Hacker and social engineering are two terms that go hand in hand. Everyone is under attack at all hours of the day. There is no way to fully protect yourself. But can you at least try? Avoiding some of the common attacks is possible. But the truth is that full protection takes a very high budget. Larger companies spend only what is worth it and take the risk above that dollar amount. If they get hacked, and a larger budget would have prevented it, they weigh the cost of preventing that hack to be higher than the loss of being hacked. This is all part of their contingency plan.
For the average home user, a high-security budget is not in the cards. We have to learn to use the tools we have to take the target off of our backs. If you make yourself a little harder of a target than your neighbor, most likely the hacker won’t waste time on you. Two things you can do to take that target off of your back are: Use a Virtual Private Network(VPN) and Educate yourself on Social Engineering.
Yesterday I received a phone call from a man with a heavy accent. He told me he was calling me to update the security on my computer. Being in the industry, I instantly knew he was a hacker looking for an easy target to manipulate. I told him I knew he was a hacker and I was not going to fall for the trap. He became very angry, and after a few minutes of arguing (I was having a little fun with him) he gave up. But not without dropping a few threats to instill fear in me. It got me thinking, how many people would’ve fallen into that trap?
The basic idea behind the hack was for me to get on my computer and go to a link he provides me. Once I landed on the provided web address, I would willingly download malicious software and run it on my computer. Essentially, he was conning me to hack myself. With the right manipulator and victim combination, this task would have been an easy one. It surely happens more than you hear. So here are two things I do to make myself a more difficult target.
You can never educate yourself enough. I am a software engineer and spend a lot of time reading to keep myself up to date with what is going on in my industry. I love what I do and gladly spend every free moment of my day engulfed in computer science related stuff. I understand that the average person does not have the patience or the time for this. But if your daughter reached her 16th birthday and you bought her a car, would you allow her to drive it without basic safety training? You teach her to drive. Tell her to wear her seat belt. Firmly insist she does not ride so close to the car ahead of her. Threatened she will lose her car if she ever drinks alcohol. Then, you give her the keys to her car and hope she acts responsibly. Following the same logic, if you are going to use technology this day, in this age, you have to understand how to put on your seatbelt. Social engineering is the absolute number one tool hackers use to steal your private information. Having a good understanding of how your technology works would prevent you from falling into the trap the hacker set for me. I know that there are no companies out there that have installed any software on my computer. It was obvious to me that this made no sense based on my setup. Never assume someone out there is going to call you and do you a favor. When was the last time Ford Motor called you and told you they wanted to give you a new car that is coming out next year? Spend a little time reading up on current hacking exploits. Five minutes once a month might spare your family from serious hardship.
Virtual Private Network(VPN)
A VPN is the first tool every home computer owner should familiarize themselves with. You can use them on your computer and your cell phones. There are multiple ways to implement them into your everyday life and the benefits greatly outway the costs. You can create your own VPN network with moderate technical knowledge, but that is outside the scope of this post. The easiest way to get yourself protected is to use a VPN service. A VPN service allows you to install a small piece of software on your device and activate your VPN with the click of a button. Once you turn it on you will be presented with a choice of which country and location you would like to route your traffic through. For example, if I turn my VPN on and set it to Europe, it would appear to a hacker that I was located in Europe. All of the data that transfers in and out from my original connection would be encrypted. It would be much more difficult to intercept or to inject a malicious script because of the use of my VPN. You have many choices of VPN services, and the major difference is the laws they are governed on. If you go with a VPN company based outside USA, then the government can’t technically issue warrants to gather information from your VPN provider. I personally use a company in Panama called Nord VPN. I feel better protected knowing they are not governed by the US laws which continuously invade our privacy. This service cost around $50 per year. I can’t imagine a less expensive way to give yourself equal bang for your buck protection than implementing a VPN into your everyday life.
If you were asked to write down what you are doing to protect yourself from hackers on a piece of paper, would that paper be blank? If your answer is yes, then I urge you to explore using my suggestions above. Get educated and use a VPN.