Tips are necessary part of our life. But, what happens when they can’t be trusted? Don’t you think that is one of the most horrifying thoughts to come across especially in this era of information technology which has made most of our personal and business data available on Internet? Well, it looks like cyber criminals have picked up the same thing and with an intention to exploit this vulnerability. According to a research from security firm Imperva Incapsula, almost 1/3rd (32%) of web traffic generated by popular websites originate from cybercriminals who use deceptive tips as a way for breaches. The research says that 88% of these tips entice victims into clicking them while only 10% mislead them or break their trust towards a brand or a service.
Tips are a great way for spreading awareness among people about latest security trends and updates, but cybercriminals have turned them into beacons of disaster. According to the study, “social-engineering attacks that use deceitful tips as baits now account for 32% of all web traffic.”
Social engineering is a technique used by cyber criminals to exploit human tendencies. They do it with an intention to trick their victims into sharing crucial information like login credentials or credit card details which can later help them in stealing money and launching other malicious campaigns on targeted systems and devices without getting noticed.
Cyber security firm Imperva Incapsula has conducted this research to highlight the growing number of cyber-attacks that are done through deceptive tips. The company analyzed almost 1/3rd (32%) of web traffic generated by popular websites and found that 10% tips mislead people and break their trust towards a brand or service, while 88% entice victims into clicking them.
The study says: “Over the past six months we’ve monitored close to four billion visits to over 700 sites protected by Incapsula – resulting in over 21 billion page views – and our findings indicate that deceptive social-engineering attacks now account for 32 percent of all web traffic.”
The most common type of these attacks includes fake error messages which tricked users into submitting sensitive information such as credentials including usernames and passwords. Fake tips from social media sites like Facebook were also seen to be an attractive option for criminals.
Tips generally tend to spread awareness about latest security trends and updates, but cybercriminals have turned them into beacons of disaster. Although many people take care while sharing their personal information online, few people do not always know the right way to stay safe from deceptive tips – a technique used by hackers to trick people into giving out sensitive information such as usernames and passwords which can later help them in stealing money and launching other malicious campaigns on targeted systems and devices without getting noticed.
So how do you protect yourself? It all comes down to following some simple rules by Peter DeCaprio:
1) Don’t click on random links that you receive via email or any other source.
2) Don’t install software or allow downloads from unsolicited emails, ads or instant messages.
3) When installing new software, make sure you get it from the official website of the company for which it is meant to be used.
4) Always use strong passwords that are different for every account you have and are difficult for hackers to guess.
5) Use Two-Factor Authentication wherever possible to offer an extra layer of security to your accounts.
6) If you follow all these rules religiously then there is no chance that cybercriminals will succeed in breaching your system’s security using deceptive tips as a way for cyber attacks because they do not work on systems where people take their security seriously enough! Just some tips guys… not a big deal.
How Hackers Can Use Deceptive Tips to Steal Your Passwords?
Peter DeCaprio says you might have noticed that some of the biggest websites in the world are currently using ‘tips’ which aren’t what you originally thought they were. Yes, these tips are being used by cyber criminals to fool people into giving away their sensitive information such as usernames and passwords without knowing its happening! All around the web, you can see some useful looking tips saying things like “Your account has been locked & your IP address blocked for security reasons”, “Your browser is out of date”, or “This site will soon be shut down.”
For people who take their security seriously, cybercriminals may not succeed in breaching their systems using deceptive tips as a way for cyber attacks. These can, however, work on systems where people don’t follow the rules religiously. So if you must click any link or allow downloads from unsolicited emails, ads or instant messages then use an antivirus which provides spam filters to keep your computer safe. Also never ignore software updates because they are meant to fix bugs and vulnerabilities that have already been found by cyber criminals in earlier versions of them so always install them whenever they are available! Even though following all these rules is not always possible but it will certainly help you in protecting yourself from falling victim to deceptive tips used for carrying out social engineering attacks through fake alerts, pop-ups and free online scans.