Equifax Data Breach: The Essential Protection Guide to Secure Your Data
As you most likely know, Equifax, one of the largest and oldest consumer credit reporting agencies from US, was hacked. Cyber criminals exploited a vulnerability in the company’s website application and impacted almost half of the US population. For almost two weeks everyone talked about this massive data breach and still do.
This is worrying for one particular reason: approximately 143 million US consumers may have had their sensitive personal information exposed and accessed by cyber criminals.
Besides the record number of data potentially compromised, there’s also a real concern about the impact of this breach for companies, users, consumers and everyone involved in this serious incident.
The number is impressive, because it represents about 44% of the US population and is considered to be one of the biggest data breaches of the 21th century.
Yes, data breaches happen on a daily basis and new findings from the Data Breach Index Report 2017 said that about 1.9 billion data records were exposed in breaches in the first half of this year. It’s a high increase of 164% from the same period of 2016.
You can’t help asking yourself: Is our data truly safe anymore? What happens with data security these days? Did Equifax manage this situation correctly?
Before we jump to any conclusions, let’s have a quick overview of the facts and see what actually happened for the last weeks with the Equifax data breach.
Essential facts: Here’s what happened
- From mid-May through July 2017, based on the investigation made by Equifax, this might be the period when malicious hackers had unauthorized access to its private data.
- July 29, 2017 – Equifax discovered the breach and “acted immediately to stop the intrusion”. The exposed data included names, Social Security numbers, birth dates, addresses and, probably, driver’s license numbers. The company also identified unauthorized access to limited personal information for certain UK and Canadian residents.
- August 1 and August 2, 2017 – According to US Security and Exchange Commision (SEC), a few days after the data breach was discovered, three Equifax executives sold their shares that worth nearly $2 million in the company.
- August 2, 2017 – Equifax contacted a leading, independent cybersecurity firm to assist in conducting an in-depth investigation to find out what happened and the specific data impacted.
- September 7, 2017 – The company officially made the cyber security incident public, disclosing that it involved consumer private information. They also created a dedicated website “to help consumers determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection”.
- September 15, 2017 – Equifax released new details on the data breach and announced new personnel changes: the retirement of their Chief Information Officer and Chief Security Officer, and the people who replace them as interims.
- September 21, 2017 – It was discovered that Equifax redirected consumers to a fake phishing site for the last two weeks! On Twitter, the company sent them to securityequifax2017.com instead of equifaxsecurity2017.com, the address of the official site Equifax created to inform users of the incident. Luckily, this fake site was created by the developer Nick Sweeting, who had no malicious intentions. Sweeting said that Equifax made “a huge mistake by using a domain that doesn’t have any trust attached to it [as opposed to hosting it on equifax.com]”.
What we know about the Apache Struts Vulnerability
It was discovered that the breach was caused by a security hole in the Apache Struts web application framework (CVE-2017-5638). It’s the one that supports the Equifax online dispute portal web application. This seems to be the initial attack vector leading to this massive data breach at Equifax.
The company stated that it “was aware of this vulnerability at that time, and took efforts to identify and to patch any vulnerable systems in the company’s IT infrastructure.”
Equifax also reported that:
- An unauthorized access to its system and certain files containing personal information happened from May 13 through July 30, 2017.
- This particular vulnerability in Apache Struts was initially identified in early March 2017 and disclosed by U.S. CERT.
In response, the Apache Software Foundation confirmed Equifax data breach and said they failed “to install the security updates for Apache Struts exploit in a timely manner”. The software maker released a patch for this vulnerability on 7 March 2017, the same day it was announced.
What cyber criminals can do with your data
Cyber criminals target users’ sensitive data and try to steal them, because they can sell or use it to blackmail the victims or request paying an amount of money to get it back.
Here’s a example of how malicious hackers sell credit card data on darkweb marketplaces:
Attackers can actually steal everything from personal information like name, date of birth, social security numbers to financial information (card details, account details, online banking credentials, etc.) and much more.
