Thursday, April 16, 2026
Home Blog Page 296
AI cybersecurity guidance for small businesses

Know where your business is exposed, what matters most, and what to fix first.

CyberExperts gives small businesses AI-generated cyber checkups, practical recommendations, and recurring cyber hygiene monitoring — without enterprise consulting complexity.

Get an AI Cyber CheckupSee how it works
AI Cyber CheckupIdentify likely weak points and get a prioritized action plan.
Recurring MonitoringStay current with updated cyber hygiene guidance over time.
Built for SMBsPractical recommendations for real-world small business setups.

Most small businesses know cybersecurity matters. Very few know what to fix first.

CyberExperts turns cybersecurity confusion into a practical action plan. Instead of vague fear, generic checklists, or expensive consulting, you get AI-generated guidance focused on likely risks, weak spots, and the most important next steps.

How it works

1. Tell us about your businessShare your team size, tools, email setup, device practices, and current security habits.
2. CyberExperts analyzes your setupOur AI reviews likely weak points, common risks, and practical cyber hygiene gaps.
3. Get a prioritized action planReceive clear next steps in plain English — focused on what matters most.
4. Stay current with ongoing monitoringAdd recurring cyber hygiene monitoring if you want updated guidance over time.

Start with a checkup. Continue with monitoring.

AI Small Business Cyber Checkup

A one-time AI-generated assessment that identifies likely weaknesses, highlights the biggest issues, and gives you a practical action plan.

  • Likely weak points and avoidable risks
  • Top-priority recommendations
  • Plain-English next steps
Start Checkup

AI Cyber Hygiene Monitor

A recurring cyber hygiene subscription that updates your recommendations, flags likely weak spots, and helps you stay current over time.

  • Recurring reassessment
  • Updated recommendations
  • Refreshed priorities over time
See Monitoring

What CyberExperts does — and does not do

Done by AICyberExperts is built as an AI-delivered cybersecurity guidance product.
For small businessesDesigned for operators who want practical guidance without enterprise complexity.
Not a magic guaranteeIt helps identify likely risks and prioritize what to fix first.
Recurring option availableContinue with ongoing Cyber Hygiene Monitor updates over time.

See your biggest cybersecurity gaps in plain English.

Start with an AI Cyber Checkup and get a practical view of what to fix first.

Get an AI Cyber CheckupView Monitoring

What is skimming in cybersecurity?

George Mutune
-
0
What is skimming in cybersecurity?

What is skimming in cybersecurity? Skimming in cybersecurity refers to cybercriminals’ strategies for capturing and stealing cardholders’ personal payment information. Identity thieves use various approaches to obtain card data. One of the most advanced methods is using a small skimming device designed to read a credit card’s microchip or magnetic strip information. Criminals can execute skimming attacks whenever a cardholder opts for electronic payment methods in a physical location.

Digital skimming methods are also widespread. Often referred to as e-skimming, digital skimming is similar to card skimming. The main difference is that hackers can execute e-skimming remotely and collect card information in real-time.

Why you should be worried

According to the Kaspersky Security Bulletin Statistics of the Year Report, unique malicious objects increased by 13.7% in 2019. Web skimmer files largely contributed to the growth since they registered a 187% rise, reaching a total of 510,000. The web skimmers were also among the top 20 online malicious objects, sitting at position ten.

With the outbreak of COVID-19, most countries enforced lockdowns to contain the virus from spreading. Subsequently, online shopping increased tremendously, and so did credit card skimming. Malwarebytes reported a 26% increase in credit card skimming in March 2020 compared to the previous month. Although there was a small rise of 2.5% in web skimming blocks from January to February before the 26% increase in March, Malwarebytes holds that the trend will continue rising in the coming years.

Credit card skimming accounts for 30% of all data breaches targeting retailers. Attributing nearly a third of retail data breaches to credit card skimming signifies how widespread the vice is. The situation worsens since at least 60% of websites lack HTTPS security, leaving credit card information exposed to e-skimmers. It is also vital to note that of the reported credit card skimming attacks, 87% target self-service stations like petrol stations.

What is skimming in cybersecurity? – The 4 types

Credit card skimming

Debit and credit card skimming occurs in different forms. These include:

1.  Hand-held point of sale skimming

Similar to other types of attacks, insider threats are the most common in skimming schemes. A hand-held skimming method is where an insider, such as a waiter or store clerk, uses a skimming device to copy credit card details. Cybercriminals mostly employ the tactic in retail establishments. An adversary only requires to swipe the credit card in a skimming device to capture the information stored in the magnetic stripe. The information can be downloaded later for use in malicious activities. With skimming devices being small, adversaries can conceal them easily, making hand-held POS skimming common.

2.  POS swaps

POS swaps are prevalent skimming methods in cybersecurity. The process entails fraudsters replacing a secure POS device with one whose protection features have been compromised. Also known as POS device tampering, a POS swap attack occurs once adversaries tamper with a POS and PIN entry device. Cybercriminals usually steal the devices from specific retailers and manipulate them by infecting them with malware or placing a small skimming device in the terminal software. A fraudster then returns the compromised devices and waits for the skimming devices to copy and collect card data from all customer transactions. The cybercriminals wait for an opportune time and come back to replace the skimming devices and steal the copied card data.

3.  Self-service skimming

Criminals execute self-service skimming attacks on self-service terminals, such as ATMs, gasoline pumps, and other similar terminals. Cyber adversaries usually pose as technicians to gain easy access to the service terminals and install a skimming device. The fraudsters install the devices inside the terminals’ enclosures such that they cannot be detected from the outside.

Attackers then connect the devices directly to the service terminals’ card readers and keypads such that they copy all card PINs and data once a user swipes them. Some criminals use advanced skimming devices to relay the copied information through wireless technologies, such as Bluetooth, to a computer hidden in a close location. Other fraudsters enhance their methods by installing pinhole-sized cameras in strategic locations to collect PIN information as soon as a customer enters it. Card data and PIN details provide criminals with enough information to compromise credit cards and use them nefariously.

