Rise in cyberattacks: are you protected?
According to an analysis of 7 million domain names conducted by Scamadvisor, 3% of all websites have a Trust Score lower than 20, meaning that they are very likely a scam. Discover our solutions to protect yourself and your company against these attacks.
The COVID-19 pandemic has proven to be the perfect opportunity for the scam industry to boom worldwide. According to Scamadviser’s report, the number of scams increased from 139 million in 2019 to 266 million in 2020. Almost all countries have reported an increase in scams, as shown in the graph below.
Most attacks are phishing attacks. The typical phishing attack consists in receiving an email that seems to provide from a legitimate source such as a bank or customer support, asking you to click on a fake link or sharing some personal information.
During the worst of the pandemic, it was also common to receive pandemic-related scams, sent by a false alias of WHO, false HR requests related to the organisation of remote work, the sale of a “miraculous cure” or a fake relief fund.
Fail to recognize the threat and your computer can get infected in just a click.
Other examples include some of the Android applications that have been developed to track the spread of the virus around the world and that were corrupted by a Trojan horse or ransomware.
Within the last year and a half, a number of domain names linked to the virus were created, more than half of which were believed to be linked to malware. Up to a thousand websites using the domain name “Covid” or “Corona” were created daily.
But according to Thales, more than 50% of these sites aim to introduce malware. Beware!
To protect yourself and your company against scams and phishing attacks, start by taking the 8 steps below:
- Don’t open questionable emails
- Don’t click on an anti-virus pop-up
- Choose complicated passwords, don’t reuse them and change them frequently
- Use a VPN
- Don’t go on sites that don’t use an SSL
- Use a secure Wi-Fi connection
- Make sure your anti-virus is enabled
- Install encryption tools and use MFA
- Don’t open questionable emails.
Have you ever clicked on a link or an attachment inside an email that appeared to be an authentic communication from, a bank, subscription service, or online payment site but, in fact, wasn’t? If yes, there is a good chance you’ve been compromised, falling for one of the most common ways cybercriminals go after unsuspecting victims: the phishing scam.
- Don’t click on an anti-virus pop-up. Similarly, if you’ve ever clicked on an anti-virus pop-up, you may have installed malware (various forms of harmful software such as viruses and ransomware) which can monitor your online actions and send your confidential data straight to the attacker.
- Choose complicated passwords, don’t reuse them and change them frequently. We’ve all heard that we need to create unique passwords for every application and website that requires one but, still, many of us continue to use the same passwords over and over again, a fact that attackers are all too aware of. Using one password for every login is, basically, like using one key to unlock every door in your life: your home, your car, your mailbox. If someone is able to get a hold of that one key, your entire world is easily accessible.
- Use a VPN.
A Virtual Private Network (VPN) allows you to send and receive data over the Internet as if you were on a private network. Just as a firewall protects the data on your computer, a VPN protects your online data. Your information is encrypted, protecting you from hacking. Do keep in mind, however, that not all VPNs are equally useful. Look for one that uses a secure protocol, doesn’t log your activity and isn’t too restrictive with which devices it allows on its network.
- Don’t go on sites that don’t use an SSL.
A Secure Socket Layer (SSL) encrypts data between browsers and websites. This means that your bank account information, personal details, login passwords, and anything else you want to be kept private will be less likely to fall prey to criminal interference. How do you know if a site uses an SSL certificate? Look for the URL to begin with the letters HTTPS and for your browser to display a green lock icon to the left of the URL.
- Use a secure Wi-Fi connection.
Whether it’s for your personal or professional use, you have to ensure that your domestic Wi-Fi connection is secure. Remember to change the default password for your router. In order to secure your Wi-Fi network even more, you can also deactivate the SSID, in order to hide the network name. It will be hidden from other users, but you will have to configure each new connection by re-entering the information.
- Make sure your anti-virus is enabled and your security software is up-to-date.
- Install encryption tools and use MFA.Verify that you have installed encryption tools for all employees and use a multi-factor authentication (MFA) solution. Such a solution will require your employees to provide at least two credentials to validate their identity, whether in the form of a password, physical token, or numeric code, etc.
These kinds of Internet-related threats are real and persistent. And make no mistake about it: cybercriminals will go after the easiest, most vulnerable targets. If you aren’t taking precautions to protect yourself, you are essentially low-hanging fruit just waiting to be picked.
At EuroDNS, we take your online safety very seriously, which is why we offer a series of measures to guarantee the safety of your domain:
- We offer two-step verification (TSV) for your EuroDNS account. Imagine the damage that could be inflicted should a hacker take control of your domain name. To avoid this risk, TSV requires you to confirm your identity with a password and a unique verification code. It’s very easy to use and set up and, we think, an absolute necessity.
- We also recommend you purchase the “Domain Privacy” option for your domain. You have the option to purchase this option that protects the contact details we are obligated to submit to WHOIS with every domain registration, details which are made public. Domain privacy ensures that the WHOIS database will, instead, show proxy contact information for your domain, removing from public view your personal information. Not every registry allows this option, so be sure to review our list of domain extensions to see which ones do.
On November 3rd and 4th, a Global Online Scam Summit powered by ScamAdvisor will take place, with lots of contributors sharing knowledge on how to fight scams and fraud on the Internet. Interested? You can register here.