October is Cybersecurity Awareness Month, but it also well known, among the vernacular of the younger generation, as Spooky Season. Most people are more concerned with ghosts, ghouls, and goblins than they are with the dangers lurking in the dark corners of the Internet. Which is understandable, it's more fun to think about the fake monsters than the real ones who could change your life in an instant. So, let's make a compromise. We're going to list the 7 scariest ghosts and monsters when it comes to cybersecurity, and we'll try to make it as spooky as possible.
- Social Engineering: The definition of social engineering is the manipulation of people in order to get access to confidential information. This malicious practice has been used for centuries but it has gotten even more effective in the Internet Age. Examples of social engineering include sending an email disguised as your friend or a trusted source, baiting you with free goods, and catfishing you into a fake romantic relationship. Once the needed information is obtained, the social engineer can then sell it or use it to line their own pockets. Think of them as shapeshifters who change their form in order to get what they want out of you.
- Phishing: While many of the items on this list are types of software, phishing is more of an attack vector. Cybercriminals most often craft an email or text message that appears convincing but once interacted with (through clicking on attachments or links) could prompt you to enter login credentials or install software that is infected with malware. Imagine someone installing a listening device into your home by packaging it in a box from a store you would normally shop with. Sounds a lot scarier now, doesn't it?
- Malware: Malware is a broad term encompassing any type of intrusive software designed to damage computer systems. It has many different subsets, but malware is the umbrella under which they all live. Malware is a lot like another M-word: monster. There are many different types of monsters, but in the end, they are all monsters.
- Viruses: We all know about the viruses that can infect your body, but what about the ones that infect your computer? They are often attached to a file sent to you by a cybercriminal. These malicious chunks of code spread from device to device, damaging your software and stealing your data. Think about it this way, how much scarier would biological viruses be if they could record your thoughts and give them to someone else?
- Keylogger: This specific form of spyware can be extremely dangerous. Keyloggers allow hackers to see the keystrokes made on their victim's keyboard. This information could lead them to usernames, passwords, bank information, and other personal data. It's like if there was someone learning all your personal secrets by reading through your texts and emails. Just the idea of it sends shivers right down your spine.
- Ransomware: All malware is dangerous, but there is not a subset more directly harmful than ransomware. This code-based demon infects your computer by encrypting the data stored on the device and forces the owner to pay a ransom to get it back. These types of attacks can occur on a personal or business level. To make a spooky comparison, ransomware is like a demon possessing your friend and forcing you to give up your soul in order to get them back.
- The Dark Web: The Dark Web may not be something that can infect your computer, but it is definitely something you should be scared of. The Internet we use is only the tip of the iceberg, with the Deep and Dark Web taking up the rest. This shadowy hive of villains and ne'er-do-wells is where many attacks are launched from and where a lot of the stolen data is sold. There isn't a good enough spooky metaphor for this one because the Dark Web is terrifying enough on its own.
There they are! Seven terrifying digital ghouls that will be haunting you for weeks to come. Join us next week to learn some techniques and tools that will help you avoid these possible threats!