Cyber crime is a term that covers a broad scope of criminal activity using a computer. Some common examples of cyber crime; include identity theft, financial fraud, website defacement, and cyber bullying. At an organizational level, cyber crime may involve the hacking of customer databases and theft of intellectual property. Many users think they can protect themselves, their accounts, and their computers with anti-spyware and anti-virus software only. Cyber criminals are becoming more sophisticated and are targeting consumers as well as public and private organizations. Therefore, additional layers of defense are needed.
An example of one type of cyber crime is an account takeover. This happens when cyber criminals compromise your computer and install malicious software, such as key loggers, which record key strokes, passwords, and other private information. This in turn allows them access to programs and web sites using your log-in credentials. Once these criminals steal your password, they may be able to breach your online bank account. These criminals can be anywhere in the world and may be able to transfer your money almost immediately.
The effects of a single, successful cyber-attack can have far-reaching implications including financial losses, theft of intellectual property, and loss of consumer confidence and trust. The overall monetary impact of cyber crime on society and government is estimated to be billions of dollars a year.
Training and awareness are important first steps in mitigating these attacks. All citizens, consumers, and employees should be aware of cyber threats and the actions they can take to protect their own information, as well as the information within their organization.
In order to minimize the risk of becoming a cyber crime victim, the following measures should be undertaken;
- Use strong passwords.
- Use separate ID/password combinations for different accounts, and avoid writing them down.
- Make the passwords more complicated by combining letters, numbers, and special characters.
- Change them on a regular basis.
- Secure your computer:
- Enable your firewall.
- Firewalls are the first line of cyber defense; they block connections from suspicious traffic and keep out some types of viruses and hackers.
- Prevent viruses from infecting your computer by installing and regularly updating anti-virus software.
- Block spyware attacks.
- Prevent spyware from infiltrating your computer by installing and updating anti-spyware software.
- Secure your mobile devices.
- Be aware that your mobile device is vulnerable to viruses and hackers. Download applications from trusted sources only. Do not store unnecessary or sensitive information on your mobile device. Most importantly, keep the device physically secure; millions of mobile devices are lost each year. If you do lose your device, report it immediately to your carrier and/or organization. Some devices allow remote data erasing.
- Always protect your mobile device password.
- Install the latest operating system updates.
- Keep your applications and operating system (e.g., Windows, Mac, Linux) current with the latest system updates. Turn on automatic updates to prevent potential attacks on older software.
- Protect your data.
- Use encryption for your most sensitive files such as health records, tax returns, and financial records.
- Make regular backups of all of your important data.
- Secure your wireless network.
- Wi-Fi (wireless) networks are vulnerable to intrusion if they are not properly
- Public Wi-Fi, a.k.a.hot spots may also be vulnerable. Avoid conducting sensitive transactions on these networks.
- Protect your e-identity.
- Be cautious when giving out personal information such as your name, address, phone number, or financial information on the Internet. Ensure that websites are secure, especially when making online purchases, or ensure that you’ve enabled privacy settings (e.g., when accessing/using social networking sites, such as Facebook, Twitter, YouTube, etc.). Once something is posted on the Internet, it may be there forever.
- Avoid being scammed.
- Never reply to emails that ask you to verify your information or confirm your user ID or password.
- Don’t click on a link or file of unknown origin. Check the source of the message; when in doubt, verify the source.