The potential for consumers to become victims of cybercrime has skyrocketed as the speed of an attack rapidly advances. In almost 45% of the cybersecurity cases Palo Alto Networks recorded this year, attackers exfiltrated data in less than a day after compromise, meaning there are just hours to stop them. For consumers, the avenues for cybercrime are diversifying at speed. While Palo Alto Networks found phishing attacks dropped to just 17% in 2023, many more routes have opened up in its wake.
To shine a light on the various kinds of attacks consumers need to be aware of, from fake Wi-Fi networks to smart speakers, the experts from leading cybersecurity company, Palo Alto Networks, have provided the definitive guide for consumers to know how to stay protected against attacks, and keep their personal devices safe.
Haider Pasha, Chief Security Officer, EMEA & LATAM at Palo Alto Networks, said: “While the number of attacks, level of sophistication and methods used are rapidly evolving, the good news from a consumer perspective is that you can drastically reduce your chances of falling victim to a hack by following a few general good practices.”
“A great place to start is ensuring that you have two-factor authentication set up across all of your accounts and devices and also being really careful about which public networks you access. From there I think it’s about approaching any emails or text messages you receive with a level of suspicion as the number of phishing attacks that we’re seeing is still quite significant while being much more sophisticated,” he added.
Evil twin attacks
An evil twin attack is when hackers set up a fake Wi-Fi network in public settings such as restaurants, airports or malls, that mimics a legitimate one, tricking users into connecting to it. This allows attackers to intercept sensitive data such as passwords, emails, and credit card information. According to research from Forbes Advisor, four-in-ten people using a public Wi-Fi network have had their information compromised as a result. Consumers should avoid connecting to unknown Wi-Fi networks, use a VPN for encrypted internet access, and ensure that their device’s Wi-Fi settings are configured to prompt them before connecting to new networks. If consumers do join a public Wi-Fi network, they should avoid accessing sensitive information such as online banking or personal accounts, otherwise, they should consider using mobile data.
Juice jacking
Juice jacking is a tactic where attackers exploit public charging stations, such as those found in airports or cafes, to install malware or steal data from devices. When users plug their devices into these charging stations, malicious software can be injected or personal data can be syphoned off. Consumers should ideally carry their own portable power bank to charge devices in public places or carry their own charging cable to avoid connecting devices to unknown or untrusted charging ports.
Cryptojacking
Cryptojacking involves cybercriminals hijacking individual users’ computing power or companies’ devices to mine cryptocurrency without their knowledge. SonicWall found cryptojacking activity in last year alone exceeded the totals for all of 2018 and 2019 combined.
For consumers, this unauthorised activity can lead to increased electricity costs, reduced device performance, and potential hardware damage. To defend against cryptojacking, consumers should make sure they use antivirus software, keep their systems and applications up-to-date, and monitor their devices for any unusual performance issues or excessive resource usage.
Hackers target consumers with much more than just their phone or computer:
- Smart appliances: Smart refrigerators, coffee machines, and other connected appliances can be targeted by cybercriminals as entry points to gain access to more critical systems. Regularly update the firmware of smart appliances and ensure that they are secured with strong, unique passwords.
- Wearable devices: Fitness trackers and other wearable tech can expose personal and health data, which may have implications for businesses and consumers. Consumers should be cautious about the data they share with these devices, configure privacy settings to limit data access, and ensure that any device or app they use follows strong security practices.
- Car infotainment systems: Modern cars with internet-connected infotainment systems can also be targets for hackers. Attackers could potentially access a consumer’s personal data, track their location, or even interfere with system functions. To protect against this, consumers should regularly update their car’s software and be cautious about connecting unknown devices to their vehicle.
With attackers becoming more and more creative in the ways they’re targeting people, and at a time when we have witnessed a 49% increase year-over-year in alleged victims posting on ransomware leak sites, it has never been more important for consumers and businesses alike to take steps towards becoming cyber secure.
Remember, our phones and computers remain prime targets for cyberattacks. To protect personal data, consumers should always ensure that their devices have the latest security updates, use strong, unique passwords, and enable two-factor authentication whenever possible. Consumers need to be mindful of what they download or click on, and consider using antivirus software for an added layer of protection. Regularly back up your data to safeguard important information in case of an attack. As hackers continue to change their tactics, consumers too need to be aware of how they can stay vigilant against attacks.