The 10 Internet Security Myths You Need to Forget | Hacktech Beast

 Now, I know there is a lot of conflicting information out there, which creates controversy, but these stories or “myths” are now part of Internet culture and it’s difficult to separate fact from fiction, especially when so many people treat them as “real”. Since it is a confusing topic that covers so many areas on the web, it is difficult to see beyond half-truths or falsehoods. The information and data in the online world shifts and covers new interests, therefore our security perspective must also keep up and separate fact from fiction. Here are the top 10 most common security myths that need to be demolished, before you take any security action on our systems.

10 Internet Security Myths That You Need To Forget

1) This can’t happen to me, only important or rich people are targeted.

This security myth is called by many security experts security through obscurity. Simply said, the Internet is such a big place that no one wants to target you. And even if someone would try to attack your system, there wouldn’t be too much valuable data to be stolen.
In most cases, the user who embraces this kind of thinking doesn’t actually want to lose time or money to address this security issue for the system. The problem with this type of wishful thinking is that it doesn’t take long until an IT criminal disables your system by using one of your system’s vulnerabilities. This happens because it is not about how you are, it’s only about your system protection level. Using automated tools, online criminals probe systems to discover vulnerable computers and networks to take advantage of. And it’s not just about your personal information they are after: your Internet-connected system is also a valuable asset they can use for their malicious actions.
 Even if you think there is no important personal or financial data on the system, a potential identity theft or IT criminal can still use the little data discovered and relate it to other information taken from other sources in order to have a complete picture. Why take a risk when there are so many protection products and even free tools to keep you safe from malware?
So, don’t trust the odds that tell you that you should be safe out there.

 2)  Install this security application and you’ll be fine.

This security myth is also called the search for the magic bullet that can solve all your system security. A user that pays for a security program has high expectations and hopes all his system security to be covered by just installing the purchased program. This myth represents a false image of what it means to have a complete system security. Trusting one security program to cover your system, your online actions, keep you safe against data and financial stealing malware and other non-traditional attack vectors means that you place too much trust in a single line of defense. To have an antivirus software or any other security program doesn’t mean to cover the whole Internet security front, though there are some antivirus products that try to create the impression that everything is protected by just installing that single program.

To have complete protection of your system and your online actions, you should start by using an antivirus program that protects you against classical threats, such as viruses, worms, Trojans or phishing. At the same time, you also need solutions against spam, data and financial stealing malware, a parental control tool and a good firewall. More than anything, you need to stay up to date with security and the latest news and reject false stories that promise total protection by installing a single security program. Because cyber criminal attacks are evolving faster than antivirus can, next-generation anti-hacking tools have emerged! And I’ll tell you all about them in upcoming blogs.  

3) I don’t need security programs because I don’t access unsafe locations.

I’m sure you heard about this one and you have those friends that believe simple common sense is all that is necessary to keep you safe from malware, viruses, spam, phishing, identity theft, online attacks, etc. How many times have you heard someone saying: I don’t need antivirus protection, I’m too smart to fall for those tricks!

And if it’s about email attachments, risky web locations or pop-up ads, that may be correct. But is that all? What about malware attacks and vulnerability checks that are not easy to detect? Or about malicious code hidden in legitimate websites? To be safe online is quite similar to driving your car. You may have common sense and pay attention to potential dangers, but can you always predict what others are doing around you in traffic? Now, you understand why security is important.

4) I set some strong and complex passwords to my accounts, so I’ll be OK.

It is a common recommendation for every user to set a strong password. Your passwords should have 10 or 20 characters and they must contain various letters and numbers. Making the password long and complicated is supposed to create serious difficulties for someone that tries to break it.

These complex passwords that are set nevertheless present a major inconvenience: they are quite difficult to remember and you are forced to write them down in the PC or on some piece of paper, which increases the risk of unauthorized access to the account or to the operating system. At the same time, users have a tendency to dislike such a strong password implementation and start to perceive this as a burden. Normally, most Internet users set quite easy to remember passwords to their accounts or they use passwords which are easy to guess. Therefore, most passwords and credentials, which are even used for online banking locations, are actually sniffed and not so much cracked. Another well-known fact is that users set the same password for different online accounts, which makes the job much easier for an online criminal. The need for a good password is part of a larger security scheme that includes security programs for classical and non-traditional vector attacks, spam detection and phishing attempts. But fancy words won’t keep you safe.

5) Internet security is expensive. 

I’m sure you spend some time online, running various activities, sending messages to friends on social media accounts, purchase various items on different websites, not to mention accessing your banking account to send and receive money. So, is Internet access just a simple way of wasting time and having fun, or is it an integral part of our lives? How difficult is it for an IT criminal to use information from our Facebook account and correlate it with data obtained from malicious software already installed on our system in order to have a complete image of your life? And, from that point, how long until your identity is stolen and used for malicious purposes? I am sure you heard about cases when someone’s online identity has been stolen and money removed from the banking account. What you don’t hear is that recovering from this online attack takes time, even years and since an attack can occur from any part of the world, the perpetrators are rarely brought to justice. 