Here’s a short list of the most common cyber security attacks that can lead to significant data breach.
- Social engineering attacks mostly focus on social manipulation by using methods to convince people to perform certain actions or share sensitive information.
- Phishing attacks are among the most common and widespread online threats and cyber criminals use various easily have access to users’ most personal information.
- Malware attacks are so diverse and advanced these days that it’s hard to keep up with them. Cyber criminals use advanced methods to gain access to users’ data, expose them on the Internet and request paying a ransom in return. Malware can be hidden in so many places
- Internal threats may be often neglected, but represent a real danger for organizations that manage a large number of data.
- MitM (Man-in-the-Middle) attacks happen when cyber criminals change the victim’s web traffic and interpose themselves between the victim and a web-based service the victim is trying to reach. Basically, they control the communication between two parties who think they are directly communicating with each other. Thus, they can access
- SQL injections is another cyber attack that can cause an important data leakage. The tactic used is via used code injection to attack applications which are data-driven. Through this attack, malicious hackers can access, modify, delete or destroy confidential data. They can also make it unavailable and take full control of the database.
How consumers can protect their data – a data breach protection checklist
“Was my data affected?” is probably the first thing that came to everyone’s mind after the aftermath of the Equifax breach.
While it’s best to have a plan in case you’ve been affected by data breach, we recommend you go hrough this protection checklist.
While it’s great to have a plan in case you should ever be affected by a data breach, it’s even better to prevent it from happening.
Here are what we recommend you consider doing:
- Check to see if your data have been affected by the Equifax breach. You can check out their dedicated website, or call the dedicated hotline set up to assist consumers: 866-447-7559. The call center is open every day (including weekends) from 7:00 a.m. – 1:00 a.m. Eastern time.
- Verify your banking account and all your financial information, including credit details related with Equifax.
- You might consider placing a credit freeze on your credit report, if you have one.
- Don’t disclose your personal information to unauthorized persons
- You can use this website: https://identitytheft.gov/ to report an identity theft
- If you are running financial transactions, make sure you always visit a secure web site address that starts with “https://”
- Keep your software up to date. All your software, all the time. You should check why experts recommend software patching and why they believe is an essential key for our online security.
- Keep at least 2 backups of your data in two different places, separately from the devices you use on a daily basis.
- Secure your passwords by using a strong password manager tool and two-factor authentication.
- Keep your sensitive data away from cyber criminals and encrypt it before doing a backup. We recommend using these free tools to help you out and hide data from them.
- One layer of protection isn’t enough, so you might want to protect your system and all data available on your devices with multiple layers of security. Having a multilayered security system might help diminishing any potential threat.
- Choose an antivirus program to protect your system and this guide can help you find the one that suits your needs. You can enhance protection and complement your antivirus program with a proactive security solution
- It is worth mentioning that no solution can guarantee 100% protection for your devices, but it’s your duty to take all the needed security measures.
- We’ve said this before and we’ll keep repeating it. Education is your most powerful weapon against these potential cyber attacks. It is vital to educate yourself on cyber security issues and learn as much as possible to keep your data protected.
Remember that data breaches happen often these days and both users and organizations should take all the needed security measures to stay ahead of such cyber attackers and protect their sensitive data.
What has this massive Equifax data breach taught us?
Hopefully, this was a wake up call for everyone who understands and realizes the importance of cyber security. Protecting our data is essential, so data security must be one of the top priorities for both users and organizations. Cyber criminals don’t target only large organizations, but also home users.
In the light of this recent data breach, companies should rethink their business strategy and invest effort in keeping their sensitive information under the most strictest security conditions. Users need to better understand how and why these cyber threats still work. They also should have a proactive mindset for investing and learning how to stay safe online.
Security Alert: Cyber Criminals Slip Backdoor in CCleaner to Potentially Spread Malware
IT infrastructure is important for any company to better perform on the market. And every part of the system should provide maximum security and safeguard sensitive data. But unfortunate incidents happen, critical pieces of infrastructure are affected and produce business disruptions. Like this recent one with CCleaner, a popular PC cleaning software app.
