WHAT IS EMAIL BOMBARDMENT?

-
Image
An email bombing is an attack on your inbox that involves sending massive amounts of messages to it. Sometimes these messages are incomprehensible. But more often, they will be confirmation emails for newsletters and subscriptions. Thus, in the latter case, the attacker uses a script to search for forums and newsletters on the internet. Then they sign up for an account with your email address. Each will send you a confirmation email, asking you to confirm your address. Also, this process is repeated on as many unprotected sites as the script can find. The term Email Bombing or Email Bombing; it can also refer to flooding an email server with too many emails. In an attempt to overwhelm the server and disable it. But that's not the goal here; it would be a challenge to cut down on the modern email accounts used. Meanwhile, Google or Microsoft email servers, anyway. So instead of a denial of service (DOS) attack; against the email servers you are using. Also, the flood of messages...
2 comments

10 POINTS FOR INTERNET TOTAL SECURITY

-

The Internet security is threatened by all kinds of malware, data theft or invasion of privacy. The era of mobility, home automation, the smart car or the Internet of Things, have greatly increased connected devices, the way of hosting information and the way to access online services and applications of all kinds with which we connect to hundreds of millions of users daily, increasing security risks for consumers and businesses.

 

points of internet total security
The rise of phenomena such as BYOD, despite its many advantages, is a challenge for IT departments as the number of devices that connect to corporate networks and have access to corporate data multiply. Furthermore, the increase in teleworking and tele-study due to the coronavirus pandemic has complicated the cybersecurity situation by taking millions of computers out of business perimeter networks (generally better protected than home networks).

And what to tell you about the malware. The "bad guys" are ahead of all protection systems and cyberattacks are becoming more numerous, sophisticated, dangerous and massive. Only Ransomware, the main cyber threat so far this year, is capable of destroying business and consumer networks and equipment in half the world. And we are left with cyber espionage ... as dangerous and massive as malware.

Internet security

Achieving 100% security and privacy on a global network and in such a connected world is simply impossible despite the improved hardware and software protection implemented by equipment manufacturers and system and application providers.

However, from the client section we can and must increase protection by observing a series of tips such as those that we are going to remind you in this article and which include the strengthening of online accounts, applications, equipment and the precautions due in the use of the Internet and its services. And a lot, a lot of common sense.

1- Protect browsers

All web browsers include advanced total security features whose activation we must review and configure because they are the applications with which we access the Internet and its services. In addition to reviewing end-to-end encryption in sync, we must pay attention to warnings about insecure sites. We should also review the installed extensions because some are a frequent source of malware introduction.

To improve privacy, nothing better than using incognito mode, a function that all the major providers offer today as a temporary private browsing session that does not share data with the browser, does not save information about web pages, or browsing history, web cache, passwords, form information, cookies or other website data, deleting these or other temporary files when we end the session.

2- Manage passwords well

Massive violations of the security of Internet services are the order of the day and with it millions of passwords are exposed. The reality is that passwords are a horrible method both in terms of security and usability, but until more advanced methods that have to come from biometric identification are consolidated, we have to continue using them.

The golden rule is to have a strong and distinct password for each website. Long, random passwords prevent brute force attacks, and using a different password for each account avoids having all of them compromised at once when a data breach occurs. The password managers that are able to generate and remember dozens of passwords, are a good tool to reduce human error.

3- Use two-factor authentication

Two-factor (or two-step) authentication provides an additional level of account security as it is not enough just to breach the username and password. The service is available on most major Internet services and should be used whenever possible.

Generally, it uses a verification code served through a mobile application or SMS, as a mechanism to confirm the identity of the user but adding additional security to the use of passwords. This method makes cyberattacks extremely difficult, especially 'brute force' ones.

4- Use security solutions

Operating systems such as Windows include the native Windows Defender security solution as basic protection for a consumer. It is the minimum that we should use or - better - bet on specialized providers that offer a good number of security solutions, many of them free. Advanced or professional users should consider using a comprehensive commercial security suite and also other security tools such as a firewall.

Data encryption systems such as BitLocker, available in some editions of Windows, are very useful for business users, as they allow the data on a computer to be encrypted or "encoded" to keep it protected against threats such as data theft or exposure in the event of loss, theft or inappropriate removal of equipment.

5- Update operating systems and applications

All operating systems have automatic or manual mechanisms for installing security updates. They are security patches that are delivered from time to time against known threats and must be installed.

As important -or more- than the above is the update of installed applications to the latest versions since these usually include security patches. When the versions are older, they have a greater risk of being attacked by cybercriminals who find vulnerabilities in the program, with special incidence in some such as Java, Adobe Flash or Reader.

