Everything from stolen money, theft of personal and financial data, loss of productivity and the damage and destruction of critical corporate or individual data is categorized as cybercrime. Unfortunately, the hackers and those that commit cybercrimes are becoming more and more sophisticated
What are the best ways to protect your computer and your personal data?
The best way how to protect yourself against cybercrime is prevention. For online security, five key points are good to keep in the mind: Precaution, Prevention, Protection, Preservation and Perseverance.
These points are included in the following steps:
- Avoid disclosing personal information on Internet and emails
- Carefully consider sending any photograph online, – anyone can use it anytime in the another context
- Use strong passwords
- Use and update antivirus software
- Avoid sending credit card number and its passwords by email
- Keep a watch on the sites that your children are accessing
- Keep back up of your data to prevent loss of information due to virus attack
- Use a security program that gives control over the cookies
- Keep software and operating system updated
- Never open attachments in spam emails
- Do not click on links in spam emails or untrusted websites
- Contact companies directly about suspicious request
- Keep an eye on your bank statements
- Be mindful of which websites you visit
How can I recognize the safe websites?
The 3 website safety tips below will clear away the uncertainty and teach you how to identify if a site is trustworthy or not. First, you’ll learn a couple of simple visual checks that give you useful info at a glance. Then, we’ll explain the website safety tools you should have in place to inform and guide you. Finally, we’ll tell you how to research a little deeper should any questions still remain. Now let’s get savvy and put the fun back into web surfing.
1 – Website safety visual checks
- Double-check those URLs — Let’s start with the easiest tip. It’s really no more difficult than making sure the URL looks legit. Before you click any link, hover your cursor over it and look at the bottom left corner of your screen where the URL is displayed. The first trick of phishingis to look as authentic as possible. At first sight, the URL might look like the real McCoy, but closer inspection may reveal a 1 instead of an l, or .net instead of .com. Train yourself to sanity check each and every URL before you click or before you enter any personal information like a username and password.
- Check for https — Those letters you see at the start of every URL stand for Hypertext Transfer Protocol (http). It’s the foundation for how data is communicated on the web. And while it’s eminently useful, it’s also easily hackable. The addition of an “S” as in “https” (and the lock icon), however, tells you that the site is secure. Websites with a padlock icon in the address bar and an https prefix are encrypted and have a trusted SSL certificate, basically guaranteeing a secure connection between website and browser. If you cannot verify that a website or link is safe with https, be on your guard and do not enter any personal information.
And, do note: cybercriminals do everything in their power to present themselves as legit, so while https: websites are more secure, you could be on to one that is run by a crook. So, if you are still suspicious about an https: site, use the other safety tools below to check if a website is safe.
2 – Website safety tools
- Use your built-in browser tools — The first tools you should familiarize yourself with are the security measures already in your browser. Look at your privacy and security settings. Chances are, you’ll find the default settings are more lax than you like. Manually adjust the rules and settings in the way that makes you comfortable. Block popups, prevent automatic downloads, don’t allow tracking. Your options will vary depending on your browser of choice.
- Run an online website safety check — There are several from which you can choose, but we recommend VirusTotal for its unbiased position. These online tools use antivirus scanners and other security solutions to check a website for any threats. Simply enter the URL you want scanned into the search bar on the site, and get instant results. Enter a URL, and VirusTotal will tell you if the site is suspicious.
- Install web security tools — For total website safety confidence, protect yourself with top-of-the-line cybersecurity suites, (f.e. Avast Free Antivirus, McAfee, AVG, Windows Defender). You can also add the benefit of privacy to website safety if you go with a virtual private network.
3 – Website safety quick research
- Check contact details for the website — If you’ve done all of the above and you’re still not quite sure, then march on up to the front door and knock. That is to say, find the “Contact Us” info on the site and give them a call. Depending on how (and if) they answer will clue you as to whether or not it’s a legitimate operation.
- Check if your antivirus has an Anti-Phishing Certificate — Not all do. Look for 3rd-party labs who test for anti-phishing, such as AV-Comparatives. They test antivirus products against phishing URLs (which attempt to get your personal information) and they check for false positives when it comes to legitimate banking websites, to make sure the security product knows the difference.
- Look up the domain owner of the website using WHOIS — You can also research who owns a particular domain by checking the public records available through a WHOIS search. Learn everything about the domain, including who registered it and when.
A Business Response to Cyber Crime
As a business, your best bet against cyber crime is to prepare a solid incident response plan. Often planning is not enough — you should have the security staff and tools in place to execute it. An incident response plan, according to the SANS framework, includes:
- Preparation—codifying your security policy, identify types of critical security incidents, prepare a communication plan and document roles, responsibilities and processes for each one. Recruit members to your computer security incident response team(CSIRT) and train them.
- Identification—use security tools to accurately detect anomalous behavior in network traffic, endpoints, applications or user accounts, and rapidly collect evidence to decide what to do about the incident.
- te the affected systems, clean them and gradually bring them back online.
- Eradication—identify the root cause of the incident, and do everything to ensure the issue does not repeat itself. Fix broken security measures that let in the attackers, patch vulnerabilities, and ensure you clean malware from all endpoints.
- Recovery—bring production systems back up, taking care to prevent another similar attack. Test to ensure that systems are back up and working as usual.
- Lessons Learned—up to two weeks after the incident, review it with the team to understand what went well and what didn’t, and improve your incident response plan.
The EU tries to combat cybercrime by a wide range of means. In 2005, the Council adopted the EU counter-terrorism strategy to fight terrorism and make Europe safer. The strategy includes four pillars: prevent, protect, pursue, respond.
To fight and pursue cybercrime on different levels, EU has implementedthe following legislative actions:
- 2001 – Framework Decision on combating fraud and counterfeiting, which defines the fraudulent behaviours that the EU States need to consider as punishable criminal offences.
- 2002 – ePrivacy Directive, which defines regulations of electronic communications within the EU, to increase privacy for individuals and entities.
- 2011 – A Directive on combating the sexual exploitation of children online and child pornography, which addresses new developments in the online environment, such as grooming (offenders posing as children to lure minors for sexual abuse)
- 2013 – A Directive on attacks against information systems, which aims to tackle large-scale cyber-attacks to strengthen national cyber-crime laws and introduce tougher criminal sanctions
Internationally active organizations seek to contribute to the fight against cybercrime. There are two major organizations operating in the EU:
European Cybercrime Centre – EC3 assists member states in their efforts to dismantle and disrupt cybercrime networks and developing tools and providing training.
The European Union Agency for Cybersecurity (ENISA) works to deliver advice and solutions and improving cybersecurity capabilities. A centre of expertise for member states and EU Institutions seek advice on matters related to network and information security.