Evidence Solutions, Inc., (ESI) is a premier forensics company founded in 1982.

ESI Provides Elite experts in:

Digital and Electronic Evidence, Computer Forensics, Cell Phone Forensics
Trucking, Truck Accident Investigation and Trucking Regulations, Truck Safety Consulting, Heavy Vehicles & Hazardous Materials
Sports and Fitness, Fitness Facility Standard of Care
Real Estate & Land, Real Estate Syndication
Bankruptcy and Corporate Governance
Accident Reconstruction

Call for a free consultation: 866-795-7166

 

  

Digital Security Expert:
Seven Deadly Ways Users Get Hacked!

Avoid These and Increase Your Computer Security Immensely!

Computer Security Expert / Internet Security Articles

By Scott Greene

Phishing

Phishing remains one of the hacker’s simplest and most powerful way into computer systems. When users click on attachments or links to malicious sites, they are letting the hacker into their computer system. This entry can be limited to a single computer or, more than likely, into the entire network. According to the recently published Verizon Data Breach Investigation Report, 23 percent of phishing recipients open malicious messages. While this is a horrible statistic, the report says 11 percent open attachments. According to the report, it only takes 82 seconds from when a phishing campaign is launched to when people start swallowing the bait.

Cyber Security Expert - Cyber Breach Expert

Cyber Security Expert: Check Your Facebook Privacy Settings!

Falling for Socially Engineered Phone Calls

Sometimes all it takes for hackers to gain entry into a system is to ask. Hackers call up with just enough information to get the user to believe they are talking to someone who should have access to their system. Users regularly give up user names and passwords over the phone. This usually happens by way of a “Tech Support” call. It could also be a person pretending to be an internal employee or company business partner. The outsider can merely ask for credentials to access the system or they can send along an attachment and encourage the user to open it – while they are on the phone with the user. The user doesn’t actually open a document, however, but rather something as dangerous as a remote control or access Trojan.

Not keeping up with software patches

The Verizon report also indicated a startling percentage of breaches come by way of attacks which take advantage of well-known vulnerabilities. An astonishing 97 percent of exploits leveraged in breaches used ten common and already well-known vulnerabilities. Most of these vulnerabilities are many years old. It is all too common that user’s systems are hacked because their systems are not kept up-to-date and patched for known hacking exploits.

Weak Password or “Easy-to-Hack” Passwords

Passwords such as “password” or “123456” are unsecure. These passwords can be discovered in seconds. As Sony learned in its significant data breach, passwords should be strong. Password should be at least eight characters and should include letters, numbers, and symbols. Using weak passwords just lets hackers in faster. Using weak passwords with Administrative access is just like giving them the keys to the kingdom.

Using Unprotected WiFi

Researchers at Cylance, a security company based in Irvine CA, recently revealed just how common the vulnerabilities associated with unprotected WiFi are. Cylance found over 250 networks at hotels and convention centers that were unsecure. Each of these facilities was affected by a vulnerability in routers commonly used by facility managers who offer WiFi to guests. In addition, public and free hotspots, create easy hunting for hackers who wish to perform starting “man-in-the-middle” attacks to gather sensitive information. Organizations and users need to protect themselves by utilizing VPN technology when utilizing public WiFi connections.

Providing TMI on Social Media

Too Much Information on social media is dangerous. This includes, a notice about when a family is going on vacation, during which their house is robbed. It can also be as simple as advertising the name of a person’s dog, which may also be a user’s password or the answer to one of their security questions. It only takes a hacker a small amount of time to research someone who is careless on social media. In addition, those hackers who are skilled at “spear phishing” who utilize social media to gain information about a user. This information is then used to entice a user to act on the hacker’s behalf. It can help the hacker distribute and install malware. Sometimes it is merely a hacker tricking a user to click a fake 'like' buttons which leads to malware installation.

Reduced Security – Not Locking Down User Accounts

Users are now in the mode of “Bring Your Own Device” (aka BYOD). The BYOD phenomenon allows users to be self-service and self-directed. When the Information Technology (IT) group of an organization allows this to happen, the users can install what they want. This is very dangerous. Users can, for instance, copy data to unsecure cloud storage, creating enormous risk for the organization. IT must reach a balance whereby users have the freedom to get their jobs done while still imposing data governance and audit controls.
 

Contact us!

We are experts in Cyber Security. Call us today for a FREE consultation: 866-795-7166

By Scott Greene

Evidence Solutions, Inc.

Complex Electronic Evidence in PLAIN English.

Call us today with your Computer Evidence Questions: 866-795-7166 or This email address is being protected from spambots. You need JavaScript enabled to view it.

 

Related Forensics Expert Articles and Pages.

Worry About IT Personnel First | Computer Security

Cyber Forensics Expert: Nine Insider IP Thefts

Cyber Security Expert: We Recorded a Tech Support Scam Call

An Article from our Trucking Experts:

Truck Expert: House Bill Targets the FMCSA CSA Scores
 

Complex Electronic Evidence in PLAIN English.

Like Evidence Solutions - Digital Evidence Investigators on Facebook

Follow Evidence Solutions - Cyber Evidence Investigation Expert Division on LinkedIn

Circle Evidence Solutions - Computer Evidence Investigation Experts on Google+

Google+ Author

Google+ Publisher