6- Beware of free wireless networks

Free access points have been spread over multiple areas in towns, restaurant areas, airports, train or metro stations, hotels and in all kinds of businesses. Several studies have confirmed the intrinsic insecurity of these public wireless networks and the ease of cybercriminals to exploit them.

They should be avoided as long as they can be opted for dedicated mobile broadband networks with greater security and failing that, they should only be used for inconsequential and occasional browsing, without using them for accessing sensitive services such as online banking or those that require real user authentication.

7- Use VPN to improve privacy

The use of virtual private networks is an option for those who seek greater privacy and thus greater security on the Internet, since they hide the user's IP address and redirect traffic through an encrypted VPN tunnel.

This degree of "invisibility" offers direct improvements in security against computer attacks, privacy against data theft and identity theft, and other added advantages such as protecting identity online, safeguarding electronic transactions and Internet purchases or allowing security in the use of public Wi-Fi networks.

8- Evaluate the hardware security keys for vital accounts

For vital accounts, especially in business environments, it is worth making an additional investment to protect the accounts using a hardware security mechanism. Generally it is a device in pen drive format that connects to a USB port and contains a high security encryption engine.

The whole process is carried out within the hardware and although they have not been totally infallible when using Bluetooth connections, in general they greatly increase the security that we achieve through software.

9- Use backups

We already said that 100% security in a global network does not exist and not only because of malware, since a hardware can error cause the loss of precious personal and / or professional information. Therefore, making backup copies is highly recommended for a user and professional who intends to protect personal and corporate information on a computer equipment in addition to being a maintenance task that contributes to the health of the hardware.

The backup copies must be stored in a storage device external to that of our team or in a cloud storage service that in the event of any attack allows us to recover the data.

10- Common sense

Prudence is one of the preferred barriers against malware and it is advisable to be extremely cautious against phishing or ransomware attacks that a little bit of attention can prevent, because they use user carelessness.

To do this, we must avoid installing applications from unsafe sites; the opening of unsolicited emails or attachments that arrive from social networks or messaging applications; browsing certain Internet pages; or use outdated operating systems and applications, which contain vulnerabilities that can be exploited by cybercriminals in malware campaigns.

 

 

Comments

Post a Comment

Popular posts from this blog

WHAT IS EMAIL BOMBARDMENT?

-
Image
An email bombing is an attack on your inbox that involves sending massive amounts of messages to it. Sometimes these messages are incomprehensible. But more often, they will be confirmation emails for newsletters and subscriptions. Thus, in the latter case, the attacker uses a script to search for forums and newsletters on the internet. Then they sign up for an account with your email address. Each will send you a confirmation email, asking you to confirm your address. Also, this process is repeated on as many unprotected sites as the script can find. The term Email Bombing or Email Bombing; it can also refer to flooding an email server with too many emails. In an attempt to overwhelm the server and disable it. But that's not the goal here; it would be a challenge to cut down on the modern email accounts used. Meanwhile, Google or Microsoft email servers, anyway. So instead of a denial of service (DOS) attack; against the email servers you are using. Also, the flood of messages...
Read more

TESTING THE ANTIVIRUS THAT YOU USE

-
Image
Have you ever wondered how antivirus is tested before it is available on the market? The truth is that, despite what you may think at first, these applications pass a series of tests that have the mission, obviously, of verifying their effectiveness. Well, for most IT security vendors these assessments are now out of date. Testing an antivirus before its launch is something that is done regularly. Thus, the AV Tests (name by which the aforementioned tests are known) allow users to choose which antivirus they want to install on their computers, knowing what their main characteristics are and what they protect against. So far everything normal. So what is the problem? Some manufacturers of security solutions have raised their voices against the fact that these tests are “not modernized”. In what sense? Some companies claim that, although the complexity of security applications has grown considerably in recent times, when conducting evaluations they do not test the new technologies w...
Read more

WHAT IS PAZERA TROJAN AND HOW TO AVOID IT

-
Image
Pazera Trojan is a recently discovered computer malware that spreads in active attack campaigns. The current wave of infections is due to a complex Android mobile threat, including this Windows-based malware. The mechanisms of infection depend on the manipulation of the victim. Once installed on a given computer, the built-in engine will lead to many dangerous actions. Read our in-depth analysis of the samples and learn how to eliminate active infections in this article. Pazera Trojan - Virus Infection Methods The Pazera Trojan is a dangerous threat that is sent as part of a targeted campaign with the main malware being the Trojan. Originally, this has been used in an attack carried out by an Android Trojan, seeking to infect mobile users. Through the elaborate and complex chain of infections, the Pazera Trojan will install itself. Some of the observations made by security experts who analyze this malware are that the main Trojan infection that has been created by an unknown hackin...
Read more