CISA: Cybersecurity Awareness Month
I wanna talk about some of the most common threats online right now. That being said, it’s important to note that human error is a huge part of the problem. I’m not sure how people think of—and depend on their security software—and I don’t wanna myth bust today, but I’ve read about studies like People Think Their Cars Are Self-Driving Even Though They’re Not. So naturally, I’m worried about you. 😰
Links · Read the URL
It’s essential to know what you’re clicking—this is one downside to URL shorteners, since they can redirect you anywhere. I’m not Cap’n Obvious, but you can usually read the URL in your browser by hovering over a link, and it’ll appear near the bottom-left. Inspecting the page source is also a good start to investigating a shady page.
Now then! What happens if you accidentally click!? 😱. If you’ve ever misclicked in League of Legends (or other games) you may know the feeling. This is kinda where software can save you, starting with the web browser. I recommend Firefox from Mozilla with a set of important browser extensions—most importantly content blockers;
- AdGuard AdBlocker or AdBlocker Ultimate
- uBlock Origin or NoScript
- Privacy Badger
- Multi-Account Containers
Read about how to use the extensions installed, change settings, or they will block what you want to see—especially if you run multiple blockers. For privacy, change your DNS resolvers to use AdGuard DNS or Cloudflare DNS. And finally, there is Brave browser. 😌
It’s worth noting malicious ad campaigns can run on legit websites like YouTube.
If the browser layer of protection+human fails, the OS security software steps in. 😅 The security solution may even have its own browser extension. If you’re on Windows by default, you’d be relying on Microsoft Defender.
Links · Understanding URLs
It’s important to comprehend the URL you’re reading, the most common phishing techniques use misspelled domain names, using numbers, similar letters, most common spelling mistakes, etc. It doesn’t help that a lot of big companies like Microsoft for instance use many domains for services—list of Microsoft Office 365 URLs and IP address ranges. These cases happen a lot at workplaces, but can be mitigated most of the time by paying attention to the file types being opened. If you work with e-mail attachments, I recommend finding an antivirus solution. 😉
Display file extensions in your operating system.
Common advice for the average user is not to open certain file extensions or know what you’re supposed to be opening; executables (.EXE)—if you’re not purposely installing or running an application, Visual Basic scripts (.VBS), screensavers (.SCR), COM objects (.COM), JavaScript (.JS), cabinet archive (.CAB), disk images (.ISO, .IMG, .UDF), virtual hard disk image (.VHD), targeted compressed archives (.ACE, .ARJ, .LZH, .XZ).
Ideal Solutions 😇
To make things less technical for the end user:
- Start blocking links by layers at the network edge and on each end system.
- Analyze file types at the email and web gateways.
- In a biz environment; setup group policies for org, use application control for known abused formats and execution of scripts.
- Be aware of phishing.
- Use virtual environments/machines to open sus things: Sandboxie, VirtualBox, VMware.