4.  Dummy ATMs

Despite not being common today compared to yesteryears, dummy ATMs pose significant threats to the cybersecurity industry. Dummy ATMs resemble actual entry-level and smaller ATMs, usually purchased online, but do not dispense any cash. Criminals use dummy ATMs for the sole purpose of collecting card PIN details and data. Cyber adversaries set up the dummy ATMs in high-traffic areas to trick more people into inserting their cards.

E-skimming

Security researchers recently discovered e-skimming, which is a new skimming threat in cybersecurity. Compared to the pervasive skimming schemes, where attackers usually place skimming devices in physical POS systems and later collect the copied data, e-skimming can be done remotely. The difference permits e-skimmers the ability to pull off the attack from any part of the world.

E-skimming occurs when a cybercriminal inserts malicious software into a retailer’s website and uses it to steal credentials. It is harder to detect since it does not involve the tampering of a physical facility. Customers may perceive that they are checking out using their debit or credit cards, whereas hackers use malicious software to steal payment information in real-time. Attackers use the stolen information for harmful reasons or sell it to multiple criminals on the dark web. The website owner can only discover an e-skimming scheme through an investigation.

An e-skimming campaign usually involves several hacking groups that collaborate in developing strategies for targeting vulnerable websites. Hackers compromise website security by hacking into the site’s web server or breaking into a web server used to support multiple websites. The attackers then introduce a malicious skimming code in websites with exploitable vulnerabilities.

A malicious script known as Magecart is involved in all e-skimming attacks; hence the attacks are referred to as Magecart Attacks. Hackers commonly introduce the Magecart script by hacking administrative control or using phishing methods and places the code using compromised accounts. Besides, cybercriminals can hide the malicious skimming code in a website’s JavaScript to compromise third-party suppliers. Compromising third-party suppliers provide hackers with instant access to thousands of victims. The Magecart skimming script captures user account and credit card information and sends it to a specified server.

Recent e-skimming cases

1.  Macy’s

Macy’s, a U.S. department store chain, was the victim of a Magecart script attack in October 2019. The store released an official statement that revealed that attackers had installed the malicious script on two pages of its official website; checkout page and macys.com. The malicious code collected customer card information, such as credit card numbers, expiration dates, addresses, customer names, phone numbers, and card verification codes.

2.  Puma

Puma’s Australian was a victim of the Magecart malicious script. According to Willem de Groot, a security researcher, the hidden code skimmed the credit card details of all customers who used the website for online shopping during the checkout process. The stolen information included credit card names, numbers, and customer addresses, transferred to a remote server in Ukraine.

3.  British Airways

British Airways was a victim of the same malware, and the incident saw the theft of more than 380,000 credit card details. Hackers had injected the malicious code on the company’s global website and scraped various credit card data. The stolen information included billing addresses, names, bank details, and names.

Skimming and identity theft

Identity theft often entails chipping away a victim’s digital identity as opposed to being a single incident. Skimming in cybersecurity permits criminals to access hard-to-get digital information, such as login credentials, emails, bank accounts, and social security numbers.

Card skimming breeds identity skimming since attackers typically execute independent incidents using different methods and malware. A successful skimming attack gives fraudsters enough time to maliciously use the credit card information before the owner or bank notices the fraudulent activities. Although cardholders may be lucky enough to get a refund of the misused funds, the damage is usually irreparable.

For instance, card skimming provides criminals with access to the encoded information, including the cardholder’s CVV number, country code, expiration date, card number, and full official names. Fraudsters can use the information to commit various crimes or sell them on the dark web. Besides committing nefarious actions, cybercriminals can use a skimmed card to get a timestamp of all the cardholders’ activities and locations. As such, skimming not only compromises the security of the victims’ identity, but it also threatens their privacy.

Card skimming leads to the theft of vital identity information. Cybercriminals often withdraw all funds before the owner discovers, others create clone cards and disperse them to be used for calculated fraudulent activities, while others play a waiting game. The waiting game is where fraudsters make small and infrequent cash withdrawals or purchases to avert detection among the cardholders or banks.

Recently implemented skimmer laws require victims to report skimmers within 24 hours of discovery, but law enforcement agencies will not share the skimmer locations. As such, card users seeking to prevent potential skimmer fraud are left vulnerable to instances of identity theft. Therefore, the most effective way of preventing identity theft through skimming is to closely monitor card statements to flag unaccountable or suspicious card activities.

Who is at risk the most?

All e-commerce websites that lack sufficient security systems are at risk of being a victim of skimming attacks. Hackers evolve and use new attacking methods frequently to realize a higher success rate. Websites that lack the latest security controls are vulnerable to skimming incidents.

A recent report showed that 1 out of 5 Magecart-infected stores is re-infected within several days of the initial infection. It is essential to clean infected systems and mitigate or patch underlying vulnerabilities to prevent a re-infection. Otherwise, evolving threats could easily lead to re-infection. Additionally, open-source applications like Magento are vulnerable to skimming attacks unless they are frequently patched.

Measures for curbing skimming in cybersecurity

Account monitoring

It is essential for cardholders to routinely monitor their card and bank accounts to identify suspicious transactions. Consumers typically have a window of time to dispute unaccountable charges if they become victims of an e-skimming campaign. Stolen card credentials can be used or sold to other criminals, and reporting abnormal card usage behavior shields cardholders from accepting the responsibility of illegal usage of the card information.

Prioritize low-limit cards

Cardholders should ensure they use low-limit credit cards when making online purchases and transactions. A low-limit card provides the option of restricting the maximum amount charged on the credit card. If a hacker pulls a successful e-skimming attack, a low-limit card can minimize the damage a criminal can do on a stolen card. As such, it is easy to establish if the credit card information has been compromised, depending on card usage.

Pre-plan online shopping

It is a recommended practice for a consumer to plan what to purchase and from which online retailers. While pre-planning assists consumers to stick to their shopping budgets, it plays an essential role in preventing users from being lured into accessing numerous online accounts. Purchasing items from multiple online stores spread the credit card information from one website to another, increasing the possibility of encountering an e-skimmer. Limiting online shopping locations reduces the risks of a consumer becoming a victim of an e-skimmer.