The attack against CCleaner has been labeled as a “supply-chain attack” which involves exploiting vulnerabilities in the supply network used by a specific organization.
CCleaner, one of the most widely used PC cleaner and optimization applications created by Piriform and acquired in July 2017 by the antivirus company Avast, has been compromised by cyber criminals. Attackers managed to infiltrate two versions of CCleaner and slip backdoors into them, potentially impacting millions of devices and their users.
If you are using the older version of CCleaner app, 5.33 and above, you should upgrade to the 5.34 version immediately.
Here’s what we know so far
- A compromised version of CCleaner was released on August 15 and “went undetected by any security company for four weeks” said Avast on an updated article on their blog
- Morphisec researchers identified and prevented CCleaner.exe installations on August 20 and 21, at customers logs, and some of them shared their logs on September 11
- The following day, on September 12, Morphisec started the investigation and notified Avast about its findings to identify the issue
- Separately, Cisco also reported this problem to Avast on September 13
- Avast first learned about the compromise on September 12, and, by the time the Cisco message was received (September 14), they already analyzed the threat, assessed its risk level and started investigating the root cause of the issue.
- Avast worked with law enforcement in the US and the offending Control and Command server was taken down on September 15
- During that time, the Cisco Talos team was also working on the issue, and registred the secondary DGA domains. With these two actions, “the server was taken down and the threat was effectively eliminated”
- The Piriform and Avast teams provided a quick fix for CCleaner users by assuring that the currently shipping version (5.34) and previous versions didn’t contain the threat.
- Then they released a fixed version 5.33.6163, identical to 5.33.6162 but with the backdoor removed
- Avast notified the remaining users to upgrade to the latest version of the product as soon as possible
- On September 18, Piriform made the official announcement on their blog about this security issue providing. “Older versions of CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 for only 32-bit Windows users had been compromised in a sophisticated manner”.
- September 19: in the update, Avast said about this incident that they will keep updating it and “to take all possible measures to ensure that it never happens again.”
CCleaner is a popular application that helps users clean unwanted files on various programs by saving and optimizing the hard disk space for a better performance.
It’s also worth mentioning that, for almost one month, 2.27 million people used the affected version of CCleaner.
Since November 2016, CCleaner has had over 2 billion downloads worldwide, with a growth rate of 5 million desktop installations per week, so the potential impact that cyber criminals wanted to achieve was massive!
Given the proactive approach of the Avast team, the number of affected people went down to 730,000 users still using the affected version (5.33.6162).
The company is strongly encouraging users to download the latest version available, 5.34 or higher of the application to avoid being exposed to a potential attack.
What is a supply-chain attack
Definition: This type of attack initiated by cyber criminals aims to damage an organization by leveraging vulnerabilities in its supply network. Basically, hackers often manipulate with hardware or software during the manufacturing stage and implant rootkits or tie in hardware-based spying elements. The malware has been delivered through a backdoor, and still remaining undetected.
Such attacks are effective mainly because cyber criminals try to spread malware throughout the target organizations by leveraging an resource used internally.
The current publicly available information suggests that cyber criminals managed to access the company’s download servers used by CCleaner and deliver compromised versions of the app to unsuspecting users. No specific details about malware delivery through these impacted versions have surfaced so far.
When the trust relationship between a manufacturer/supplier and its customers is abused, it leads to confusion among all parties involved in the process. This was one of the consequences of this compromise, which is why we’re aiming to provide guidance and help you understand the situation better.
How to check if you’ve been affected
If you are one of the users who have installed CCleaner older versions, your device is at risk! Please read on.
The attack affects anyone who’s been downloading CCleaner version 5.33 or updated their app to this version between August 15 and September 12, when the new 5.4 version was released.
The first thing to do is to check for updates and see if you have the new, 5.4 version of CCleaner.
Should I still update my software? What if it’s infected?
