Cybersecurity | IT Protection | Attack Vectors
Have you heard of the evil twin? In the second part of our series, we will again introduce you to three inventive tricks used by cybercriminals and give you suggestions on how to protect yourself from such maneuvers.
Mobile working is a blessing for the stressed employee, but also a risk for companies. This is true at least as long as there are no safety guidelines for working on the go. Criminals like to use such vulnerabilities for the trick of the so-called evil twin: Here, reputable wireless Internet access points (W-LAN) are replaced by malicious clones that look exactly like their twin and often boast a stronger signal. If you are connected via this network, data can be read by cybercriminals.
Our tip: Bad twins are difficult for outsiders to recognize. Therefore, only use foreign networks if you have no alternatives. While using someone else’s Wi-Fi, you should not enter any critical information such as access rights or payment details. Alternatively, you can install a VPN program (VPN – Virtual Private Network) or have it set up by your IT manager. The private network allows you to surf the Internet safely.
The phone rings. A new employee from your service provider is on the other end of the line. He desperately asks you for help: Your company’s website has been hacked, all data is visible online in a few minutes – unless you give him your password immediately so that he can prevent worse. Since it is new, it needs your password and if you don’t help it, then unfortunately you will have to take responsibility for the data leak. You want to talk to his superior. No problem, he will be happy to forward you. The supposed boss confirms the process. A delicate matter. And then the person on the phone sounds very trustworthy. Numerous scams of the past few months have been built up in this or similar way. A well-known software manufacturer recently warned again about fraudsters posing as the company’s maintenance team in order to grant you access to the computer.
Our tip: Don’t let yourself be put under pressure. Find the service provider’s phone number from your records, call them and have the story confirmed.
No more clicking on suspicious links, no downloading of dubious email attachments: there are cyberattacks that criminals use to infiltrate your systems without you noticing. These malicious programs are often found in infected ads that disguise themselves as advertisements. When you visit affected websites, these ads are automatically executed. They exploit security gaps in the browser, whereby the malware is automatically downloaded (drive-by attack). Trustworthy sites can also be affected if they integrate advertising from unknown third parties into their own website without quality control.
Our tip: Always use the latest version of your browser and download security updates automatically. You can also use an ad blocker: This blocks ads before they open in your browser. However, please note that many free services such as online media are financed by advertising. With the ad blocker switched on, these are often not available at all or only to a limited extent.
