The recent announcement by the National Protection Authority of South Africa (NPA) that 177 cybercrime cases have been finalised in the past year has highlighted the need for individuals to make sure that they are adequately protected from hackers.
This is according to Athol Wesselink, chief technical engineer at OpenWeb – a nationwide Internet service provider, who says that consumers must take preventative measures to ensure that their protection infrastructure makes hacking into their personal online platforms a laborious task for cybercriminals.
“While advanced cybercriminals are usually able to hack into any account or system they set their sights on, individuals can mitigate the risk by ensuring that their systems and accounts are as well protected as possible and are therefore a less attractive option for hackers.”
Wesselink explains that the ‘hacking industry’ evolves at the same rapid rate as developments in the technology industry, which means that Internet users cannot rely on out-dated infrastructure for protection.
He says that individuals can implement the following simple steps to ensure that their online behaviour as well as their protection infrastructure is as effective as possible in deterring cybercriminals:
Learn how to identify a 419 scam
Wesselink says that 419 scams are tricks that offer the victim a significant amount of money or a loan in exchange for a small upfront fee or for personal details. “The victim is usually contacted with a ‘call to action’, such as an e-mail encouraging him / her to follow a link to a website where personal information (such as credit card details, a physical address, ID number, contact details and the names of family members) or an online payment is requested.
In most cases, when a deal seems too good to be true, it usually is and browsers must refrain from engaging with the platform. He adds that browsers must also always ensure that the URL of any website includes https:// which usually indicates that it is a trustworthy source and that Internet users must be vigilant when opening e-mails, ensuring that the e-mail address and the domain name are unanimous.
“If an e-mail appears to be from SARS for instance, but the e-mail address does not include the SARS domain name (usually displayed after the @ symbol), it is definitely a scam. In any event, it’s highly unlikely that SARS or any banking institution will contact an individual via e-mail requesting user information.”
Be on the lookout for tell-tale signs
When a social-media or e-mail account has been hacked it can easily go unnoticed if the owner of the account is not sure what to look for, says Wesselink. “When hacking a social media or e-mail account, it is unlikely that cybercriminals will do any real damage to the account itself or send or post false information.
“Instead, hackers will browse the account for personal information to add to their database and attempt to enter and leave the account unnoticed. They will then use this personal information to commit crimes such as identity theft. Users must always check their last access date – which is usually displayed in the bottom right corner of the screen in the programme’s ‘settings’ function – to determine whether any suspicious activity has occurred.”
Ensure that programmes are up to date
Wesselink says that cybercriminals will search through a programme’s coding to find holes or “exploits” through which they can launch a virus. “By updating the computer’s operating systems (OS) and antivirus software regularly users can better ensure that the machine remains protected against known hacks as the OS and antivirus software know how to identify these hacks.”
Strong password discipline
All consumers must practise good password usage which includes changing passwords every three months and constructing passwords of 8 alpha-numeric digits including at least one symbol, says Wesselink. “In addition, it is a bad idea to use the same username and password for multiple accounts because if a hacker accesses one of the accounts they will definitely try using the same username and password for all the other accounts, thereby gaining access to all private accounts in one go. Proper password control is key to ensuring that all private accounts are protected.”
Read the pop-up information before you click
Wesselink explains that while computer viruses are malicious programs, they are still subject to authorisation protocols and generally cannot enter a computer without permission. “As a result, a criminal will often disguise a virus as a desirable programme to encourage users to click on it, such as a programme or software that can be used to ‘decode a video’ to make it compatible with other machines.
Unknowingly, users often just click on all the pop-up boxes that appear on the screen, thereby downloading the virus. Only once the virus or Malware has been downloaded and activated can it begin to infect the computer. This is why it is important to be extra vigilant before clicking on any downloads and ensuring that the programme is 100% legitimate.”
“With national cybercrime incidents increasing at a rapid rate, all Internet users must ensure that they are doing their part in keeping cybercriminals at bay by adapting their online behaviour and ensuring that their personal protection infrastructure is up to date,” concludes Wesselink.