It is worth saying that software patching is one those proactive things we can do to enhance our security online. And we still need to take all needed measures to update our software products. We highly recommend reading our roundup on what security experts have to say about the importance of software patching.
Despite observations that these kind of attack are on the rise, the reality is that they remain extremely rare when compared to other kinds of attacks users might encounter. This and other supply chain attacks should not deter users from updating their software. Like any security decision, this is a trade-off: for every attack that might take advantage of the supply chain, there are one hundred attacks that will take advantage of users not updating their software.
We quoted the Electronic Frontier Foundation which is a leading nonprofit organization defending civil liberties in the digital world. Their work is focused on ensuring that rights and freedoms are enhanced and protected as the use of technology quickly grows.
How to fend off supply-chain attacks if you’re a home user
- Whenever possible, choose official and trusted software products to protect your data
- If you are using CCleaner, see what version you’ve installed on your computer
- If you’ve been using the affected version, do a scan for your system and check for a potential malware infection
- Protect your data with at least two backups: one on an external hard drive and another one in the cloud. Also, check that your backups are intact and can be restored if you need to.
- Use a proactive security solution to provide multi layered protection for your devices
- Keep your system and all software up to date, because the latest security updates are especially important.
- Knowledge is the best weapon you can use, so take action and learn about cyber security and how you can prevent cyber threats.
How you can protect your company from supply-chain attacks
In a business environment, the supply chain, whether concerning a manufacturer or a service provider, is a prime target for cyber attacks. Here’s what you need to do to maximize your protection against these attacks.
- Supply chain security is every company’s responsibility and you need to take all necessary security measures to protect your customers
- It is vital to have a crisis plan in place, but also to focus some of your resources in proactively manage cyber security risks, no matter the attack type they’re related to
- Raise awareness among your employees of how such cyber attacks can occur.
- Clearly define the regulatory compliance between you and your suppliers and ensure that all due diligence is covered
- Monitoring your supply chain’s access to your company data and network
- Make sure the supply chain vendor has clear security policies and procedures that you are aware of
- Be proactive and implement a solid IT infrastructure in your company
- If you’ve been using or downloaded CCleaner 5.33 or updated this version, immediately update to the latest version of CCleaner 5.4 on all your devices. Keeping software up to date can prevent from being infected and remove the backdoor code from their systems. If possible, restore the affected endpoints to the state before August 15.
- All companies should have a backup strategy to safeguard their sensitive data.
This recent incident is a reminder of the danger that are supply chain attacks. Cyber criminals took advantage of an essential piece of infrastructure to reach and impact a potentially large number of users.
Users did not expect such attacks to happen, as neither did Avast or Piriform. Still, the company reacted promptly and allocated time and resources to solve this incident to the best of their abilities.
Although no one wants to see this situation happen again, it could happen to any tech company, unfortunately. This is why situations like these prompt us to look at our own security habits, both as individual users and as employees and companies, and see how we can contribute to our overall safety.
Did you know about this security incident? What questions did it trigger for you? (Maybe we can help with some additional answers.)
Written by: IOANA RIJNETU
CYBER SECURITY EVANGELIST
5 lessons small business should learn from recent cyber attacks
If the recent cyber attacks have taught us anything, it is that most people are dangerously unprepared for them. Cyber security should be at the forefront of virtually every industry yet it is often treated as an afterthought.
Small businesses are in a particularly disadvantaged position. Even so, many are unaware of the dangers they are already facing. The truth is that an estimated 43 percent of cyber-attacks target small businesses, so there are many lessons to be learnt here.
1.Attacks are random and unpredictable
Cyber-attacks cannot really be predicted, unless we are talking about very specific targets which constantly come under fire. In regards to small businesses, however, cyber-attacks do not have specific patterns and can pretty much come at any point.
Let us take the WannaCry ransomware as an example. On 12th of May 2017, within the course of a single day, the WannaCry ransomware was released into the wild and managed to infect more than 230,000 computers worldwide. In the end, the number rose to more than 300,000.