Shop from trusted websites

The more trusted an online retailer is, the higher the possibility that the retailer has implemented robust security protocols to protect card information. Also, consumers should only shop from secure websites. Secure websites implement SSL certificates, which encrypt the information exchanged between a client and a server. Websites with security encryption protect card information from e-skimming practices.

Top 6 Reasons Why is Cybercrime Expanding Rapidly

George Mutune
-
2
Top 6 Reasons Why is Cybercrime Expanding Rapidly

Hackers do not discriminate between big or small enterprises, which is a reason that answers the question, why is cybercrime expanding rapidly. The rise of data breaches, ransomware attacks, and cyberterrorism incidents is unprecedented. Recent publications of high-profile attacks are a testament that adversaries are unrelenting in their malicious intentions. For example, malware variants, such as ZCryptor, Petya, and WannaCry, have caused untold reputational and financial damage to organizations all over the world.

As cybercriminals leverage emerging technologies to advance their malicious campaigns, companies are increasingly exposed to cybersecurity threats. Moreover, digital innovations are being applied in critical sectors on a large scale. In turn, hackers have exploited digital technologies’ opportunities to gain high payoffs from the proceeds of cybercrime. The rapid expansion of cybercrime requires organizations to implement stringent precautions to eradicate vulnerabilities that can cause attacks. Various reasons have led to the rapid increase of global cybercrime.

Common Types of Cybercrime

Cybercrime consists of all activities that use or target a networked device, computer network, or any I.T. infrastructure. Cybercriminals use computer technologies to commit illegal actions, such as stealing user identities, violating personal privacy, or trafficking in intellectual property and child pornography. They exploit security weaknesses in digital systems to attack information assets via the Internet.

The following are some of the most popular types of cybercrime:

1. Identity theft

Identity theft is a scam practice where criminals use the identification credentials of another person for malicious reasons. For example, hackers may gain unauthorized access to a person’s banking account or credit card information and use it to steal funds or make purchases using the owner’s identity.

Although the identity theft concept has been around even before the Internet advancements, the increased use of digital information makes it easier for adversaries to steal a victim’s identity. Identity theft crimes are prevalent in various online deals and often come in forms like ad pop-ups, spam emails, and phishing attacks.

2. Phishing scams

Cybercriminals use phishing attacks to trick victims into revealing sensitive information, such as passwords, bank account information, social security number, and other personal information types. Phishing scams have proved to be highly effective since criminals require minimal resources to execute the attacks.

Hackers can create a phishing website, which mimics a real website to trick users into providing sensitive information. Criminals may also send email messages in bulk containing links to malicious websites or attachments, hoping that users will click them.

3. Malware attacks

Malicious cyber actors use malware attacks to infect a computer network or system with viruses, trojans, ransomware, and spyware. Malware is any program developed to harm a computer. A malware infection can enable cybercriminals to compromise an organization and steal highly confidential information, such as intellectual property and competition strategies.

One of the most popular types of malware is ransomware. This attack enables a cybercriminal to lock a victim’s computer systems and only provides a decryption key after paying a ransom. An example of a ransomware attack is the global WannaCry attack. Cybercriminals infected thousands of computer systems across the world.

4. Distributed Denial of Service (DDoS) attacks

Cyber adversaries use DDoS attacks to take down organizational networks and computer systems. Hackers target a company with an overwhelming amount of network traffic to prevent authorized users from accessing or using the network resources. DDoS cybercrimes overwhelm a computer system using standard communication protocols for spamming the system with numerous connection requests.

Cybercriminals often deploy the strategy in cyber-extortion schemes, threatening a DDoS attack unless they are paid a certain amount of money. Malicious actors may also use DDoS tactics as a distraction while they commit other types of cybercrimes. A recent example is the 2017 DDoS attack that impacted the U.K. National Lottery Website. The unavailability of the lottery’s mobile application and website prevented online users from playing.

Recent Cybercrime Statistics

There has been an unprecedented increase in cybercrime threats in recent years. Despite this, many people and organizations fail to take cybersecurity seriously, with individuals using common credentials to secure their accounts and devices while others use devices with inadequate security.

The following cybercrime statistics indicate the severity of the cybercrime threat:

1.  There is an attack every 39 seconds: A University of Maryland study revealed a computer attack occurs every 39 seconds. The adversarial incident could be in the form of a phishing attack, malware attack, or direct hacking.

Live Cyber Threat Map

Screenshot: A live threat map showing more than 27 million attacks have occurred in a single day (Source: Check Point Software Technologies)

2. 78% of U.S. organizations have been victims of attacks: Most hackers target companies that process personal or financial information due to monetary gains. Financial motivation is among the reasons why cybercrime is expanding rapidly. Cybercriminals usually go for small- and medium-sized enterprises.  They often lack the resources to implement robust cybersecurity measures. Such businesses are the majority and, therefore, form the majority of the victims.

3. There has been a 54% increase in mobile malware variants: The increase of mobile malware indicates how cybercriminals have continually enhanced their attack techniques. An increase in the usage of mobile and IoT technologies has seen malicious adversaries develop newer sophisticated malware variants.

4.  63% of businesses have been victims of data breaches: A Dell survey found that the data of 63% of companies were compromised due to a software or hardware-level security breach. The same survey indicated that only 28% of organizations are satisfied with vendor-implemented security measures.

5.  There was a 14% increase in unique malware programs: According to Kaspersky, its web antivirus solution detected 24,610,126 unique malware programs in 2019, a 14% increase from 2018. The sharp rise of malware advancements subjected almost 20% of internet users to various malware attacks.

Why is cybercrime expanding rapidly? The 6 reasons

1. An unprecedented rise of cyber-stuff

The prefix cyber has become common in virtually all crimes involving digital technologies. We have become accustomed to words like cyberwar, cybercriminals, and cybercrime. Therefore, it is vital to stop perceiving cyber-related attacks as sophisticated concepts and instead think of them as crimes hackers commit through easy tactics.

