Cyber attacks have become complex. FILE PHOTO | NMG
As sophisticated online attacks become more commonplace, it’s
essential that users at an elevated risk of being personally targeted
online — like policy makers, campaign teams, journalists, business
leaders, or others in the public eye —are equipped with knowledge and
tools to protect their online accounts.
Unknown to
many, phishing is the most common technique used to obtain sensitive
information about you, like your username, password, or banking and
financial information.
Hackers can attack through
e-mail, telephone, text message, or through apps posing as a legitimate
person or trusted organisation in order to trick them into providing
sensitive personal information.
In 2017, a ransomware
was reported to have attacked 14 servers in Kenya, among them two
multinationals. This was partly attributed to phishing where computer
users unknowingly opened links from unknown but genuine-looking links,
thereby opening themselves up to attacks.
It is important to learn how to spot the various forms of phishing and how to safeguard against it.
First,
be wary of requests for personal information. Don’t reply to suspicious
emails, instant messages, or pop-up windows that ask for personal
information like passwords or financial information.
Even
if the message comes from a website that you trust, never click on a
link or send a reply message with your personal details. Remember that
legitimate sites and services will not send messages requesting you to
send passwords or financial information over email.
Second,
always double check the file before downloading it. Some sophisticated
phishing attacks can occur through infected documents and PDF
attachments. If you come across a suspicious attachment, use Chrome or
Google Drive to open it safely and reduce the risk of infecting your
device.
Lastly, some features such as the Password
Alert Extension on Chrome will alert you when you enter your password on
a non-Google site. Find a suitable one.
Through
simple measures, Internet users can protect their machines from
phishing. Two-step verification is one such measure which means that
logging into your account requires a second step beyond providing your
username and password.
With this enabled, a hacker
can’t access your account with your username and password alone as they
would require a physical security key or a code sent via SMS or the
Google Authenticator App.
Even the most careful and
security-minded users and corporates can fall victim to phishing scams,
especially if those scams are individually targeted. It is important to
gear up in a time.
The author is Google’s Policy and Government Relations manager for East Africa.
No comments :
Post a Comment