Even high-profile companies and organizations such as FedEx and the UK’s National Health Service were victims of the attack. No one expected the attack and if it wasn’t for the accidental hero who managed to stop its spread, a lot more computers would have been infected.
You may be familiar with the phrase “eternal vigilance is the price of liberty”. The phrase could easily be modified to “eternal vigilance is the price of cyber-security”. When attacks are this random, they should always be expected.
2.Do not assume you are safe
Nowadays, privacy is at a premium. Learning how to protect your privacy and security is a vital skill. If you are a small business, you also have the responsibility of protecting your users.
Perhaps the most common mistake by small businesses in regards to cyber security is that they assume they will not be attacked. For instance, some believe that they are too small to be of any concern to hackers.
This, however, is not always a correct line of thinking. In fact, plenty of hackers specifically target small businesses exactly because they are small. Hackers know that many businesses will not protect themselves against cyberattacks and so they consider them easy targets.
Even security experts with years of experience and exceptional technical expertise cannot predict when and where the next attack will strike. Any business could be affected, particularly those who believe themselves to be safe without actually doing anything about it.
3.Treat the cause and not the symptoms
Preventing a cyber-attack is a far more logical process than attempting to treat its symptoms. For those affected by WannaCry, for example, there is no good course of action: the encrypted files are not recoverable, and paying the ransom is inadvisable and is extremely unlikely to have any success.
As far as all cyber threats are concerned, prevention is vastly superior to treatment. What prevention means, however, will vary widely across small businesses, depending on how they wish to approach potential issues.
For example, many will be content with simply putting up security measures in place and having a decent IT team to install security patches and other defensive mechanisms. Others, however, will want to go a step further and be proactive in their defense.
This might mean continuous monitoring to detect potential threats and constantly testing their systems by making use of external cyber-security teams. Of course, all of these can be expensive processes, so you will need to balance your budget against potential threats.
4.Do not neglect security
This point is so important that it merits constant repetition. Security should not be neglected for any reason, including budget-related concerns. While it is certainly understandable that keeping an IT team or upgrading equipment is a major hassle, neglecting security may well result in catastrophe.
You may think that downtime is unbearable but losing important files or having customer records leak is, without a doubt, a worse fate. Some of the computers infected with WannaCry were still running Windows XP, for example, despite the fact that extended support for the OS ended more than three years ago.
Even those who were running newer operating systems such as Windows 7 had neglected security for one reason or the other, resulting in unpatched systems which were obviously vulnerable to the cyber-attack.
5.You may be a stepping-stone to something larger
If your corporate associated are huge enterprises and you hold data which could be considered sensitive, or if your business has a way to access such data or other important information, then assume you may be targeted soon.
While some large corporations will set up security for their smaller partners, in the majority of the cases they expect their partners to take care of such matters themselves. In fact, you may even be held responsible if information is leaked.
Of course, these are matters that should be discussed and arranged with any corporate partners you have, regardless of how big or small they are. Protecting all data you have access to, however, should be standard practice.
Article published by the next web
Jaff ransomware, one of the newest and fast-rising strains, has been sweeping the world in the past month. As it turns out, the operations behind it run much further than malicious data encryption.
While analyzing a recent variant of Jaff, researchers have uncovered that this ransomware type shares server space with a refined cyber crime web store.
As observed in previous campaigns, the Jaff ransomware infection starts with a malicious PDF, which, when opened, prompts the user to click on an additional file, while triggering the infection in the background.
By following the trail and digging deeper into cyber criminal infrastructure, researchers discovered the web shop that provides access to tens of thousands of compromised bank accounts, complete with details about their balance, location and attached email address.
Malicious hackers can use Bitcoins to purchase stolen credit cards, some of which have already been verified, and compromised accounts on Paypal, Amazon, eBay and many more.
Prices per item vary from under a dollar to several Bitcoins.
Access to the marketplace doesn’t include a vetting process, making the barrier to entry quite low for malicious actors of all kinds.
