How To Protect Yourself From Being Hacked?

Panic prevails when you realise you have been compromised

First of all, you must know how hackers get to you in the first place. To stay safe and protected from malicious hacks, you should avoid being a victim of hacking by knowing how hackers work and how they compromise your devices.

Here are some of the ways that your computer or your mobile can be compromised:

1. Our own laziness and convenience in choosing simple and stupid passwords and PINs can lead to a predicable pattern of characters such as dates of birth, a relaltive’s name or simply password123. You will be surpised to know how many people still use these types of password.  Needless to say that these types of passwords can be easily guessed by hackers in the first 90 seconds of their attempt in gaining access to your devices.
2. Another common practice is to share your PIN or passwords between family and friends. Dont be surprised! There are so many people who still do that!
3. The third most common mistake people make is the use of the same password and PIN across different devices and online accounts
4. Another big mistake is storing all your passwords and PINs on a simple unprotected notepad on the same device which you need to protect.
5. Shared Ex Partner/Ex Husband/Wife Identity: This is one of the most common sources of threat specially when a partnership or matrimonial relationship is ended disagreeably and causes serious friction between the husband and the wife or the partners. This is because the couple enjoyed absolute mutual trust and they never imagined that the relationship would turn sour and hostile and used to share all the passwords and PINs and online account details and Apple IDs etc. Now that the trust is destroyed, each party, will take advantage of this trust and spy on each other and impersonate each other and when either of them discovers the breach, they cannot prove it. This is one of the most difficult situations where a computer forensics investigator employed by them, has the most difficult task because impersonations of such a nature, cannot be easily identified with good evidence. It is extremely stressful for both sides because they feel betrayed and victimised, and they cannot imagine that their trust has been abused.
6. Presence of RATs (Remote Access Trojans): RATs are a type trojan viruses which are introduced into the victim’s digital device via a clicked link to a malicious website or by opening and viewing an infected but seemingly legitimate image, document, or video. In such cases, the infected item, has been modified by a hex editor in order to embed malicious code in a picture, document or a video. As soon as the infected item is opened or played, the malicious code will execute itself and become resident in the computer or the digital device random access memory (RAM) and will report all the real user’s activities (attack target) to the perpetrator. All the data collected via the RAT, will then be used to steal the victim’s credentials for various websites and online accounts such as emails and social media thereby facilitating impersonation and identity theft. Some legitimate remote access applications such Team Viewer, Log Me In, VNC and Windows Remote Desktop, used by IT support staff to provide remote computer support, are frequently used by impersonators or hackers. Once they are installed on the device, the perpetrator, can use these legitimate remote access tools to impersonate the target device user and access all resources and credentials.
7. Keyboard Loggers: Keyloggers are activity-monitoring software programs that give hackers access to your personal data. The passwords and credit card numbers you type, the webpages you visit – all by logging your keyboard strokes. The software is installed on your computer, and records everything you type.
8. Using public WiFi or a Free WiFi Hotspot: The biggest threat to free Wi-Fi security is the ability for the hacker/impersonator to position himself between you and the connection point. So instead of talking directly with the hotspot, you’re sending your information to the hacker, who then relays it on. While working in this setup, the hacker has access to every piece of information you’re sending out on the Internet: important emails, credit card information and even security credentials to your business network. Once the hacker has that information, he can — at his leisure — access your systems as if he were you. Hackers can also use an unsecured public Wi-Fi connection to distribute malware. If you allow file-sharing across a network, the hacker can easily plant infected software on your computer.
9. Bluetooth Connection: There are a pair of wireless attack vectors that hackers can use to breach phones without tricking anyone into giving up permissions. Both require physical proximity to the target but can sometimes be pulled off in public spaces. The Bluetooth connection is one of the weakest links in a smartphone, and hackers often use special methods to connect to devices that operate on Bluetooth reception range. This is a common hacking method because many people keep their Bluetooth connection on. If a Bluetooth connection is unregulated, hackers can get close to your smartphone and hack their way into your device without you noticing.
10. Clicking On Links Received By A Friend or Unknown Contact Via WhatsApp, Facebook/Instagram Messenger, Other Messaging Apps or Simply Text Messages: Hacks on Instagram, Facebook, WhatsApp and Messenger happen when hackers create fake accounts or hack into existing Instagram accounts that you’ve followed. The scammers use these fake or compromised accounts to trick you into handing over critical personal information which will help them compromise your mobile or computer. The hackers may even send you a message and claim that you have been hacked and they and they are the good guys and offer you help how to deal with the hack and how to clean your mobile or laptop. Following their link and doing what they ask you to do, is exactly what they want you to do so that you can hand over the keys to your fortified castle.
11. Web Browser Extensions:  All web browsers such as Safari, Edge, Firefox, Chrome, Opera and Brave, use mini applications called “extensions” or “add-ons”. These extensions are installed on top of browsers to make them do more than browsing the internet such as Adobe Reader or Ad Blockers for viewing PDF documents and blocking pop-up adverts inside the browser. Some extensions can be malicious and will install themselves when you visit infected websites. Once they installed, they will record your track your browsing and record your username and passwords.
12. Fake Security Warnings and Pop-ups: Like other fake pop-ups, this pop-up displays a false security warning as part of a pop-up scam. Fake pop- ups may appear in your browser (if your browser is redirected by adware) or they may be produced by adware or malware programs installed on your computer. Adware is something that you may have downloaded accidentally, possibly by clicking on a malicious advert by mistake. Alternatively, adware may have infected your computer through a link in a spam email or an attachment that you opened. Once on your computer, adware automatically displays pop-ups in your browser when you are online. The “ransomware detected” pop-up is one of many fake pop-ups that can trigger malicious advertising.
13. “Free” Fake VPNs (FFV): Hackers create applications that users would have a genuine interest in, such as a free VPN, with the intention of downloading malware onto unsuspecting users. The user downloads the “Free” VPN and gets a false sense of security while user is unaware of the fact that by using the “free” VPN, she/he is being spied on and all passwords and incoming and outgoing traffic is being monitored. Effectively, the “free” VPN, is the only gateway to the internet and the hacker will be able to see absolutely everything because the user is accessing the internet via his tunnel to the internet.
14. 

