Smartphones, laptops and other devices have become an integral part of our daily lives. But as technology continues to advance, so do cybercriminals and the digital crimes they inflict on unsuspecting users.
Mercer University computer science associate professor Dr. Johnathan Yerby and assistant professor Dr. Adeel Malik offered advice on how people can stay cyber safe and protect themselves from online crimes.
Awareness
Cybercrime is the use of technology to commit illegal activities, some of the most common being fraud, identity theft, data breaches, malware and scams. According to the FBI’s Internet Crime Report, U.S. residents filed over 880,000 reports of cybercrime with $12.5 billion in potential losses last year. These are conservative numbers considering many victims don’t come forward. This represents an increase of 10% in complaints and 22% in losses from 2022.
“Cybercrime, usually it’s somebody doing harm or stealing something or manipulating digital records,” said Dr. Yerby, who teaches a cybercrime and digital forensics course. “It’s so encompassing in so many ways that cybercrime can happen and can be a problem for individuals, businesses, for anybody. It’s everywhere.”
Contributing to the rising prevalence of cybercrime is the fact that the perpetrators are difficult to catch, especially if they are across state lines or out of the country, Dr. Yerby said. In addition, the increased use of digital devices means that people are connecting to the internet wherever they are, often without consideration of the risks, said Dr. Malik, whose research focuses on community cyber awareness and education.
“Any device that connects to the internet is sending information,” Dr. Malik said. “How well encrypted that information is is very important. For average users, we don’t know whether it’s safe or not. The best approach is to be aware of the issues and challenges.”
Many people think experts are the only people who need to worry about cybersecurity, but anyone who is connecting to the internet should know basic cyber safety, Dr. Malik said. Education is vital to helping people become more informed and proactive. Computer science faculty and students have provided community outreach and awareness workshops.
Protective steps
Dr. Yerby advised people to be skeptical and not rush their online actions.
“They’re in a hurry and that makes them not be smart and think. I think people don’t think through their decisions,” he said.
Some simple protective steps are to enable multi-factor authentication if an app or website offers it; use secure websites; keep up with computer updates since they often increase security; conduct computer data backups; avoid installing suspicious apps; and set up passcodes on smartphones.
If an email or text looks fake or too good to be true, assume that’s the case, Dr. Yerby said. In addition, be wary of scanning QR codes or opening attachments. A good resource for checking the safety of a link or attachment is virustotal.com, Dr. Malik said.
“All these information pieces should be double-checked. Don’t click anything you don’t know. It can wait,” Dr. Malik said. “Nowadays, these adversaries, they’re so smart, they’re using psychological manipulation on people.”
Dr. Malik advised people to stay informed of recent cybercrime trends and how current attacks may apply to home users.
“Juice jacking,” for instance, can happen to people who use free public charging stations for their devices. What looks like a regular charging cable may actually be a cable that transmits information and uploads malware. Voice phishing uses phone calls to try to get people to reveal their sensitive information. Scammers can use artificial intelligence to recreate people’s voices and trick the people they know.
Passwords and Wi-Fi
If hackers uncover a correct username/password combination for someone, they use a technique called credential or password stuffing to try to log into multiple websites using that information. So it’s important for people to create passwords that are strong and to not reuse them, Dr. Yerby said.
One option is to use a password manager to generate and/or keep track of unique passwords, but there is a risk of breach for those apps as well. So if you use a password manager, Dr. Yerby suggested only including a portion of your full password and leaving financial passwords off your list.
The standard is for people to use their kids’ or pets’ names and birthdays as their passwords, but that’s not a safe method. Instead, Dr. Malik recommended thinking of two things — such as a word and a date — and mixing them together in a random sequence. The password should include some capital letters, numbers and special characters.
At home, people should change their router password from the default and not connect any devices to the internet that don’t need it, Dr. Malik said. Outside the home, avoid using free, public Wi-Fi. If you do have to connect, use a virtual private network, or VPN, service to protect your information if you need to log into any critical websites.
Many companies let people sign up for an account by linking to their Facebook, Apple or Google account, but this grants the company access to your information, Dr. Yerby said. So, it’s safer to create a separate account. As an extra precaution, Dr. Malik uses an email he created with fake personal information to sign up for new accounts.
You can check if your email address has been involved in a data breach by going to haveibeenpwned.com. If it has, Dr. Malik recommended creating a more secure password and setting up multi-factor authentication if available.
“I don’t think we’ll ever be in some utopia where there’s not somebody looking to take a shortcut or take something from somebody else,” Dr. Yerby said. “But I think we’re going to get to a point where we have more people who are more aware and maybe (cybercrime) is a little more difficult.”