What’s more, the shop also includes filters, so the buyer can find the targets with the most lucrative potential. For example, the screenshot below shows that the compromised accounts from New Zealand bank ASB listed in the shop total up to $275,241.
Banks from all over the world are listed, ranging from German financial institutions, to US and Australian ones. The highest volume of compromised records appears to originate from these countries: USA, Germany, France, Spain, Canada, Australia, Italy and New Zealand.
Other types of user accounts that include financial data are available as well. Unsuspecting Internet users who have shopped online at Apple, Bed Bath & Beyond, Barnes & Noble, Best Buy, Booking.com, Asos.com and many other ecommerce portals can become victims of cyber fraud or other types of malicious activity.
This doesn’t mean that those specific web shops have been compromised. Cyber criminals use a wide range of tactics to get into victims’ accounts, often focusing on breaking weak and/or reused passwords.
Black hat hackers can not only harvest financial data from these accounts, but also use them to make purchases through them.
Credit card data remains one of the hottest commodities in the malware economy, providing easy access to cash, which cyber criminals can then turn into untraceable Bitcoins.
The server used for these criminal operations is located in St. Petersburg, Russia and is hosted on 5.101.66 [.] 85 (sanitized for your protection). The same server is also part of the infrastructure that fuels the Jaff ransomware attacks that have been sweeping across Europe and the rest of the world.
The cyber crime marketplace uses the following domains (sanitized for your protection):
This discovery shows once more that cyber criminal operations focus on diversifying their assets and revenue channels so they can play an increasingly larger role in the malware economy.
As we know, a ransomware attack never stops at just encrypting data. It also harvests as much information as possible about the victim.
What’s more, some of the largest data breaches in the past years (Target, Home Depot, TJX Companies, etc.) have targeted payment card data, constantly feeding the Dark Web with stolen credentials to be sold and purchased.
The information advantage is an ace that black hat hackers want to own, so they can play it at the right time.
By combining these informational assets, cyber criminals are engaging in both the long game, required to monetize stolen card data, and in quick wins, such as targeted ransomware attacks, whose simpler business model yields a fast return on investment.
It can happen that we will see these two models combined, with data breaches becoming accompanied by subsequent ransomware attacks, which would make it a nightmare for companies to deal with.
The best protection against these attacks, for companies and home users alike, remains proactive security accompanied by at least basic cyber security education.
*This article features cyber intelligence provided by CSIS Security Group researchers.
Article published by Heimdal Security
We use computers to pay bills, shop online, chat and even keep in touch with friends on social media platforms. You might not realize it, but this makes us vulnerable.
Because we willingly broadcast over the Internet valuable details, such as our credit card information or bank account credentials – information usually needed by cyber criminals – we can never be too careful when securing our financial transactions or personal information.
A 2016 report from the PricewaterhouseCoopers indicates that cyber crime is the “2nd most reported economic crime, affecting 32% of organisations.” And the same study reveals another cause for concern, apart from the economic impact:
The insidious nature of this threat is such that of the 56% who say they are not victims, many have likely been compromised without knowing it.
The data clearly shows that cybercrime affects individuals and global economic growth. Cyber attacks on financial institutions or with financial consequences for users like you and me are putting financial assets at risk. Consequently, financial data protection should be a strong concern for anyone.
So is there a way to for our online activities to remain private and safe from cybercriminals?
Definitely! Here are a few best practices that will keep your system protected:
1. Check the link before you click it
Pay attention to the links you want to access. To make sure you are not deceived, simply hover the mouse cursor over the link to see if you are directed to a legitimate location.
If you were supposed to reach your favorite news website, such as “www.cnn.com”, but the link indicates “hfieo88.net“, then you should resist the urge of clicking the link. Hyperlinking is a common practice in phishing attacks and it’s always best to double check embedded URLs.
Most of us use shortening services for their links, such as goo.gl or tinyurl. But in some cases an unknown link may send you to a malicious site that can install malware on the system. So, how can you know where you’ll arrive if you click it?
