7 Dumb Things You Do to Make a Cybercriminal's Life Easier
There are A LOT of security threats out there. Viruses, spyware, Trojans, phishing sites, ransomware, and whole of a lot more. Still, you don’t take security seriously, thinking that "something like that could never happen to me."
The truth of the matter is that it could indeed happen to you. Not only that, but you’re making life easier for the bad guys with bad habits such as…
1. You give away your password when someone asks for it (especially when chocolate is involved)
Social engineering is the art of tricking people into doing things they shouldn’t, and cyber criminals often use it to trick people into doing things for them, like revealing information that should never be revealed – I am talking about passwords, of course. You should never disclose your passwords, no matter who asks for it, be it one of your coworkers, a friend, or even your spouse.
Turns out that the easiest way to get your hands on someone’s password is to just ask for it. And if you want to make sure they don’t say no, offer them some chocolate. I am seriously not kidding. According to this study, more than 70% of people would reveal their computer password in exchange for a bar of chocolate.
"Ah, but that study is old, things have changed for the better since then," you might be tempted to think. A more recent study by the Université du Luxembourg shows that they haven’t.
"The research showed that this small gift greatly increased the likelihood of participants giving away their password. If the chocolate was only given out afterwards, 29.8 per cent of participants revealed their passwords. However, if the chocolate was received generally beforehand, a total of 43.5% of the respondents shared their password with the interviewer."
2. You pick the worst passwords possible (again and again and again)
For years now, SplashData publishes an annual report that highlights the year’s worst passwords. Do you know what the top 2 worst passwords of 2015 were? They were 123456 and password. In 2014, the top 2 worst passwords were 123456 and password. In 2013, the top 2 worst passwords were, you’ve guessed it, 123456 and password. In 2012, the same! In 2011, the same!
Since SplashData started publishing these reports 5 years ago, the top two entries have always been the same: 123456 and password.
SplashData, a leading provider of security applications and services, publishes these reports to encourage the adoption of stronger passwords and to improve Internet security. It doesn’t seem to be working. People don't want to give up on their bad habits.
3. When you do pick a strong password, you use it everywhere (instead of using a password manager)
Here’s some password security 101: you should pick a strong password for your online accounts and other services. Not one strong password for all your accounts, a different password for each account. But that seems like a lot of work and, according to the statistics, you’re not willing to do it. So you pick a strong password and decide that you’re going to use it for all your accounts.
Here’s why that’s a bad idea: if the bad guys manage to compromise one account, they’ll be able to compromise all your accounts. It’s like having a thousand locks but only one key. That one key can open all of the locks. The bad guys can easily compromise all of your accounts because they’re all protected by the same password.
Picking strong passwords and managing multiple passwords isn’t a difficult task. Not if you use a password manager.
There’s one more thing you need to know: passwords, even strong ones, aren’t enough. As World Password Day pointed out, you need to enable two-factor or multi-factor authentication to keep your accounts safe. Thanks to multi-factor authentication, the bad guys won’t be able to compromise your accounts, even if you recycle passwords.
That’s because multi-factor authentication works something like this:
4. You don’t get the latest updates (because you don’t want things to change)
You have applications and tools that you use day in and day out, you know where everything is, you know how everything works, and you don’t want things to change. Windows updates and software updates might do precisely that. They might change the way things look, they might change the way things work, and you don’t want that.
There’s one more thing that updates do: they fix bugs and plug security holes. One key security measure that all experts follow (and so should you!) is always staying updated. That means keeping the operating system patched and up-to-date, and regularly updating all the applications and tools that you use.
On the bright side, staying updated is a lot easier than it used to be. Applications can automatically download and install the latest updates, or at least notify you when updates are available. You don’t have to manually update software, like you had to back in the day.
5. You don’t have a proper security solution (because you think Windows Defender is good enough)
Don’t get me wrong, I’m a big fan of Windows Defender. It’s free, it’s built into the Windows operating system, it doesn’t hog system resources or cause slowdowns, it doesn’t bother you with pop-ups, and it doesn’t provide bad protection if...
