Nik Rawlinson explores how to protect yourself from the most common attacks and exploits
It might be a while since you last experienced a major malware attack – but the threat hasn’t gone away. Cybersecurity specialist SonicWall reports that there were more than 5.5 billion malware attacks recorded in 2022. And simply keeping your security software up to date may not keep you safe: cloud solutions provider Mimecast found that more than 90% of successful hacking attacks are now enabled not by traditional malware, but by someone unwittingly clicking on a phishing email.
If you want to minimise your risks, you need to recognise the biggest threats, and know how to avoid them – whether that’s via your computer, your mobile devices, your website or your smart devices.
FOUR COMPUTER
If it seems like the days of major virus outbreaks are behind us, that’s because operating systems have got much better at blocking this type of threat. Windows and macOS both have built-in safeguards to prevent applications from performing dangerous actions such as meddling with your system settings and replicating themselves – at least without your permission. This is what’s happening when Windows asks “Do you want to allow this app to make changes to your device?”
However, the effectiveness of these safeguards depends on the user paying attention, and not reflexively clicking “Yes” on apps they don’t know to be trustworthy. If you’ve downloaded an installer from an official store or the original manufacturer, the risk may be minimal, but if you get apps from sketchier sites – or via BitTorrent – they could be bundled with a malicious payload. At its most benign, this might be some unwanted utility or browser toolbar; at the opposite end of the scale, it could be a Trojan or even ransomware.
However, while installing untrusted downloads is a sure way to compromise your own security, it’s not the most common. Hackers and other malicious actors increasingly take a sneakier approach: in 2021, three-quarters of hackers said that traditional firewall and antivirus protections were obsolete in an age when they could instead use social engineering to gain access to privileged accounts.
Verizon’s 2023 Data Breach Investigations Report found that 74% of breaches “involved the human element, which includes social engineering attacks”. The UK government’s latest cybersecurity breaches survey confirmed that 79% of businesses and 83% of charities ha
