4 Threats Antivirus Won’t Protect You Against – And What to Do
We’ve had to worry about digital threats since the advent of computers and the internet. About a decade ago, though, the only problems were from things like worms and trojans. Nothing an antivirus software would not solve.
Fast forward to the current digital landscape, and the story has changed.
Hackers have grown more sophisticated and will explore all of the options they have at hand to get at victims.
If you have been relying on only antivirus and antimalware software, here are some attacks that would render such software useless. As a bonus, we have also included tips to help secure against such attacks better.
Threat #1 – Man-in-the-Middle Attacks
Usually occurring over unencrypted and/ rogue networks, man-in-the-middle attacks are just as the name implies.
The hacker takes advantage of a weak internet network structure to infiltrate their victims’ computers. Once in, they can take control of the computer, hijack conversations, and even install the malware in some cases. However, they do not need to install malware before the attack starts at all.
Fix: Never browse the web over free or unencrypted Wi-Fi networks. It is advised to establish a secure VPN connection before accessing the web, especially when not using a personal internet connection.
Threat #2 – Phishing Attack
The US FBI is always investigating newer and increasing Business Email Compromise (BEC), which is just one form of phishing attacks. Thus, it is little wonder that these attacks are regarded as the grandfather of all social engineering scams out there.
Phishing attacks rely on the hacker gaining the trust of their victim. They do this by sending out a text/ email/ other messages to their potential victims containing a link with a call to action. This call to action could be to claim a reward, get their stimulus check, update their account details, etc.
The majority of these hacks are pulled off with hackers cloning the site/ identity of a legitimate entity to get the victim to trust them.
On entering sensitive details (such as social security number, bank account details, personally-identifying information, etc.), the hacker uses that to carry out a secondary, more significant hack.
Fix: Refrain from clicking links in texts and emails, especially when they are from unsolicited sources. Even when it looks healthy, it is preferable to write out the link in your browser rather than click on the link from the text itself.
Threat #3 – Brute Force Attacks
Brute force attacks work like the name suggests, badgering on accounts until the algorithm running them can figure out the password to such an account.
This form of attack is on a bigger and more sophisticated scale to dictionary and hybrid attacks, but they do almost the same thing.
An algorithm is fed with all the possible characters which can be used to create a password. This algorithm runs various character combinations against the account to be hacked until it reaches the correct password that users have set on their accounts.
Fix: Obviously, successful brute force attacks are a result of weak passwords. Please make sure all of your online accounts have unique and strong passwords to them. To reduce password fatigue, which makes many people set a weak password, get a password manager.
An advantage of password managers is that they sometimes come with password generation tools too.
Threat #4 – Software Flaws
Sometimes, you don’t have to do anything wrong to be a victim of a hack. It could be as a result of using an app/ program/ device with outdated software. Such outdated software might have a bug/ exploit which has been fixed in newer versions.
This is one of the many reasons why as much as one billion Android devices are currently at risk of getting hacked. Noting the poor upgrade and updating the continuity timeline of Android units is not surprising.
Sometimes, it could also be the app on your device. For example, WhatsApp faced a data breach from an Israeli bug not quite long ago. This bug will keep affecting users that are yet to update their apps.
Fix: Getting software/ firmware updates and upgrades as soon as they hit the market will do you a lot of good. That keeps you up to date against known exploits in the system, making you invincible to such attacks.