Personal Cyber Exposures

POSTED ON April 3, 2023

As the world around us becomes more and more dependent on technology, our daily lives may become easier. At the same time, we are also unintentionally opening ourselves to many new potential risks. Cybercrime is a growing threat. A new “hack” is in the news every day. There are more than 4,000 daily ransomware attacks in the United States  according to the FBI. That’s a 300% increase since 2015, which averaged 1,000 ransomware attacks each day.  Keep reading to learn about the various types of personal cyber exposures we all face every day.

Cyber Attacks

A cyber-attack occurs when a bad guy attempts to maliciously break into the  computer or phone of another person or organization. Many parts of our homes and home-offices are now dependent on technology and as a result, our “connected homes” are at greater risk for cyber-attacks.

Two common types of cyber-attacks are spear phishing and phishing.  Phishing emails use a broad approach that involves sending bulk emails to massive lists of unsuspecting contacts.  On the other hand, spear phishing is targeted and personalized to a specific individual. In both instances the hacker entices a victim to share sensitive information — such as passwords or account numbers — or to download a malicious file that will install viruses on their computer or phone. Once this information is obtained the hacker will log into your accounts and gain access all your personal information, including credit card, banking, and other extremely sensitive information.

These are just a few of the ways we are exposed to cyber-attacks every day.   Many times, the attacks happen in ways we would never expect it.  Hackers know that people are naïve when it comes to their cyber vulnerability. Hackers capitalize on this by tricking people when they’re least expecting it.

Almost everyone has gone out to dinner since the Covid-19 pandemic and has had to scan a QR code on their phones since restaurants have started replacing physical menus with virtual ones.  Hackers are then able to put their own QR code over the restaurant’s code. Since you can’t see the URL prior to scanning the QR code, you then scan the bad code and they can misdirect you to a bad site like a malware or phishing website.  Businesses also use QR codes to facilitate payment. A business provides customers with a QR code directing them to a site where they can complete a payment transaction. However, a cybercriminal can replace the intended code with a tampered QR code and redirect the sender’s payment for cybercriminal use. An FBI article: https://www.ic3.gov/Media/Y2022/PSA220118.  And never download a QR code scanner app. Most phones have a built-in scanner in their cameras. Or you should manually download an app from your phone’s app store.

Cyber Extortion

Cyber extortion typically occurs after a phishing incident.  You click on a link in an innocuous looking email and suddenly your computer has malware downloaded onto it.  After this you are unable to access any of your accounts and the hacker will send a ransom demand and until you pay it you cannot gain access to your accounts.  Another example of cyber extortion is if after a hacker gains access to your account and personal information they may seek a demand or ransom to not leak your private information – such as personal photographs or personal information.

Cyber Bullying

Social media has become a part of daily life for most Americans.  People share their lives with people all over the world who they may or may not know.  With your personal story out in the world, you open yourself up to personal cyber bullying attacks.  Victims of cyber bullying have had a hacker break into their social media account.  They then post or send damaging information in the name of the victim to shame the victim or make the victim look bad.  As a result, people have lost their jobs and suffered severe personal and financial trauma.

As we move further into a digital world, and with the rise of artificial intelligence, the risk of cyber-attacks will increase, and we will see new types of attacks arise.  This article isn’t intended to scare you off technology.  It is important to be aware of the threats to help you and your family avoid them.

• Don’t click on suspicious links
• Don’t send any personal or banking information to anyone unless you confirm by old-fashioned phone call that you are sending it to the actual person you are supposed to send it to.
• Even if you think the email or text you received is from a friend or colleague, it’s imperative that you call and confirm with the sender that they just sent you the message.

Another important step is to enable MFA (multi factor authentication) on all technology that offers it, such as your email or banking apps. While requiring an extra step, MFA is a multi-step account login process that requires users to enter more information than just a password. For example, along with the password, users might be asked to enter a code sent to their email, or a text message, answer a secret question, or scan a fingerprint. A second form of authentication can help prevent unauthorized account access if a system password has been compromised.

In the event of a successful attack, cyber insurance is available to help.  An added feature of cyber insurance is often a hotline to offer immediate help. You can read more on our cyber insurance page or contact us at 781.444.3050 to discuss this.  Our article next month will dive further into this important coverage as part of your personal insurance profile.