    Different types of being compromised

    Social Engineering Techniques:  As technological defences become more robust, cyber criminals are increasingly using social engineering techniques to exploit the weakest link in the security chain: people. Social engineers use a variety of means – both online and offline – to con unsuspecting users into compromising their security, transferring money or giving away sensitive information. According to Proofpoint’s 2019 report, The Human Factor, 99% of cyber attacks use social engineering techniques to trick users into installing malware. Different types of social engineering threats targeting people can be summarised as follows:

(a) Phishing
The most common form of social engineering attack is phishing. Phishing attacks exploit human error to harvest credentials or spread malware, usually via infected email attachments or links to malicious websites.

(b) Vishing
Vishing is a different attack that falls under the general phishing umbrella and shares the same goals. Vishers use fraudulent phone numbers, voice-altering software, text messages, and social engineering to trick users into divulging sensitive information. Vishing generally uses voice to trick users. Phishing and vishing have the same goal: to obtain sensitive data from users that could be used in identity theft, monetary gain or account takeover. The main difference between phishing and vishing is the medium used to target potential victims. Whereas phishing is primarily an email-based attack, vishing uses voice, typically calls to a user’s cell phone number. Both vishers and phishers send messages to potential victims, usually in high volumes. Phishing attackers send a large number of email messages to a list of potential targets. Malicious attachments are also used in some phishing attacks.