If you’re the type of user who takes security seriously, knows about the dangers that are out there, and follows standard computer security practices to stay safe. If you don’t fall in that category, it would be best to use some other security software.
Speaking about other security software, AV-TEST and AV-Comparatives frequently put antivirus and security products to the test. And while Microsoft’s Windows Defender doesn’t do too badly, it doesn’t do as well as other security products.
So if you don’t want to constantly worry about security, it would be best to give up on Windows Defender and get some other security solution. Here’s a list of security software providers that offer security software that’s compatible with Microsoft’s Windows operating system.
6. You never back up your important files (because they’re safely stored on an SSD)
Hard disks (HDDs) failed because they had all those moving parts. Solid-state disks (SSD) don’t have any moving parts, so there’s no need to worry about data loss accidents. My files are safely stored on my SSD and there’s no chance that I could ever lose them. Not exactly!
Let’s assume for a second that your SSD will last forever (which it won’t). What happens if you manage to lose your laptop and can’t get it back? Or what if your system becomes infected with ransomware? You might get rid of the ransomware, but then again you might not.
That’s why its crucial to back up important files that you don’t want to lose.
So take the World Backup Day pledge and solemnly swear to back up your important documents and precious memories, because you never know when a data loss accident might occur.
7. You connect to any free WiFi hotspot (even though they can’t be trusted)
In this day and age, it’s crucial to stay connected, to have a constant connection to the internet. At home, you connect to your personal network. At the office, you connect to the company network. And when you’re out and about, you connect to any free WiFi network you can find.
The problem with free WiFi hotspots is that they can’t be trusted.
It might have been set up by a cybercriminal for the specific purpose of stealing your data. It might not have been set up properly, meaning it can allow cybercrooks to eavesdrop on your conversations and even steal your personal information.
What you should do, if you want to stay safe, is use a VPN. One of the benefits of using a VPN is that it encrypts your connection. The data you send and receive over the internet is encrypted, meaning you’re protected against would-be eavesdroppers and cybercriminals.
There are lots of VPNs out there, but the one that recently caught my attention is the VPN that’s built into the Opera web browser. Also, Opera VPN, a fast, free and unlimited ad-blocking VPN app for iOS.
The truth of the matter is that it could indeed happen to you. Not only that, but you’re making life easier for the bad guys with bad habits such as…
1. You give away your password when someone asks for it (especially when chocolate is involved)
Social engineering is the art of tricking people into doing things they shouldn’t, and cyber criminals often use it to trick people into doing things for them, like revealing information that should never be revealed – I am talking about passwords, of course. You should never disclose your passwords, no matter who asks for it, be it one of your coworkers, a friend, or even your spouse.
Turns out that the easiest way to get your hands on someone’s password is to just ask for it. And if you want to make sure they don’t say no, offer them some chocolate. I am seriously not kidding. According to this study, more than 70% of people would reveal their computer password in exchange for a bar of chocolate.
"Ah, but that study is old, things have changed for the better since then," you might be tempted to think. A more recent study by the Université du Luxembourg shows that they haven’t.
"The research showed that this small gift greatly increased the likelihood of participants giving away their password. If the chocolate was only given out afterwards, 29.8 per cent of participants revealed their passwords. However, if the chocolate was received generally beforehand, a total of 43.5% of the respondents shared their password with the interviewer."
2. You pick the worst passwords possible (again and again and again)
For years now, SplashData publishes an annual report that highlights the year’s worst passwords. Do you know what the top 2 worst passwords of 2015 were? They were 123456 and password. In 2014, the top 2 worst passwords were 123456 and password. In 2013, the top 2 worst passwords were, you’ve guessed it, 123456 and password. In 2012, the same! In 2011, the same!
Since SplashData started publishing these reports 5 years ago, the top two entries have always been the same: 123456 and password.
SplashData, a leading provider of security applications and services, publishes these reports to encourage the adoption of stronger passwords and to improve Internet security. It doesn’t seem to be working. People don't want to give up on their bad habits.
3. When you do pick a strong password, you use it everywhere (instead of using a password manager)
Here’s some password security 101: you should pick a strong password for your online accounts and other services. Not one strong password for all your accounts, a different password for each account. But that seems like a lot of work and, according to the statistics, you’re not willing to do it. So you pick a strong password and decide that you’re going to use it for all your accounts.
