How To Safeguard Your Online Presence? Experts Weigh In On Phishing, Passwords, And More
It is an indisputable fact that the internet improved the quality of our lives. In the 21st century, spending hours in the library for research and sending handwritten letters are nothing but distant memories. While ideally, the internet should be free of cybercriminals and potentially harmful software, this is too good to be true in the reality that we live in.
In 2019 alone, internet security organisation Fraud Watch International monitored 16,000 attempted cyber-attacks against financial institutions and other clients in the Philippines. Even if the figure seems intimidating, we have yet to see the total number of casualties as crimes like these, albeit rampant, are barely reported to authorities.
Art Samaniego Jr, a tech editor in a major daily, explained how data breaching becomes prevalent when many people are at home. “Stolen social media credentials and data privacy leaks have become the ‘other pandemic’. After more than a year of on-and-off lockdowns and quarantines, one thing has remained consistent in the digital world—the threats and dangers of cybercriminals, trying to get a piece of our private data,” he says.
Read also: Top 10 Reasons People Use Social Media
The Philippines, which has more than 76 million active social media users, is a hotspot for hackers. “The country is a happy hunting ground for criminals; this is where they could get willing victims anytime,” Samaniego continues. “I would count it as a success even if there is only one user out there who has not been scammed.”
According to Myla Pilao, Trend Micro director for technology marketing, hackers found a way to track their victims better because work from home schemes made it difficult for many people to protect the bulk of data that they store in a single, unprotected device.
“I call it ‘clash of data’, made more prevalent because of our remote work operations. Today, we must recognise that personal data and out of work data are co-mingling,” Pilao shares. “Before, we could do our job in more secure ways because maybe our companies have very strong protection; but now that you and I are moved into a smaller frame, we have to admit that the level of protection is not as safe.”
Instagram Asia-Pacific product marketing head Alex de Leon believes that phishing, or sending fraudulent links and emails is one of the easiest procedures that hackers follow to garner data.
“I think one of the most underestimated threats to online security is phishing. People can often be susceptible to clicking random ‘emails’ that appear to come from a company or a respectable person,” De Leon tells Tatler.
In phishing, scammers may send links that are masked in convincing phrases that legitimate companies or authorities use. For example, a suspicious email may say that the victim has won a specific amount of money from a contest. It may also lead the victim to believe that there
are important files he or she needs to check by going to another website.
The data often collected from users are their login credentials, credit card numbers and online banking passwords. There are several techniques to avoid being exploited by high-profile scammers. For Samaniego, one of the best measures to take is to activate our email system’s spam filter.
“Scammers would attempt to gain sensitive information from you by posing as someone you trust. Fake emails claiming to be from banks, Facebook messages from hacked accounts and SMS messages from unknown individuals could be used to get sensitive information from you. Banks, your friends and even strangers would not ask for sensitive information or suddenly ask for financial help,” Samaniego warns. “Always be suspicious of emails that you get especially those asking you to click links. Keep your email system’s spam filter active.”
He added that a website’s address bar says a lot about its safety. “Always check if the website you are using is using HTTPS and not HTTP, look for a lock next to the address bar. This means you are using a secure connection.”
LINES OF DEFENCE
A strong password will come in handy when there are people trying to access our accounts. Samaniego shares some pointers for protection:
- Do not use a password combination that’s easy to guess. A combination of numbers, letters and special characters are very good indicators of a strong password. Use a passphrase instead of a password; this is like a password but made up of words with spaces.
- Do not reuse a password. “Choose a unique password in every account that you have. This is to avoid your other accounts being compromised if one of your accounts is hacked,” says Samaniego.
- Do not use easy-to-guess reset questions. For example, if the password reset question is your mother’s maiden name, you can put a completely unrelated answer like “San Pablo City Laguna”.
- Do not trust Facebook ads that would ask for you to log in using your credentials. Facebook won’t ask for your username and password to check your age.
De Leon advises social media users to be mindful of the information they post online. He says that social media users very often disregard privacy rules and share more than they are supposed to. Because of these, they become potential targets of hacking. “Never share identifiable information. Personally, if I’m tagging a location, I only tag the exact place if it’s somewhere I’m only going to be at for a short term; for example, I’ll tag a restaurant that I’m eating at but not likely a resort that I’ll be at for several days. I also blur the barcodes of plane tickets since they can be repurposed,” De Leon suggests.
Devices connected to the internet are also prone to hacking. They are no different from radiofrequency(RF) tools which can be hijacked by a small device that experts call RFQuack. The hacking apparatus can easily be deployed onto a site to gather signal packages and reverse-engineer the protocol of an industrial RF.
According to Pilao, the growing number of unmonitored and unprotected devices makes it easier for cybercriminals to invade one’s personal data. “The proliferation of devices is a threat to online security. People purchase unprotected devices like routers, Wi-Fi cameras, all of these smart technologies,” she says. Pilao adds that when these devices were manufactured, they were not built with the highest security systems that could prevent high-profile hackers from acquiring personal data or have full control of a device.
“When you put that in a commercial perspective, people have more ability to buy and integrate that into their lives. Don’t get me wrong; I am not saying it is bad. The challenge is that the manufacturers of some of these devices did not have security in mind when they built them. So, security wasn’t the priority,” Pilao explains.
The series of hacking, scamming and data scalping is perpetuated by people who do not recognise the bigger problem: the lack of knowledge towards online safety.
Pilao believes it is society’s duty to educate one another and build a safer space online. “I guess what we could really do is to be aware. It will really bounce back to your ability to educate yourself. Educate the people around you that these kinds of attacks do not exist in movies anymore. This is reality. It is time for us to debunk a lot of misconceptions about cybercriminals. The people behind these [hackings] are also smart. They are also using the technology that we are using. They are as advanced as we are; they are well-educated,” Pilao avers.
This is reality. It is time for us to debunk a lot of misconceptions about cybercriminals
The modern world is witness to the boundless gifts of technology; anywhere you look today, there is at least one man who keeps a phone in his pocket. But while the internet has proven its usefulness, the law of nature remains rigid—danger evolves with mankind. We must remain aware of hackers who are always on the prowl for their next victims.