With this information in mind, should you still take a chance online?

It is true you could install free antivirus on your system and there are many options online, but from my experience I recommend using a good security product from a big company name. To choose the best solution, access the antivirus test results run by established names in the security industry, such as AV Comparatives, PC Magazine, AV-TEST or Virus Bulletin and select the best security solution for your system. 

6) I only open emails from my friends, so I should be fine.

How many of us already received a strange email from a friend or from a relative?

 How difficult is it to spoof an email in order to display anyone’s name as being the sender?

If you are used to these types of tricks, you may be safe from clicking the links contained in the email or download on your system the attachments of the email. But for someone who is less skilled in Internet security, just one click away from malicious software can get them infected.

 Clicking a link may send the user to a malicious website controlled by online criminals and downloading the content of the email may easily install on the system some dangerous financial stealing malware, which remains hidden stealing banking credentials for cyber-criminals. These types of emails may also appear like coming from financial institutions and they can look real enough to trick you into giving away private information from your online account.

 In this case, if you have doubts about the origin of the email, simply contact directly the institution or your friend and ask if they sent that particular email.

7) I download and access information from trusted sources. This keeps me safe.

This is a pretty difficult security myth to break. Most of us think that accessing safe and secure locations will keep us safe. The reality is quite different. Even if you access a trusted source, you are still vulnerable to online dangers, and I’m not referring just to old viruses, worms or other normal malware.

In this particular case, I’m talking about a much greater danger: malicious software developed by cyber-criminals that target our private data and financial credentials, and which is designed to remain hidden from classical antivirus detection. This type of malware usually spreads through emails that apparently come from a secure financial institution (or from a friend), through drive-by downloads, malicious content placed on secure websites that download on your system, or simply through pop-up ads placed by online criminals on those websites that are considered safe to access.

 To stay safe from this danger, you need an especially designed software to protect you against financial theft and data stealing software. This type of software offers a complementary layer of security which the normal antivirus products cannot provide. Don’t worry, I’ll tell you all about it when time comes.

8) My social networks are safe places. Friends will be friends.

But will they? Social media services, such as Facebook or Twitter, brought so many people online in the last years that it is difficult to find someone who doesn’t have at least a single online account, at least LinkedIn (which is focused mainly on jobs, but has recently started to develop into a more interactive network). And since so many people are connected this way, online criminals have already developed tricks and methods that target these networks, especially with online scams and identity theft attempts. For a complete list on online scams, you can take a look on this article. If online criminals can place malicious content like drive-by downloads and pop-up ads on safe websites, they can do the same with social media accounts.

Who doesn’t have that friend in the list that clicked an offer on a fake page spreading it after to the entire list of friends?

Another danger found on these types of social media accounts is posed by online criminals that create fake profiles and personas to retrieve personal information from other users. By collecting information (that doesn’t seem very important initially) and connecting it to other data retrieved from other locations, the IT criminals can track online habits and build a user persona in order to operate the identity theft of the targeted user. Therefore, be careful who you add to your list of friends.

9) I don’t have important information or sensitive data on my system. Why should I worry? 

First of all, are you sure there is nothing valuable on your system?

Did you let your browser remember all your passwords for your online accounts, banking websites and your email address?

 How much damage can you take if your email account is accessed?

You may think that your data is not important for a cyber-criminal, but you should know they can collect and assemble information about you from other sources as well to have a big picture of your online habits. Later on, they can use the information to steal your online identity and use it against you. And even when there is no important data for a potential criminal on your system, they still can use your device for various purposes.

They can use your system’s hard disk to store illegal content, install a bot to use your computer in a coordinated online attack, host phishing content or share criminal materials. At the same time, they can use your system’s resources, such as your Internet connection to access remote websites or your email address to send spam to your list of friends.

10) In case I get infected, I will see that for sure.

Well, don’t be so sure about this. In the past, when a computer started running slow and pop-ups appeared all over the screen, maybe you could tell. But today, cyber-criminal methods have evolved and increased their efficiency that in most cases, a normal user can’t tell his system is involved in spam campaigns or coordinated online attacks. The malicious software is built to be undetectable and untraceable by antivirus products, retrieving private information without you even noticing. Designed to evade normal detection systems and working in the background, the latest data stealing malware retrieves private data like credit card details and account logins without leaving visual evidence.

But fear not! For I have designed lesson 16 to help you detect and block malicious attempts to hack and control your device! We tried to cover the main security myths that exist in the online world, stories that actually appeared because we try to find easy solutions and simple answers to our security fears. Though you may not have the time right now to discover them all, just remember you can always go back to this lesson when you feel the need to go over the info again.

 

Thanks for sticking with us until the end !