Here’s why that’s a bad idea: if the bad guys manage to compromise one account, they’ll be able to compromise all your accounts. It’s like having a thousand locks but only one key. That one key can open all of the locks. The bad guys can easily compromise all of your accounts because they’re all protected by the same password.
Picking strong passwords and managing multiple passwords isn’t a difficult task. Not if you use a password manager.
There’s one more thing you need to know: passwords, even strong ones, aren’t enough. As World Password Day pointed out, you need to enable two-factor or multi-factor authentication to keep your accounts safe. Thanks to multi-factor authentication, the bad guys won’t be able to compromise your accounts, even if you recycle passwords.
That’s because multi-factor authentication works something like this:
- Enter your username and password to log into your account.
- A code will be sent to you; enter this code to confirm that you’re the one trying to access your account and thus complete the login procedure.
4. You don’t get the latest updates (because you don’t want things to change)
You have applications and tools that you use day in and day out, you know where everything is, you know how everything works, and you don’t want things to change. Windows updates and software updates might do precisely that. They might change the way things look, they might change the way things work, and you don’t want that.
There’s one more thing that updates do: they fix bugs and plug security holes. One key security measure that all experts follow (and so should you!) is always staying updated. That means keeping the operating system patched and up-to-date, and regularly updating all the applications and tools that you use.
On the bright side, staying updated is a lot easier than it used to be. Applications can automatically download and install the latest updates, or at least notify you when updates are available. You don’t have to manually update software, like you had to back in the day.
5. You don’t have a proper security solution (because you think Windows Defender is good enough)
Don’t get me wrong, I’m a big fan of Windows Defender. It’s free, it’s built into the Windows operating system, it doesn’t hog system resources or cause slowdowns, it doesn’t bother you with pop-ups, and it doesn’t provide bad protection if...
If you’re the type of user who takes security seriously, knows about the dangers that are out there, and follows standard computer security practices to stay safe. If you don’t fall in that category, it would be best to use some other security software.
Speaking about other security software, AV-TEST and AV-Comparatives frequently put antivirus and security products to the test. And while Microsoft’s Windows Defender doesn’t do too badly, it doesn’t do as well as other security products.
So if you don’t want to constantly worry about security, it would be best to give up on Windows Defender and get some other security solution. Here’s a list of security software providers that offer security software that’s compatible with Microsoft’s Windows operating system.
6. You never back up your important files (because they’re safely stored on an SSD)
Hard disks (HDDs) failed because they had all those moving parts. Solid-state disks (SSD) don’t have any moving parts, so there’s no need to worry about data loss accidents. My files are safely stored on my SSD and there’s no chance that I could ever lose them. Not exactly!
Let’s assume for a second that your SSD will last forever (which it won’t). What happens if you manage to lose your laptop and can’t get it back? Or what if your system becomes infected with ransomware? You might get rid of the ransomware, but then again you might not.
That’s why its crucial to back up important files that you don’t want to lose.
So take the World Backup Day pledge and solemnly swear to back up your important documents and precious memories, because you never know when a data loss accident might occur.
7. You connect to any free WiFi hotspot (even though they can’t be trusted)
In this day and age, it’s crucial to stay connected, to have a constant connection to the internet. At home, you connect to your personal network. At the office, you connect to the company network. And when you’re out and about, you connect to any free WiFi network you can find.
The problem with free WiFi hotspots is that they can’t be trusted.
It might have been set up by a cybercriminal for the specific purpose of stealing your data. It might not have been set up properly, meaning it can allow cybercrooks to eavesdrop on your conversations and even steal your personal information.
What you should do, if you want to stay safe, is use a VPN. One of the benefits of using a VPN is that it encrypts your connection. The data you send and receive over the internet is encrypted, meaning you’re protected against would-be eavesdroppers and cybercriminals.
There are lots of VPNs out there, but the one that recently caught my attention is the VPN that’s built into the Opera web browser. Also, Opera VPN, a fast, free and unlimited ad-blocking VPN app for iOS.