Today, it is much easier to steal personal information or compromise the security of a company remotely. Numerous automation tools with A.I. and ML capabilities have advanced, enabling criminals to commit cybercrimes without the need for high skills or technical expertise. The tools are readily available on the dark web for a small amount of money. Anyone with trivial technical inkling can easily find and use them. As a result, there have been higher levels of cybercrime compared to yesteryear.

2. The Internet architecture

The Internet infrastructure’s original architects focused more on durability and stability and gave little thought to security. They were not security-conscious when designing and building network infrastructure. Besides, the architects never thought that the Internet would provide a platform for transmitting millions of dollars or information worth a lot more than it is today.

As the Internet advanced to become more of a social and commercial space than for academic purposes, measures to make it more secure continue to be developed. Nevertheless, most of the underlying design depends on insecure transportation methods that can be hijacked with ease.

Cybercriminals have continued to exploit the security shortcomings to carry on their malicious campaigns. The Internet has also become central to most vital processes, including controlling critical assets and infrastructures. Hackers continue to capitalize on the Internet’sInternet’s insecurity to rump up attacks, resulting in the continued rise of cybercrime.

3. The role of hackers in information security

Most people today are paid to be professional hackers, professionally known as security researchers or ethical hackers. Their roles include enumerating security vulnerabilities in information systems and creating tools for demonstrating and detecting the flaws. The researchers then release the tools to the general public, most of which end up in malicious individuals’ hands.

Many cyber criminals use legitimate hacking tools to compromise systems and steal sensitive information. Also, other black hat hackers develop similar tools to facilitate the expansion of cybercrime activities. Since hackers have become more experienced and continuously gain access to newer technologies, there has been an explosion of hacking tools. Therefore, the cyberspace and information security field has become a race between the adoption of protective technologies and advancements of hacking tools and processes. The result is a rising wave of cybercrime.

4. Companies are slower in adopting strong security.

The reality of the current cybercrime landscape is that most companies don’t deem it profitable to overhaul their security systems unless the need arises. Profit-minded organizations usually hold off redesigning their security systems until they suffer an attack or their customers demand better security. A prime example is where Facebook failed to implement secure sessions until its CEO, Mark Zuckerberg’s account was hacked. Facebook only took user security seriously once the company deemed it as a personal problem.

Many other companies have the same security approach. Some may be aware that their systems or networks are insecure or vulnerable but fail to remedy time issues. Furthermore, most private and public entities have poor security practices, which further contributes to the continued rise of cybercrime.

5. Targeting people

For the longest time, humans have been the weakest link in the cybersecurity chain. Many computer users and company employees are untrained on the best security practices and secure system usage. While numerous users focus on security and software tools to detect and eliminate malware, cybercriminals have channeled their efforts on humans.

Most of the successful attacks begin by tricking unsuspecting victims into clicking on malware-laden attachments and websites. Cyber adversaries are adept at exploiting human trust through social engineering methods and other similar scams. Tricking users to volunteer information, such as passwords, banking details, healthcare information, and personal data, has caused cybercrime to rise significantly.

6. Internet of Things (IoT) proliferation

The current global IoT market is valued at $82.4 billion and is estimated to register a compounded annual growth rate of 21.3% between 2020 and 2028. IoT comprises devices that can connect to the internet. Each IoT device represents an attack surface, and the high usage of IoT systems has contributed to the rise of cybercrime.

Many businesses permit employees to use IoT devices since they are known to enhance productivity and streamline crucial operations. With so many endpoints introduced to a network, hackers can easily detect a vulnerable device and exploit it to commit a cybercrime. Besides, IoT systems are increasingly being used to control critical infrastructure and factory operations, thus attracting more adversaries. Vendors are also racing to release the most products due to the large market. The rush to outdo competitors causes manufacturers to include security as an afterthought, resulting in devices with exploitable vulnerabilities.

How can businesses protect themselves?

Since cybercrime is expanding rapidly, businesses should take proactive measures to protect themselves. The following recommendations can help in reducing cybercrime levels:

  1. Regularly update software: Updating software and operating systems regularly deny cybercriminals the opportunity to exploit vulnerabilities. Patching security flaws make one a less likely target, which is essential to lowering cybercrime.
  2. Outsource security services: Outsourcing security is the best strategy for small- and medium-sized businesses that lack the resources to strengthen their cybersecurity posture. Managed service providers have access to the latest and most effective security practices, tools, and professionals. Outsourcing security reduces cybercrime significantly.
  3. Protect against identity theft: Using VPNs in a home or corporate network can help prevent identity theft. It is essential to securely share personal information and passwords to prevent cybercriminals from intercepting the communication.
  4. Normalize training: Cybersecurity training and awareness should be a common occurrence for businesses and individual computer users. Being conversant with the best security
  5. Use robust antivirus/antimalware tools: Antivirus software programs enhance cybersecurity since they detect and eliminate harmful programs. Users must ensure to update the antimalware solutions regularly to gain access to the latest threat definitions.

Top 9 End-User Guidelines for Password Security

George Mutune
-
0
Top 9 End-User Guidelines for Password Security

End-user guidelines for password security can keep you out of trouble and even save your reputation and job.  Passwords remain a popular security control for authenticating and authorizing access to online resources.  But if you do not follow proper end-user guidelines for password security, you are at serious risk.

There are many strong opinions on password security, as there are possible passwords. Different enterprises draw different lines between acceptable and unacceptable behaviors in password security. Users can consider a range of best practices when using password-secured systems.

Importance of Password Security

Passwords are in use everywhere as a form of authorization mechanism. Meanwhile, the world of security keeps evolving. What enterprises consider secure today deprecates and gets compromised tomorrow. Passwords remain a weak link and a source of a wide range of cybersecurity vulnerabilities.

Today, there is an increasing new wave of phishing attacks aiming to dupe users and steal their passwords. Password stealers hit individuals when they download malicious documents in phishing emails that have affected tens of millions of people. Besides, hackers deploy browser extensions and other malicious programs to hunt login data that grants them access to multiple systems and applications a victim is attached to.

As a result of these attack trends, users and system developers must stay knowledgeable about password security best practices and trends.

