Have you ever been browsing the internet or on your social media channel then came across the message, “My Account has been hacked”? This statement rings at home more than anything.
Recently, a friend downloaded software online from an anonymous site, installed it and he could not access his machine anymore. Well, I once was told free many times come with an extra cost. This is just a type of security breach. Security breach happens when an intruder bypasses the set security mechanisms which range from a firewall on your computer to passwords on your social media accounts.
Annually, companies lose a lot of money to cybercriminals. Cybercriminals always target personal or company’s confidential information that has immense value and the information owners have no option than to pay. Often, the information collected includes names, credit card numbers, and identity cards among other important information. Early this month, Google decided to block some of the apps that were collecting the users’ information.
The interesting thing about the apps removed by Google from the AppStore is that the cyber criminals would take it down every 17 days and upload a new one. It is suggested that these apps gathered a total average of 565,833 installs. Additionally, the apps had codes added to the app to avoid suspicion.
The apps contained DEX files in their APKs in the form of packers to avoid the Google Play Store and researchers detect them. The following is the list of the fraudulent apps recently removed from Google Play Store:
- Beauty Camera and Photo Editor Pro (1 million)
- Best Selfie Beauty Camera (1 million)
- Yoriko Camera (1,00,000)
- Lite Beauty Camera (1 million)
- Beauty and Filters camera (1 million)
- Photo Collage and beauty camera (1,00,0000)
- Gaty Beauty Camera (5,00,000)
- Solu Camera (5,00,000)
- Pand Selfie Beauty Camera (50,000)
- Cartoon Photo Editor and Selfie Beauty Camera (1 million)
- Benbu Seilfe Beauty Camera (1 million)
- Pinut Selife Beauty and Photo Editor (1 million)
- Mood Photo Editor and Selfie Beauty Camera (5,00,000)
- Rose Photo Editor and Selfie Beauty Camera (1 million)
- Fog Selfie Beauty Camera (1,00,000)
- First Selfie Beauty Camera and Photo Editor (5 million)
- Vanu Selfie Beauty Camera (1,00,000)
- Sun Pro Beauty Camera (1 million)
- Funny Sweet Beauty Camera (5,00,000)
- Little Bee Beauty Camera (1 million)
- Grass Beauty Camera (1 million)
- Ele Beauty Camera 1 million Flower Beauty Camera (1,00,000)
- Orange Camera (5,00,000)
- Sunny Beauty Camera (1 million)
- Pro Selfie Beauty Camera (5,00,000)
- Selfie Beauty Camera Pro (1 million)
- Elegant Beauty Cam 2019 (50,000)
- Beauty Collage Lite (5,00,000)
- Selfie Beauty Camera and Photo Editor (1,00,000)
Types of Security Breaches
The manner in which access is gained to a system determines the type of security breaches.
Social engineering majorly deals with the individual’s psychological manipulation where the person’s interactions are involved. The activity doesn’t happen out of the blues, the perpetrator carries an intensive investigation to identify potential security weak points (weak links) to proceed with the attack. The aim of the attacker is always to gain access to sensitive information such as passwords and the way to do this is by gaining your trust. Social engineering involves either of the following techniques:
Phishing mostly uses emails and text message campaigns tricking people into clicking the links, which are meant to fetch their information. The headlines are always in a way to create a sense of urgency, fear, or curiosity in victims.
The emails or messages sent are always identical to legitimate messages or one is directed to a website that resembles an existing website that one has previously shopped on. I have received messages that I nearly clicked on. Haven’t you received a message from a friend urging you to do something such as click to reclaim an award? You know those messages with win iPhone X or government is giving this amount of money and the urge to click is there because the way the message is so catchy. Next time you see this kind of message, think twice before clicking.
The other techniques are Pretexting, Baiting, and tailgating. Phishing is the most common. Last week we all witnessed the hacking of the Twitter accounts of key individuals. That is just an example of social engineering.
Denial of Service Attack
Have you ever tried accessing a website but it seems to be down because of high traffic? Sometimes this results from hackers exhausting on the computer or server resources. This kind of attack is mostly aimed at government or financial institutions where the online services are paralyzed.
Malware, Spyware, and Viruses
Malicious software in many instances doesn’t come as a bundle on its own, it is always attached to legitimate software downloaded online. The same case applies to spyware and viruses. The signs of a system infected mostly happen with the system inefficiency, such as the computer taking too long to load. Some malware is downloaded when you click on suspicious email links or websites and install itself on your system. Two weeks ago, a friend downloaded software online, immediately after installing it, he couldn’t do a thing on his laptop.
The other common security breaches are Password attack, Eavesdrop attack, Man in the middle attack, and SQL Injection attack.
Measures to reduce the chances of a security breach
If you ever suspect or realize that a security breach has taken place in an organization or as an individual, the first best thing to do is act. Acting on time prevents further damage to the reputation of a company or you as a person. The following are the suggestions:
- If the attack involves your finances, contact the relevant financial institution. In 2015, while in Malaysia, a friend who was shopping online realized that his bank account had been withdrawn twice. The fascinating thing was that the transaction indicated that he was in the US. When he notified his banking institution, he received the help he needed and was able to prevent further loss of his finances.
- Strong Passwords. If you have watched the Big Bang Theory, the actor Sheldon Cooper hacks into Professor Proton’s email to access some of the information he had been denied. Later when asked how he did it, he says, too easy. If your name is Marrissa, the worst thing to do is have your password as Marrissa with some number, that one even an amateur can hack. Avoid using hints as a password such as children’s birthdates or loved ones’ names. Appropriately, use sentences. A friend back in campus had a password which was Merlin2013thedragon@killer. I bet no one will ever guess such for a password. Change passwords or PIN if you suspect that malicious activities have taken place on your account.
- Personal data. Ensure that when shopping or applying for anything where sensitive information is collected, that it is safe. When visiting a website, ensure that on their URL they have the padlock key at the top. If they do not have the lock key, there is a chance that the information that you share is easily retrievable to any tech-savvy individual visiting the site too.
- Monitoring account activities. Always monitor your account activities and that will help you know whether someone has accessed your information.
- Back up your information frequently. Ensure that you are backing your data on the cloud just in case of anything, you will still have access to your important information.
Do you have any concerns about security, let us know in the comments section or send us a message.