening an email, instant message or text that has an attachment containing a malicious link. The main difference between a virus and phishing is that instead of just slowing down your PC, or showing you annoying pop-up advertisements, phishing can compromise your personal data, leading to such things as identity theft.

SPEAR PHISHING

While phishing is similar to viruses, in that both are transmitted via mass dissemination and playing the odds that a few recipients will infect themselves, spear phishing is much more targeted, aimed at public figures like a celebrity or the CEO of a multinational conglomerate. Phishing attacks can also target employees with specific company email addresses. All the hacker is looking for is a way into the victim’s network, to cause damage throughout the company or their own finances.

RANSOMWARE

While having your identity stolen is definitely something to be avoided, ransomware can literally be a national security issue. If you have poor internet habits when it comes to your personal email at home, there is an excellent chance that you’ll engage in the same behavior at work, which can lead to problems that go far beyond your own personal detriment.

When hackers utilize phishing or spear phishing, a primary goal can be to have the recipient inadvertently install malicious software (malware) on their PC or company network. This malware may then encrypt the victim’s files so their network or PC no longer works. Then, hackers demand a ransom to restore access to the data upon payment. Hackers typically ask for payment via Bitcoin or a gift card.

If you need an example of how serious spear phishing can be, just think back a couple of months ago to the Colonial Pipeline shutdown, or the JBS meatpacking plants hack.

SO, WHAT CAN YOU DO?

You would think that after 30 years of having the internet around, people would know by now that it’s not a good idea to click on suspicious links. But such is not the case. Fortunately, there are additional precautions you can take to prevent being infected:

  • If you have an email program that allows you to set a maximum file size for email attachments, use it, and set it low. You can always override the setting if needed.
  • If your bank calls you and asks you to verify your account number, hang up. Call the number on the back of your bank card if you are concerned it was a legitimate call, but know that your bank will never ask you for information like that when they initiate the call.
  • If the IRS calls and says you owe them money that can be paid via Western Union or a gift card to Target Stores, hang up.
  • Update your passwords often—and avoid playing those quizzes you find on social media sites, as many of them are basically fishing for your answers to security questions.
  • Be careful about the sites you visit. If you are giving any kind of personal information to them, be sure the page’s URL begins with https:// for peace of mind.

While the above suggestions may seem like common sense to you, these are all security issues that happen daily. However, one of the most important items in maintaining your network security is the Wi-Fi router in your home. Cyber criminals are known to drive through neighborhoods looking for vulnerable routers, and if they find yours, network security can be almost impossible to maintain. Luckily, it is very easy to secure your network from outsiders:

  • The most obvious method of maintaining your home’s network security is to create a difficult password to access your network, but beyond that, do not give out your password to visitors; if you must for one reason or another, change your password after they leave. The reality is, you should regularly change said password whether you give it out to others or not.
  • Since hackers cruise neighborhoods looking for vulnerable routers, do yourself a favor and hide your router. Most manufacturers set up the administrator account on routers with the same username and password for every piece of equipment they sell, so log in and change those before a hacker does it for you and locks you out of your own router.
  • While you are at it, change your network name and hide your network so that it does not appear on the list of available networks. Doing this will require that anyone accessing your network know the exact name of the network in order for it to become visible.
  • If your router allows remote access, turn that off. And while this should go without saying, you should ensure your router’s firmware is kept up to date. While one would expect this would be done automatically, when you are changing your password, you should confirm the change has taken effect.

TAKE YOUR GOOD HABITS TO WORK

You can take many of these suggestions to work with you and help keep your business network safe. For instance, if you offer an online shopping cart for customers, you should keep track of things like IP addresses that consistently come up with fraudulent attempted sales. IP addresses will point to the part of the world your “customer” is coming from.

Sometimes it just makes sense to block an entire range of IP addresses. Granted, you might block all of Nigeria due to an inordinate number of fraudulent purchases and as a result miss the two or three legitimate sales, but you must weigh the odds.