Everyday Password Mistakes Users Make

  • Password Reuse

Despite heightened awareness of password security, many users continue to reuse passwords and rarely change them. Though 91 percent of end-users profess to understand the risks of using the same access credentials across multiple accounts, an online security survey by Google in partnership with Harris Poll found that password reuse is still a common practice. Fifty-two percent of users reusing the same password for multiple accounts. Only 35 percent use a unique password for all accounts. Surprisingly, 13 percent of end-users reuse the same password for all their accounts.

Microsoft analyzed a database of three billion publicly leaked credentials to identify users who reused passwords. Their assessment revealed that 44 million Microsoft users reused login data in the first three months of 2019. Once a third-party service experiences a data breach leading to the loss of users’ credentials, it inadvertently puts other accounts at risk, even in situations where an individual used a complex password.

  • Use of Default and Easily Guessable Passwords

Default and easy-to-guess passwords, such as 12345, admin1234, have resulted in personal and corporate account compromises lately. A recent SplashData’s Worst Password list drawn from more than five million stolen passwords revealed that the top two worst and most popular passwords were “123456” and “Password.” Other usual suspects in the list include “qwerty,” “football,” and “iloveyou.”

The Payment Card Industry Data Security Standard (PCI DSS) encourages end-users to avoid using vendor-supplied defaults for passwords and other security parameters.

  • Failure to Change Passwords Periodically

Failure to change passwords is a gloomy issue in password security. A recent survey found that 53 percent of end-users confess to not changing their passwords in the past 12 months, even though they were aware of the risks. Six in ten of the respondents polled rarely change their password over time. Funnily enough, 15 percent of end-users say they would instead do a household chore, while 11 percent would rather sit in traffic than change their passwords.

However, as NIST recommends, organizations should use the widely adopted practice of regularly changing passwords sparingly. The argument against shorter periods of changing passwords lies with the human trait to select a password sequence or patterns to ease the workload of remembering complex passwords every once in a while. The Payment Card Industry Data Security Standard (PCI DSS) requires that passwords must expire every 90 days.

  • Using Names of People, Places, Pets

End-users should avoid using passwords that reflect the name of people, pets, date of birth, or their addresses. Hackers can research a victim and discover the personal details online, which they use to guess login data. Even slight variations of such names do not guarantee reliable password security.

End-User Guidelines for Password Security

Password security neglect creates massive cybersecurity risks and undermines the overall cybersecurity posture for an enterprise or individual.

  • Password Length and Composition

A secure password should contain at least eight characters in length, including upper and lowercase alphabetic characters (A-Z, a-z), numerical characters (0-9), and special characters. NIST Special Publication 800-63B recommends the following: “Memorized secrets SHALL be at least eight characters in length if chosen by the subscriber. All printing ASCII characters, as well as the keyboard space, SHOULD be acceptable in memorized secrets.” NIST also suggests using passwords up to 64 characters in length.

  • Use a Password Manager

Only 24 percent of end-users use a password manager, despite many admitting they need an efficient method to track passwords. Organizations and individuals must ensure they have appropriate password management tools to enforce password best practices. End-users must ensure that a password manager leverages strong encryption and requires authentication before granting access. A password manager should have a master password and, if possible, a two-factor authentication.

  • Use a Multifactor Authentication

According to Microsoft, a multifactor security measure for user accounts blocks 99.9 percent of all attacks. Currently, MFA bypass attempts are so rare that security teams do not have statistics on this type of threat. NIST Special Publication 800-63B recommends using a multifactor authenticator that requires two factors to execute a single authentication event. Some of the MFA solutions that offer an additional protection layer include a combination of two or more of the following factors:

  1. Something you know – passwords, PIN, code words
  2. Something you have – keys, smartphones, smart cards, token devices, USB drives
  3. Something you are – fingerprints, palm scans, voice recognition, retina scans, iris scans, facial recognition

  • Use Long and Random Multi-Word Phrase as Password

End-users should avoid using a series of words found in a standard dictionary. Instead, end-users should consider using passphrases comprising a sequence of words with numeric and symbolic characters inserted throughout. Passphrases, such as a favorite quote or lyrics with special and numerical characters, are easy to remember for the user and complex for an attacker to crack. Additionally, the use of blank spaces in the multi-word phrase enhances password security.

UK’s National Cyber Security Center (NCSC) recommends using three random but memorable terms in a password to reduce the risk of cybercriminals breaching an account. “Using hard-to-guess passwords is a strong first step, and we recommend combining three random but memorable words,” states Ian Levy, NCSC Technical Director. “Be creative and use words memorable to you, so people can’t guess your password.”

  • Do Not Share Your Password

LastPass survey shows that password sharing is rampant, with 95 percent of respondents admitting to sharing six passwords averagely with other people. Typically, users share passwords with their spouse and children, with the study showing that 76 percent of individuals share their login credentials with their significant other.

End-users seemingly have good reasons for sharing passwords since it enables multiple individuals to access an account. In some cases, employees leave passwords on sticky notes under keyboards to allow co-workers to log into their work accounts in case of an emergency. Managers, similarly, share their login details so they can delegate tasks to other employees. LastPass survey discovered that 61 percent of employees would share a corporate password over a personal one.

The most frequently shared passwords include Wi-Fi, movie streaming, financial accounts, email and communication, social media, work-related, and utilities. Seventy-three percent of users, in all likelihood, will not resent their password after sharing it.

Sharing reused passwords increases the threat a single stolen password poses for business. Avoid sharing passwords with others, including colleagues, friends, and family members. A well-intended password sharing is substantially a security threat to systems and confidential information.

  • Avoid Writing your Login Details Down on Paper

As a rule, end-users should avoid writing down their passwords and storing them in insecure locations. In some instances, it might be acceptable to write the password on a piece of paper to make it available for everyone who is authorized to access the system or a device. However, end-users should only use that approach if no outsiders enter the office or home. More preferably, users should hide sticky notes with passwords. CNET recommends that end-users should keep the sheet of paper in a safe place, like a locked desk drawer or cabinet, and out of eyesight.