To make sure you are about to access the right online destination, use a free tool such as Redirect Detective. This tool will allow you to see the complete path of a redirected link.
Alternatively, you can also check the suspicious links using a reliable URL checker, such as VirusTotal.
2. Check the file before you click it
We all know malware is everywhere. But how can we make sure a file (or an executable file) we just downloaded is what it’s pretending to be? Can we tell the difference between a safe file and a malicious one?
An important step for everyone is to use a browser which integrates a reputation-based technology. This technology uses a cloud scoring system to analyze each application downloaded and where it comes from. As a result of the analysis, websites that distribute malicious software – not yet detected by existing defense mechanisms – are more easily blocked. For more details, you can access the following article.
To make sure you are not running a malicious executable file (which may download a Trojan virus on your system), use VirusTotal, which analyzes suspicious files on multiple antivirus solutions.
3. Use secure websites to run financial transactions
Financial operations and transactions should be given high scrutiny, as they hold the key for cyber criminals to cashing out your life’s savings.
Here’s how to make sure you visit a secure website:
- Look to the left of the web address and find the “Lock” icon. This indicates that you are visiting an encrypted and/or a verified website.
- Make sure the web address starts with “https://”. The “s” comes from “secure socket layer” and it indicates you are connected to a website where data, which is sent and received, is encrypted.
4. Set strong passwords for your accounts
Your passwords should contain around 20 characters. Don’t forget to combine upper and lowercase letters, numbers, and symbols. Don’t use the same password for all your accounts. Make a habit of changing your main passwords every 30 days. Even if you are hacked, having different passwords for each account will help you limit a potential loss.
For more information on how to set strong passwords and manage them safely, see our step by step guide on password security. This includes details on how to use a strong and secure password manager like LastPass or Sticky Password.
5. Use two-factor authentication
This is one of the best ways to ensure your online accounts or your email inbox are not accessed by anyone else but you.
This option means that, besides entering your credentials, you will be required to enter a one-time code sent to your phone. Use this method to protect confidential information from social media accounts, such as Facebook, Twitter or valuable data from email accounts.
6. Log out
As soon as you’re done with financial operations on your e-banking platform, don’t just close the web browser, but always log out.
We recommend you also use a virtual browser for your financial operations (usually sandboxed) that’s designed to keep your online banking secure. You can find here some recommendations for free browser protection tools.
Private browsing sessions are also recommended if you want to prevent authentication credentials (or cookies) from being stored.
7. Don’t reply to unknown emails
Don’t reply to emails that offer an unexpected present or prompt you to update your security information.
It is a classic phishing scheme through which you are tricked into sending personal details, such as credit card information or personal data. If you’re not sure whether the email is from your bank or not, simply contact the bank directly for more information.
8. Use official banking apps
If you want to manage financial transactions on your mobile, install the official mobile application of your bank. To make sure you have the right application, contact your bank directly or access their official website.
9. Don’t post private information on social media account
Exposing personal details may lead hackers into finding your financial information. For the same reason, check your kids’ social media behavior to make sure they won’t expose private information that may possibly be used against you, in phishing attacks.
10. Don’t access questionable web locations
Don’t access or download content from unknown or controversial locations. Access websites that proved to be safe and you know you can trust.
Nevertheless, this is not a guarantee that you won’t get infected.Nowadays, cybercriminals exploit vulnerabilities in legitimate websites and inject malicious code, as to perform drive-by attacks on unsuspecting visitors. It may be a free screen saver or a browser toolbar that may infect you with a keylogger that can record and send your personal data to cybercriminals.
To make sure your system is protected and your credentials are not exposed, install a security product, such as Heimdal PRO, which can detect and stop malicious hackers from stealing valuable information from your system.
11. Use a good antivirus program
It is important to use a reliable antivirus solution on your system, one that includes real-time scanning, an automatic update (to stay clean even against the latest threats) and a firewall, which monitors and guards your network activity.
To choose the best solution, access the antivirus test results run by established names in the security industry, such as AV Comparatives, PC Magazine, AV-TEST or Virus Bulletin and select the best security solution for your system.
