The National Cybersecurity Institute’s Cyber-Attacks Guide describes the various methods cyber criminals use to illegally access user data for fraudulent purposes. Hence, it refers to techniques to find out the password to access devices or the large number of types of attacks invoked by social engineering such as phishing, vishing, smishing, baiting, shoulder surfing, dumpster diving etc. sending spam and other types of online fraud.
The guide also covers attacks on connections based on the intermediary of the exchange of information between a user and a web service in order to monitor and steal personal data, banking transactions, passwords, etc., creating fake Wi-Fi networks, spoofing in its various Modalities (IP, web, email, DNS), attack on cookies, SQL injection, port scanning and malware attacks, including the spread of viruses and Trojans, worms, malicious apps and others.
Finally, the guide suggests the following decalogue of cybersecurity best practices to improve the protection of devices and the security of user information:
– Use an antivirus to analyze all downloads and suspicious files and always keep it up to date and active.
– Always keep the operating system, browser and applications updated to the latest version in order to avoid vulnerabilities.
– Use strong and different passwords to protect all accounts. If possible, use two-step verification or another factor of authentication.
– Beware of suspicious attachments, links, or overly attractive promotions. Most scams are based on social engineering attacks that can be detected using common sense.
– Be careful where you navigate. Only use secure websites with https and digital certificate and use Ingnito mode if you don’t want to leave a trace.
– Only download legitimate applications or software from official websites to avoid getting infected with malware. When it comes to applications, remember to grant only essential permissions for their operation.
– Avoid connecting to public Wi-Fi networks or unknown wireless connections. Especially when confidential information such as bank details are to be exchanged. If you need to connect in an emergency, use a VPN.
– Do not share private information with strangers and do not post or store it on unreliable sites or web services.
– Make backup copies to minimize the impact of a possible cyber attack.
Copyright © Grupo Edefa SA Reproduction, in whole or in part, of this article is prohibited without the prior authorization of the publisher.