  • Do Not Use Automatic Logon Feature

End-users make the task of memorizing multiple account login credentials possible by storing the information in browsers to log them in automatically. However, this seemingly safe shortcut introduces vulnerabilities that hackers can exploit. Using automatic logon functionality on sites and applications negates the value of using a password. If a malicious actor gains physical access to a device with configured automatic logins, they can easily compromise the system and access sensitive information.

Although it might seem a good idea to avoid typing individual passwords every time an end-user accesses an account, the action is like unlocking the front door to a house and leaving it wide open.

  • Proscribe Password Hints

Sites and online accounts use password hints to help end-users remember their login credentials. However, this measure can undermine password security. It is customary for users to set clues that make it easy for them and malicious cyber actors to determine the password. Efficaciously, NIST has outlawed the use of knowledge-based authentication questions, such as what street did you grow up on, which hackers can effortlessly discover online.

  • Use a Password Blacklist

Undoubtedly, hackers can crack user-generated passwords effortlessly using advanced password hacking tools. Fortunately, end-users can minimize their exposure by checking login credentials against a compromised list. For instance, the NCSC publishes the top 100,000 most hacked passwords that users can avoid while signing up on online sites. Third-party password filtering services provide a more comprehensive list comprising of billions of previously compromised passwords. Vendors provide tools that scan Active Directory to find out the accounts using weak or blacklisted passwords.

You can also monitor your passwords to find if hackers have leaked them through a data breach. Mozilla’s Firefox Monitor and Google’s Password Checkup show users which of their email addresses and login details hackers have compromised in a cyber incident.

Beyond any doubt, end-users still do not seem to adopt better password hygiene. Since security experts tie 80 percent of hacking-related breaches to stolen or reused credentials, it is essential to secure passwords. This end-user guideline encourages individuals and enterprises to take password security more seriously to mitigate cyber risks.

What to Do If You Think You’ve Been a Victim of Identity Theft

Oliviah Nelson
-
0

Identity theft is a major problem for many people, and there are several steps you can take to protect yourself. First, you can set up a fraud alert on your credit report. You should also monitor your credit report closely for signs of fraud. Then, you can request copies of any documents related to accounts or transactions that were opened using your personal information.

Preventing identity theft

One of the most important ways to prevent identity theft is to secure your personal information. Identity thieves often find personal information in wallets, mailboxes, or online shopping. You should protect this information by ensuring each household member knows the dangers of sharing personal information online. This is especially important if you have a special needs child.

First, you should notify companies that have access to your financial information. If your account has been compromised, contact your bank, credit card issuer, and the Social Security Administration. They will work to close down any compromised accounts and place fraud alerts. You should also contact your phone and utility companies if you have been a victim of identity theft.

Next, you should contact your creditors to let them know you’ve been a victim. Calling these companies is important as they can help you avoid further losses. You should also close any accounts opened without your permission or whose activity was unauthorized. In addition, you should keep your computer free from malicious computer programs. This will prevent hackers from accessing your private information.

Using a people search site to monitor suspicious activity

Sites that look for people online usually contain information you can use to monitor your identity. For example, you can use a people search site to check for new accounts or transactions opened in your name. These sites can also help you see if any court records are associated with your name.

If you have any new or suspicious activity on your credit report, you should file a police report. This will help you get the information you need to fix the problem.

Adding a fraud alert to your credit report

If you’ve become a victim of identity theft, you can add a fraud alert to your credit report to alert creditors of suspicious activity. This alert will trigger credit reports from all three credit reporting agencies to look for unusual activity. Once added, your alert will remain active for 90 days.

Adding a fraud alert to your credit report is an effective way to protect your social security number and its private account details. You can call the three major credit bureaus or use their online reporting options.

You can add a military-style fraud alert to your credit report if you’re in the military. This will keep companies from sending you offers unless they verify your identity. These alerts last 90 days and can be renewed annually.

Monitoring your credit report for signs of fraud

If you’ve been a victim of identity fraud, monitoring your credit report for signs of fraud is important. TransUnion offers three types of fraud alerts. The first, called the initial alert, will remain on your credit report for one year. An extended fraud alert, on the other hand, will remain on your report for seven years. This type of fraud alert requires additional documentation but can help protect you from future fraud attempts.

If you notice any new or unfamiliar charges or inquiries on your credit report, you should dispute them. This activity will appear on your credit report and may impact your credit score. In 2020, credit card fraud was the second most common form of ID theft, with more than two million victims. The best way to protect yourself from financial fraud is to monitor your bank accounts and credit reports for unusual activity.

When you check your credit report for signs of fraud, look for unusually large amounts of debt and sudden changes in your credit score. Fraudsters may use your name to open new accounts, and they can even file for bankruptcy in your name! This can severely damage your credit score.

Obtaining documents related to fraudulent transactions or accounts opened using your personal information.

If you suspect that your financial information was used to open an account, it is important to obtain the relevant documents. The best way to do this is to contact the financial institution you’re dealing with and follow up in writing. If possible, use a certified letter with the return receipt requested. The financial institution must acknowledge receipt of your letter, and you should keep a copy of it.

Conclusion

If you think you’ve been a victim of identity theft, there are steps you can take to protect yourself. These include monitoring your credit report, adding a fraud alert to your credit report, and disputing any unfamiliar activity on your report. You should also obtain documents related to any fraudulent accounts that may have been opened in your name. By taking these steps, you can help protect your identity and your financial information.

Avoiding Cyber Threats When Dealing With Cryptocurrency

Donald Korinchak, MBA, PMP, CISSP, CASP, ITILv3
-
0
Avoiding Cyber Threats When Dealing With Cryptocurrency

Cryptocurrencies have caught on in a pretty big way over the course of the last several years. However, there are still plenty of people who haven’t bought in, and some of the common reasons for this concern trust and security. From individuals to financial institutions, to governments, there’s a feeling that the supposed inherent security of cryptocurrencies just isn’t reliable. And even where new and emerging cryptos are concerned, there’s little faith that the kinks have been ironed out. Case in point, Facebook’s long-awaited crypto offering already has a trust problem.

