Staying cyber security savvy
|Issued by: Oxbridge Academy|
[Johannesburg, 25 November 2016]
Not long ago, there was a meme circulating that went something like this: "Delete my browser history when I die." Our computers, mobile phones and tablets contain insights into everything we do and are. This is not limited to Internet searches, social media histories and threads of direct messages. It also includes online accounts and banking profiles, which are the most confidential aspects of our lives.
In the wrong hands, this sensitive information could ruin an individual financially and otherwise. And yet, the average Internet user is not as savvy about cyber security as s/he should be. Nobody ever actually reads the terms and conditions when creating a new account or updating an app. And we tend to use the same or similar passwords for everything.
Given that the holistic online shift is increasingly including education, with options such as online and distance learning, it's important to educate people on cyber security.
Let's have a look at some of the current cyber security issues to help protect against malware and identify fake news, adverts and sites. We'll explore what it means to be conned by clickbait, look at hackers and hotspots, and examine phishing and catfishing. Of course, this isn't all-inclusive, as online scammers are always developing novel ways to trick Internet users.
Conned by clickbait
Not all clickbait leads to false information; some cases are real stories using hyperbolic or sensationalist headlines or pictures to increase Web site traffic. However, false news stories and false job ads often take the form of clickbait too.
False clickbait stories play on our susceptibility to that irresistibly outrageous scoop. The ones that are too provocative or delicious to scroll past, even though you realise they're probably drivel, are the stories that have truly mastered the art and concept of clickbait.
News stories of questionable quality and accuracy use these suggestive headlines to lure mass viewers to their sites, which drives traffic and generates advertising revenue. According to Africa Check, these free sites "exist to make money from the ads they display".
Facebook-sharing is one of the main reasons these stories spread the way they do and, as Africa Check points out, responsible Facebook users should be more careful about what they share and should report fake news posts while selecting the "false news story" option as the reason.
Anyone can publish content on the Internet and, in some senses, this is a great thing. Information has become egalitarian and news hierarchies are being challenged by citizen journalism. However, people who get their news from Facebook and share posts without verifying them not only risk looking like total idiots, but can also contribute to the spreading of deceptive or harmful information.
Africa Check is particularly great at picking up false news stories as they arise, so I'd suggest checking out its site or following the company on Twitter @AfricaCheck to keep yourself updated. Definitely have a look at the Guide: How to stop falling for fake news for tips on verification and an important list of sites Africa Check has identified as known fake South African news platforms.
Something just as insidious as fake news stories is the phenomenon of fake job adverts. Fake job adverts often boast unrealistically high salaries, ask for cash upfront and use free e-mail addresses. While this is not done for advertising revenue, it can often lead to even more tragic results, as people can be tricked out of their money or confidential information when already under financial strain. This blog post on How to identify a fake job ad provides more information.
Hackers and hotspots
In South Africa, where mobile data is known to be expensive, public free WiFi hotspots are both convenient and necessary. The problem is, because public WiFi is free, it's accessible to everyone, including hackers. With students increasingly studying online and given South Africa's largely gentrified Internet – which increases reliance on public free WiFi hotspots – it's vital we become smarter when it comes to how we access and utilise the Internet.
Public WiFi often poses cyber security threats because it makes it easier for hackers to access your device and infect it with malware, "which will give them complete control over it". Apart from hackers on legitimate public WiFi hotspots (cafés, airports, etc), certain hotspots can themselves be fake or malicious, but have a similar name to a legitimate public hotspot.
According to Blogtrepreneur, there are various ways to stay hidden while using public WiFi. Your options include a VPN (virtual private network) proxy, which keeps your IP address hidden while you use public WiFi. This is a worthwhile option if you are dependent on public WiFi, particularly to access your personal online accounts. Another two options are to enable your firewall, if you haven't already, and to disable file sharing. On Windows, you can do this by selecting "public network" when connecting to public WiFi and Windows will automatically turn all kinds of sharing off.
As a rule of thumb, don't connect to WiFi hotspots you don't recognise, and if you are a frequent public WiFi user, consider the above precautionary measures to protect yourself from cyber criminals.
Phishing and catfishing
Phishing scams often abound in unsolicited e-mail links and can sometimes just pop up on your screen. Do not click on these. If you do and you're still unsure, the easiest way to spot a phishing scam is to "double check the URL of the Web site the link takes you to".[Source] Phishing scams have gotten much slicker these days and it's no longer always as obvious as the classic "you're our 1 000th user and have won $1 000 000!!!" pop-up.
Learn to tell the difference between a legitimate site and a phishing scam by taking this phishing quiz by Cisco Umbrella blog. According to this quiz, some warning signs include forged URLs that appear similar to genuine URLs, slightly off design elements such as poor image resolution and imitation logos, URLs that are blatantly different from the name of the site, "scare tactics"[Source] that threaten to delete your account and the use of IP addresses as a URL domain name.
Lastly, beware of the catfish. These are individuals pretending to be someone else using false pictures and/or life stories. Catfish generally play in online dating spaces and social media, but they exist across most online platforms.
There are more general tips too, like updating your anti-virus software and apps; and being careful about which flash drives, hard drives and mobile phones you plug in to your computer. Remember to use various complex passwords with symbols and numbers and don't keep them in obvious places.
Malware is an unfortunate reality today. So put some tape over your Webcam. Just kidding. Not really – I'd still use the tape.
#phishing #catfishing #clickbait #hackers #fakenews #identitytheft #cybersecurity