(c) Spearphishing
Spear phishing is an email or electronic communications scam targeted towards a specific individual, organization or business. Although often intended to steal data for malicious purposes, cybercriminals may also intend to install malware on a targeted user’s computer. This is how it works: An email arrives, apparently from a trustworthy source, but instead it leads the unknowing recipient to a bogus website full of malware. These emails often use clever tactics to get victims’ attention. For example, the FBI has warned of spear phishing scams where the emails appeared to be from the National Centre for Missing and Exploited Children.

(d) Smishing
A nefarious text message could be on its way to a smartphone near you. This is a message, often purporting to be from your bank asking you for personal or financial information such as your account or ATM number. Providing the information is as good as handing thieves the keys to your bank balance. Smishing is a portmanteau of “SMS” (short message services, better known as texting) and “phishing.” When cybercriminals “phish,” they send fraudulent emails that seek to trick the recipient into opening a malware-laden attachment or clicking on a malicious link. Smishing simply uses text messages instead of email.

(e) Whaling
Whaling is a type of phishing attack that exploits the influence senior executives have over lower- level roles, such as CEOs over financial executives or assistants.

(f) Scareware
A form of malicious software – usually a pop-up that warns that your security software is out of date or that malicious content has been detected on your machine – that fools victims into visiting malicious websites or buying worthless products.

(g) Angler phishing
Angler phishing is a specific type of phishing attack that utilises social media. Unlike traditional phishing, which involves emails spoofing legitimate organisations, angler phishing attacks are launched using bogus corporate social media accounts.

(h) Spear phishing
Spear phishing is a form of email attack in which fraudsters tailor their message to a specific person. Spear phishing is more challenging to detect than regular phishing scams because the fact that they are explicitly addressed to the target assuages suspicions that they are bogus.

(i) Pharming
Pharming attacks redirect a website’s traffic to a malicious site that impersonates it by exploiting system vulnerabilities that match domain names with IP addresses.

(j) Malicious Embedded code:
Malicious code is defined as a piece of code or malware that can exploit common system vulnerabilities.
Cybercriminals can quickly embed malicious content in a photograph and send that image out across the web. The simplest way of embedding malware is to add it to the image overlay (image end using a hex editor). All this requires is taking an image file and adding malicious content to it. For example, if you have a .png file, everything after the IEND chunk is the overlay, and if you have a GIF all the bytes after the trailer are an overlay too. Often the overlay is added too, but with malware, the addition is malicious. It’s also easy to embed malware in image data from photographs taken on digital cameras or smartphones. Every photo taken has an EXIF tag that stores descriptive metadata of the image, including the camera type and the date and time. This data doesn’t affect the image itself and is appended to include malware or other malicious scripts without detection. Essentially, in both instances the malware is hidden, and it doesn’t affect or compromise the image. Opening and viewing the image will execute the malicious code in the host computer or mobile phone. This is what makes it so risky.

How to minimise or eliminate the risk by taking the following measures:

1. Use long passwords with at least 11 characters combined with lower case, upper case, numbers and special characters
2. Enable 2 factor authentications (2FA) on all your online accounts
3. Use a password wallet which is password protected with 2FA.
4. Avoid downloading and opening documents and images you do not expect to receive unless you have been told by your boss or friend over the phone that they are safe and they can be opened.
5. Avoid downloading free software, games or videos from websites whose identities are not known as they might contain malicious embeded code in them. As soon as you install or open them in your computer or your mobile, you will be compromised.
6. Avoid visiting websites which are not secure and do not have a lock in the browser address bar. All secure websites must begin with https://. 
7. Use different PINs and password for different devices and different online accounts
8. Use VPN when you connect to a public WiFi for internet access
9. In Windows, enable BitLocker encryption and Apple Mac, enable FireVault
10. Avoid clicking on links in emails WhatsApp and SMS messages however trusted or interesting they may look like.

Computer Forensics Lab digital forensics specialist team can help organisations and businesses as well as private individuals whose computer systems and IT infrastructure have been compromised. You can call 02071646971 or use our secure digital forensics service inquiry form here.