All of these concerns are understandable. There are established cybersecurity threats associated with cryptocurrency, from wild value fluctuations driven by disproportionately powerful influencers, to breaches in crypto wallets and exchanges, to relatively common scams (like crypto-jacking and ransomware). And even aside from these, cryptocurrency is new! Even if we assume it’s generally secure most of the time, it’s easy for people to have misgivings about something unfamiliar.

That said, cryptocurrency isn’t an all-or-nothing proposition either. You don’t need to simply decide whether or not you trust it, and let that be that. There are ways to handle and invest in cryptocurrency in ways that protect you from most security threats.

Don’t Pay Unknown Recipients

As mentioned, ransomware is among the common cybersecurity threats associated with cryptocurrency. This is a difficult sort of hack, which traditionally involves the files on a device being encrypted by a malicious entity — only to be unlocked if an untraceable cryptocurrency payment is provided. It’s a sophisticated issue, and one it’s difficult to stop. But there are also less sophisticated scams via which unknown entities will simply ask for cryptocurrency. They may claim to offer a service; they may claim to be in desperate need; or they may claim to have information of yours, effectively attempting to leverage you into supplying a payment. These threats need to be taken on a case-by-case basis, but the easiest way to avoid them is to establish a firm policy of not paying unknown recipients with cryptocurrency. It sounds simple, and it is. But setting this policy in place consciously is still wise.

Invest Without Purchasing

If you’re curious about cryptocurrency from an investment standpoint, but you’re unwilling to trust the various wallets and exchanges at your disposal, you can take advantage of a trading method known as “contracts for difference.” This is a method that allows you to invest in the value of cryptocurrency without ever having to buy, store, or sell it on your own. In short, trading cryptocurrency CFDs is investing in an idea — specifically, the idea of the crypto asset in question gaining or losing value. Without ever holding the cryptocurrency, and thus without exposing yourself to cybersecurity risk, you can set up a CFD with a reliable trading platform and profit simply by choosing the right direction for an asset’s value to move in overtime.

Review Exchanges & Wallets

If you do decide to acquire your own cryptocurrency, either to spend or store as an investment, you’ll have to place some trust in an exchange (where you purchase the cryptocurrency) and wallet (where you store it). Unfortunately, there is no way to fully guarantee that your chosen wallet and exchange will be invulnerable. Issues arise, and in theory, any wallet or exchange could be compromised. However, due diligence is still worth something. By reviewing your options carefully, and reading up on security measures and any past issues, you can reassure yourself that you’re picking the most secure platforms available.

Explore Crypto Debit Cards

As you may have heard, it is now possible to load crypto funds on a debit card, so long as you’re using the right service and a compatible card. This is not a complete workaround of crypto exchanges or wallets, given that you still need to load the cryptocurrency from a digital source. But it’s still a method that some users feel more secure about because they don’t need to access their crypto wallets and conduct direct transfers on a regular basis. Instead, they can simply swipe debit cards to spend cryptocurrency.

There are still some risks associated with these ideas, as there are with most financial dealings these days. But in taking these approaches, it is possible to spend, manage, and invest in cryptocurrency without making yourself vulnerable to the bigger known cyber threats.

(Image: Pixabay)

What Cybercriminals do to Make Money (Top 9)

Joseph Ochieng
-
0
What Cybercriminals do to Make Money (Top 9)

What cybercriminals do to make money is based on an analysis of what works.  Hackers experiment with different types of cybercrime to understand the types of cybercrime that are most profitable.

Most hackers rely on extortion as the primary technique for monetizing their stolen information. Extortion has been a successful form of cybercrime for years. But there are many other ways that hackers can make money besides extortion.  We examine and explain many of these methods.

Some people hack for the thrill, but the primary intent of malicious hacking for financial gain. With the right skills, any hacker can earn money.

Cybercriminals sell credit card data to make money.

The simplest and most common way that hackers earn cash is to steal your credit card data. Credit cards are used all over the internet for purchases, memberships, sending money, etc. Credit numbers are stolen by compromising databases that contained saved credit card information or intercepting the data while the transaction is in progress.

One high-profile attack involved over 300,000 British Airways customers. A malicious line of JavaScript called Magecart was used in this attack. Magecart allows hackers to steal credit card details when the script is placed into embedded payment pages. The Magecart script was an example of an attack where the hackers did not have to compromise databases but used a script to grab the credit card data during the transaction.

Cybercriminals sell personal data on the dark web to make money.

Some hackers make money by selling valuable information on the dark web. It is challenging to compromise confidential corporate databases, but it can also be very lucrative. Hackers need to penetrate the various security layers to access hundreds of millions of records containing personal information. This data is then often sold on the dark web or to private buyers who intend to use the information for fraud.

On the dark web, personal data and confidential credentials stolen from compromised databases are placed for sale. Personal data is a valuable asset and can be sold for millions. Those who buy the data will likely use it to commit identity theft.   Many hackers target big organizations and corporations, while others go after any organization with penetrable security walls.

Hotel chain Marriot was hacked in 2018. It was hacked again in 2020. Do we blame this kind of attack on the organization’s IT department, or blame the hackers? The hackers are responsible, but the IT department is liable for not securing the data correctly.

In some cases, senior hackers sell credentials to junior hackers and other fraudsters who commit phishing campaigns. These parties attempt to send emails used to spread malware. The malware could be crypto-mining software, adware, or even ransomware. Each of these types of malware can make money for the hacker.

Cybercriminals use Botnets to make money.

The use of botnets is often in the news. A recent news story is about last month’s arrest of the man allegedly behind the Mega-D botnet. Another news story describes the angry supporters of the WikiLeaks organization. They have voluntarily allowed the computers to be part of the LOIC (Low Orbit Ion Cannon) as part of Operation Payback.

Most botnets are used to facilitate criminal enterprise, with their primary purpose being to make money for the hackers in charge.  According to Martin Lee, a senior software engineer at Symantec Hosted Services, botnets can be defined as a system of computers that have been infiltrated with malware and placed under the control of a single individual.

