Keep My Computer Safe from Cyber Threats that Target Home Users

You know that sinking feeling you get in your stomach when you’ve misplaced your wallet and think you’ve lost it?

Even if it lasts for no longer than 10 or 30 seconds, your mind will start building scenarios at an incredible speed:

• I’ll have to cancel my cards!
• I’ll have to get my ID reissued!
• How much cash was in it?

The fear is palpable. The damage is tangible. You know what can happen if you lose your wallet, which is why you go out of your way to keep it safe.

Change Your Perspective

But you just don’t get the same feeling about the information stored on your computer. It’s natural not to, because they’re pixels on a screen, not money in the pocket. Because it’s data in the cloud, not documents in a briefcase.

The problem is that we increasingly see our money in the form of pixels which we use to shop online, and our data and work as documents in a cloud folder. Does that make them less valuable? I bet you’ll agree with me that it doesn’t.

The media talks a lot about cyber attacks, but also about their circumstances and consequences. And they have good reason to do so. But here’s the issue: “DDoS attack”, “data leaks”, “compromised credentials”, “CryptoWall 4.0 ransomware” – most Internet users usually ignore security jargon like this. To them, and maybe even to you, it doesn’t mean much. And there’s no one to be blamed here. After all, not everyone has the background to understand why these attacks are dangerous and why they should react to news like this.

You’ll often find information about threats that target companies and attacks directed at home users mixed together. So it’s understandably difficult to tell which ones you should worry about.

That’s why we decided to do something about it. We’re set on making it easier for you to figure out what you should protect your system against.

The 6 Most Common Cyber Threats that Target Home Users
(and What to Do About Them)

 

1. RANSOMWARE/CRYPTOWARE

What is it?

• One of the most evolved forms of malware on the market;
• A type of malware that can encrypt all your data and make it unusable;
• A strain of malware that cyber criminals use to extort victims into paying hefty sums to regain access to their information.

What ransomware can do to your system and data:

• It can infect your computer if you click on an infected banner, if you download and open an attachment from a spam email or if you end up on an infected website;
• Encrypt all your data, including file names or information stored in your cloud accounts synced on the PC;
• Ask for ransom to provide the encryption key (around $500, but it could be more and, very rarely, less);
• Harvest your data (system information, email addresses in your agenda, etc.) and send it to cyber criminal servers to use it in future attacks;
• Destroy your data, it the encryption key was not downloaded correctly and won’t work when trying to decrypt your data;
• Hide from being detected by antivirus products because of its communication mechanisms;
• Enlist your computer in a botnet and use its resources to launch attacks on other victims.

Give me an example: read about CryptoWall 4.0 – new, enhanced and more difficult to detect.

 

2. PHISHING

 

What is it?

• A method of harvesting confidential information from unsuspecting users;
• A way of taking advantage of the trust you have in certain companies, brands or people;
• A tactic used by cyber criminals to gather information about you so they can gain access to your bank account or steal your identity.

What phishing can do to your system and data:

• It can trick you to believe that that you’ve received an email or ended up on a website belonging to a company/person you trust;
• It can lure you into providing confidential information, such as credit card and bank account numbers, passwords, and other sensitive information on your PC;
• It can gather your private data and use it to break into your bank account and drain it;
• It can use the harvested data to steal your identity and perform all sorts of illegal actions while impersonating you, such as take a loan from a bank.

 

Give me an example: see how the Infamous DarkComet RAT is Used in Spear Phishing Campaigns.

Find out more about phishing from our dedicated security guide.

 

3. FINANCIAL MALWARE

What is it?

• A category of specialized malware that was built to collect information associated with financial transactions;
• One of cyber criminals’ favorite ways to commit banking fraud and gain funds illegally;
• An important and advances segments of the malware market in terms of capabilities.

What financial malware can do to your system and data:

• It can bypass antivirus detection to compromise your system without your knowledge;
• It can remain dormant on your system for a long time, so it can collect as much financial information as possible;
• It can give attackers the information they need to hack into your bank account and start drawing money until there’s nothing left;
• It can force you to cancel your cards or temporarily freeze your bank accounts;
• It can leave you penniless while on vacation or in another delicate moment where you need funds readily available.

Give me an example: find out which are The Top 10 Most Dangerous Malware That Can Empty Your Bank Account.

4. ZERO DAY ATTACK

What is it?

• A type of attack or a threat that exploits vulnerabilities in the apps you use that not even the app maker knows they exist;
• An attack where cyber criminals use exploits (malicious code especially designed for this) to infiltrate your system via vulnerabilities that there is not update for at the time of the attack;
• A way to compromise your system fast, before software makers can release an update to close the security holes that expose users.

What Zero Day attacks can do to your system and data:

• It can take advantage of vulnerabilities in your software to infect you with ransomware or financial malware or other type of data-stealing Trojans or malware;
• It can render your computer unusable, compromise your data (through encryption or other means) and harvest your confidential information to use it against you later on;
• It can also enlist your computer in a botnet, a network of infected computers whose resources are used by cyber criminals to launch other attacks or send spam emails.

Give me an example: here’s The never-ending Zero Day created by the fact that Microsoft shut down antimalware support for Windows XP users.

5. SOCIAL ENGINEERING

What is it?

• A tactic used by cyber criminals that involves psychological manipulation rather than technical means;
• A method attackers use to gain confidential information or access to your computer, your bank account or restricted areas at your workplace;
• It’s usually one of the steps in a more complex fraud scheme that spans over a longer period of time.

What social engineering can do to your system and data:

• It can trick you into divulging information to cyber criminals that you would otherwise not share (their persuasive tactics could fool almost anyone);
• It can make you liable in case the attackers are after assets that belong to your company;
• It can cause financial, social or emotional damage by depriving you of money, goods or by making you go through distressing situations;
• It can persuade you to give attackers unrestricted access to your computer, as it happens in the context of a tech support scam.

Give me an example: read about the Top 11 Scams Used by Online Criminals to Trick You which involve social engineering tactics.

6. IDENTITY THEFT

What is it?

• A means of impersonating another individual to maliciously gain financial advantages or other type of benefits in that person’s name;
• A way to collect information you share online and use it for malicious purposes, such as assuming your identity in relation to organizations or other people.

What identity theft can do to your system and data:

• It can breach your privacy and affect both your personal and professional life;
• It can harm your financial resources, your social reputation or your legal status;
• It can affect your family and friends, not just yourself;
• It can cause emotional damage;
• It can make you legally responsible for criminal acts committed by the attackers;
• It can give you the painstaking challenge of cleaning up after such an attack.

Give me an example: see this article on How to Prevent Identity Theft in 20 Essential Steps.

Keep My Computer Safe
Give Me the Basic Security Checklist

Although there are 6 common types of attacks that cyber criminals focus on, keeping safe against them requires less effort than you imagine.

The key is to cover your security basics. Yes, it’s as simple as that.

It may sound counterintuitive, but following a few, simple tips can make your system stronger against attacks, even the most sophisticated kind. And the fact that you’re reading this article is already a big win!

So let’s see what the next steps are (do read them through, even if you’ve heard them many times before):

Conclusion

You may read about a lot of cyber attacks on a daily basis, but many of them fall into the categories above when it comes to home users, like you and me. Knowing what these attacks are will help you learn how to get protected against them.

I hope the information above made you say “it’s actually not that difficult to keep my computer safe.” Because it really isn’t once you get started and keep the advice listed here in the back of your mind.

See you on the safe side!