We have to mention now that a traditional security solution can hardly protect you against the advanced financial malware created to steal your private data and confidential information. To protect you against the most dangerous credential-stealing threats, such as Zeus Gameover (P2P) and Cryptolocker, you need security solutions designed to address these threats.
12. Use a dedicated security solution against financial malware
Install a security solution designed to protect your system from financial malware and phishing attempts.
By employing advanced anti-phishing and anti-malware technologies, Heimdal PRO has been designed to detect and block phishing sites and malicious servers from stealing your sensitive information. It can shield your PC from a man-in-the-browser attacks, detect Zero Day exploits and prevent data loss or network infections.
Heimdal offers another layer of security that normal antivirus products cannot provide.
To improve the financial control of your online banking account, you can set banking alerts to track your account activity. To set a tracking alert for your bank account, contact your bank directly for more information.
13. Don’t be vulnerable. Update your software.
Cyber security experts always advise to keep your operating system, web browser and the main software applications you use up to date by installing the latest security patches. The updates are mainly released to cover security breaches. Unless you keep your software updated, you will be exposed to the latest threats.
Better yet, use a free product to take care of your software updates and just kick back. This will secure your system by installing the latest security updates and patches for the software such as:
- Adobe Shockwave
- Adobe Flash (plug-in/player)
- Adobe Acrobat reader
- Google Chrome
- Mozilla Firefox
- Internet Explorer
- CCleaner and more.
14. Back it up
Even if the steps above will keep you safe from IT criminals and malicious software, there may still be hardware issues that could endanger your valuable data. To make sure your private information stays safe, we recommend using a twofold strategy, which should include combining an external hard drive usage with an online backup service.
Before jumping to the list of available online backup services below, we have to point out the necessity to select one which provides:
- stability (so look for a big company name)
- ease of use (so you won’t have a headache backing up from files)
- the possibility to synchronize your files with the online backup servers/li>
- some sort of security, such as encryption capabilities.
Check out our data backup guide for a free plan to start making copies of your digital assets so you can keep it safe from harm.
15. Use common sense
The steps we presented are just general guidelines and cannot guarantee total protection from all the malware out there. Use common sense if you want to access random websites, run online games or purchase from online locations you didn’t use before.
Instead of a conclusion
Our own reports from 2013 suggest that financial malware was responsible for more than 55% of the cases where corporations lost valuable information, while only 25% of data theft malware was detected by traditional antivirus software.
Low detection rates are caused by polymorphism, which means that malware is able to constantly change behavior and attack methods. The problem of data theft is growing, because data theft is no longer targeting a single PC, but the entire network by spreading from one computer to another.
At the beginning of June 2014, Operation Tovar was launched, in an international joint effort between multiple countries and major law agencies, such as U.S. Department of Justice, Europol, the FBI and the U.K. National Crime Agency to detect and stop these type of attacks.
Therefore, we are not alone in this fight against financial malware. Using a security solution is a must and we should combine traditional protection methods – signature based antivirus programs – with advanced detection technologies – to protect against polymorphic financial malware.
Do you have any other favorite tips, tools or recommendations in order to maximize your financial data security?
Last week Qustodio reached the incredible mark of 1,000,000 users, an astonishing feat representing the successful validation of our story as a startup company and signaling the beginning of a new and exciting chapter as a global player.
During the last 5 years since our official launch we have helped parents and organizations in over 240 countries across the world improve the way they supervise their connected devices.
We’d like to thank you for depositing your trust in us, and understanding the value proposition that makes Qustodio so unique. It’s people like our longest running active subscriber, a Canadian, who first signed up for Qustodio back in October 2011, and our first ever paying customer, a Minnesotan, who signed up in November 2012, that have made us the most popular brand in the space.
Interest over time according to Google Trends
We want to thank all our current and past users, subscribers, customers, employees, partners and collaborators for being part of our success.
The Qustodio Team.
(Published by Qustodio)