When your computer gets infected by botnet malware, it is under the control of whoever wrote that malware. After infection, the computer contacts the control and command server. Then the person in control of the botnet can issue whatever instructions they would like. The instruction might be to send emails to specific or various email accounts, to connect with other PCs within the network, or to install additional software that will enable the malware to remain undetected as long as possible.

So what’s the next move by cybercriminals after they have built a botnet? How do hackers make money with botnets?

Cybercriminals make money with botnets by sending spam.

There are several ways that hackers can use to make money via botnets. Sending spam is one of the most common ways that hackers use to generate cash. People have become more cyber-aware, and this leads to a low click rate on spam emails. Despite this, hackers are still able to make millions of dollars annually out of spam campaigns. These spam campaigns often sell products such as pharmaceuticals. A study on pharmaceutical spam has shown that most of the products are counterfeit or are of the wrong dosage.

Although spam has a meager response rate, the volume of spam sent by a botnet can make up for the gap. When millions of spam emails are sent, there is a consistent profit generated.

Hackers have realized that by shortening URLs, they get more people to open their messages. Hackers have changed their tactics to allow them to launder or whitewash the actual URL that you see in the email.

A breakdown

Most of the emails that a spammer sends will not be delivered. Of those that are delivered, very few are opened by the targeted victims. Even if they do open the emails, very few will click on the links. Out of those who click the link, very few will buy the advertised products.

Only an incredibly tiny fraction of the sent emails will be successful. But it costs very little for hackers to send many millions of spam emails.  So,  spamming is still a lucrative way for hackers to make money.

Cybercriminals steal money from bank accounts.

Competent hackers aim at financial institutions to attempt to bypass the A-class security systems. Hackers can utilize malware to steal from online bank accounts. An unknowing user might be operating on an infected machine. The hidden malware waits until the user connects to a bank’s internet service, then the hacker takes over or steals the required credentials. The malware allows the victim to log in to their accounts, do their authentication, and then take over the connection. The software then injects money transfer commands into the system and hides those transactions so that the victim does not see their actual balance.

With malware on your PC, you cannot trust what is being displayed on your screen. The hacker has full control and controls what you see.

Cybercriminals make money by using denial of service (DOS) attacks to ask for Ransom.

Another way that hackers make money is through a modern take on a very old scheme: the protection racket. The catch here is to look for a business that conducts most of its business online and then takes down their website until they pay their demanded cash.

If the attacked company does not pay the demanded cash, the hacker can direct the computers in their botnet to start requesting pages on the victim’s website. Since these are automated attacks, botnets can send hundreds of thousands of requests every second, thus swamping the website or slowing it down so much that it becomes practically impossible to use by the clients and the company staff.

According to past studies on such attacks, extortion demands often range between $10,000 and $50,000. In this range, victims are often more willing to pay the ransom than suffer the consequences of their sites being brought down and potentially losing more.

Stealing Intangible Goods.

Although only a few cases have been recorded, some hackers make money by stealing intangible goods. For example, a hacker might hack into one’s gaming account.  The hacker can then sell the intangible goods the player has accumulated or acquired in the game.

People spent significant time and money on online games. Hackers, therefore,  have developed Trojans that have been customized to steal credentials that are then used to access online games to steal intangible goods that have been acquired.  In Asia, a gang of hackers who specialized in selling intangible goods recently made at least $140,000.

Holding Information for Ransom

Another spin on the extortion angle, hackers make money by holding information on a victim’s computer for ransom. With the aid of malware, data is encrypted on the victim’s hard drive, and the information is made inaccessible.  The person operating the botnet then demands payment to decrypt the drive. This method is rarely used but is one way hackers can use it to make money.

Cybercriminals make money through online marketplaces.

Some cybercriminals make a considerable amount of cash by abusing online marketplaces. The ease of shopping from the comfort of your home or office is fast, making online marketplaces such as Flipkart, Amazon, Jumia, and eBay a preferable mode of shopping globally. However, these online platforms usually require various significant credentials that can be easily harvested and use for numerous crimes by cybercriminals.

Fraud has gone up in the online marketplaces providing cybercriminals with ample opportunity to strike. Some of the methods that cybercriminals use to exploit online market places include:

  • Using stolen credit card details to buy expensive goods and other luxuries.
  • Impersonation – cybercriminals also make money by impersonating legitimate sellers. They then sell fake or non-existent items. There have been several incidents where customers complain of receiving items they never ordered for or counterfeit items instead of what they ordered. Such cybercriminals aim to convince a pool of target victims to purchase their fake goods and then disappear with the money without delivering any service or providing the ordered goods.
  • Money Laundering – cybercriminals often use online marketplaces as a channel to launder money. Using stolen or fake credentials, they create buyer and seller accounts. The phony buyer then purchases goods from the fake seller accounts at inflated prices.  The transactions can be used to trick the IRS that somebody legitimately earned money.

Cybercriminals make money through cryptocurrencies.

Cybercriminals use botnets and “crypto-jacking” to mine digital currency at the expense of victims who have no idea that they are taking part in the mining process. The popularity of bitcoin and the introduction of 1500 other digital coins or tokens have expanded attack surfaces in the cryptocurrency red-hot space hence drawing more criminals to exploit the weak links.  The last two years have seen digital currencies grow into mainstream assets as more financial institutions and corporations expand the use of the underlying blockchain technology.

With various “alt-coins” being launched every week, cybercriminals have come up with creative and complex techniques to gain financially from these launches. There has been a rise in mining fraud, scams against initial coin offering, crypto-jacking, and account takeovers.

Crypto-jacking is where cybercriminals use malware to take control of one’s browser and then use the victim’s PC to mine digital coins without their victim’s knowledge.

Money Money Money

There are some other ways through which hackers earn more money than what we have mentioned above. For instance, there are hacking groups paid by governments to commit crimes for those nations. Others make money by being anonymous penetration testers. Hackers will continue to hack as long as there is money to be made.

1...295296297...322Page 296 of 322

CyberExperts is your cybersecurity news and education website. We provide you with the latest breaking news and videos in the cybersecurity industry.

Contact us: [email protected]

© Copyright - CyberExperts.com