Similarly, if you notice that someone is attempting to guess a correct credit card number or the associated Card Verification Value (CVV), it could be in your best interest to block the credit card number, or an entire range of credit card numbers.

Do not hesitate to utilize CAPTCHA on your payments page. While a hacker may use a script to automatically run credit card numbers until it stumbles across one that works, CAPTCHA will require human intervention, which may make it more trouble than it is worth to the hacker.

Finally, keep your software, firmware and patches current. A few months ago, it was revealed that Wi-Fi has had a built-in vulnerability since it was invented in 1997. If that does not convince you to pay attention to your security updates, I am not sure what will. It can be a scary world out there, but hackers rely on the uninformed. Don’t let that be you.

Jonathan Corona has over 15 years of experience in the electronic payments industry. As MobiusPay’s COO, Corona is primarily responsible for day-to-day operations as well as reviewing and advising merchants on a multitude of compliance standards set forth by the card associations. MobiusPay specializes in merchant accounts in the U.S., EU and Asia. Follow them @MobiusPay on Twitter, Facebook and IG.

Related:  

Copyright © 2024 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

profile

WIA Profile: Holly Randall

If you’re one of the many regular listeners to Holly Randall’s celebrated podcast, you are already familiar with her charming intro spiel: “Hi, I’m Holly Randall and welcome to my podcast, ‘Holly Randall Unfiltered.’ This is the show about sex, the adult industry and the people in it.

Women In Adult ·
trends

What's Hot Now: Leading Content Players on Trending Genres, Monetization Strategies

The juggernaut creator economy hurtles along, fueled by ever-ascendant demand for personality-based authenticity and intimacy — yet any reports of the demise of the traditional paysite are greatly exaggerated.

Alejandro Freixes ·
opinion

An Ethical Approach to Global Tech Staffing

One thing my 24-year career as a technologist working to support the online adult entertainment industry has taught me about is the power of global staffing. Without a doubt, I have achieved significantly more business success as a direct result of hiring abroad.

Brad Mitchell ·
opinion

Finding the Right Payment Partner

Whenever I am talking with businesses that are just getting started, one particular question comes up a lot: “How do I get a merchant account?” It’s a simple question, but it has a complicated answer.

Jonathan Corona ·
opinion

The Taxman Cometh for Every Business

February may be the month of romance, but it is also a time when we need to think about something that inspires very little love: taxes. April is not far away, and the taxman is always waiting. This year, federal and most state income taxes are due Monday, April 15.

Cathy Beardsley ·
opinion

The Continuous Journey of Legal Compliance in Adult

The adult entertainment industry is teeming with opportunity but is also fraught with challenges, from anticipating consumer behavior to keeping up with technological innovation. The most labyrinthine of all challenges, however, is the world of legal compliance.

Corey D. Silverstein ·
profile

Alexzandra Kekesi Takes Charge as Aylo's Head of Community and Brand

While Alexzandra Kekesi was earning her bachelor’s degree in women’s studies from the Simone de Beauvoir Institute at Concordia University, feminist thinkers influenced her deeply, inspiring her passion for sex work advocacy.

Alejandro Freixes ·
opinion

New Year, New Tools for Tackling Chargebacks

Happy New Year! Looking back, 2023 saw some important developments for the industry. Visa lowered the limit on credit card surcharges to 3%, AI continued growing fast and Mastercard published an update to its Business Risk Assessment and Mitigation (BRAM) program.

Jonathan Corona ·
opinion

The Next Frontier in Computing, Storage Is Here

While I typically steer clear of diving too deeply into the technical nitty-gritty, in this month’s column I’m making an exception, because there’s a technological evolution underway that has the potential to fundamentally enhance technical outcomes and, more importantly, grow revenue.

Brad Mitchell ·
opinion

Raising Awareness and Taking Action Against Financial Discrimination

While foes of the adult entertainment industry often focus on “moral” concerns and perpetuate social stigmas, another form of attack can be equally or even more damaging: financial discrimination.

Corey D. Silverstein ·
Show More