Home > News > UKFast reveals top 10 security failures

UKFast reveals top 10 security failures

UKFast, a hosting specialist in the UK, has revealed what it believes are the top 10 cyber security failings of 2012, showing a surprising amount of complacency among people when going online.

UKFast, a hosting specialist in the UK, has revealed what it believes are the top 10 cyber security failings of 2012, showing a surprising amount of complacency among people when going online.

“As a society we rely on technology more than ever nowadays. We communicate through social networks, pay bills and manage our bank accounts online, and carry a wealth of personal data around with us on our mobile phones,” said Stuart Coulson, director of data centres at UKFast. “We are so comfortable sharing information on the net that people don’t realise that their over-sharing could hand cybercriminals access to their bank accounts and leave them vulnerable to identity fraud.”
The top 10 security issues are:
1. Images
Some users are actually posting images of their credit and debit cards online, making it incredibly easy for cybercriminals, as they only need the three-digit security number on the back, of which there are only 1,000 possible combinations.
The idea of posting pictures of credit and debit cards may surprise many people, as it seems like an obvious oversight. However, often the reason why people share these images is because of what is displayed on the card. 
Our research revealed that dozens of people shared pictures of their cards to show off a photo that has been printed on the card, either of themselves or the “stock” photo, such as in one case of the Manchester United team. These photos also show the full card name and number, however.
2. Sharing Contact Numbers
Many people share their new phone number on Facebook, and while this is bad enough, the “via Facebook for iPhone” note shows hackers that the number belongs to a brand spanking new iPhone. All a hacker has to do is text the phone with a malware-laced message.
3. Location Services
When users have location services enabled, their updates to Facebook, FourSquare, and other social media services will tell all and sundry where the user is. This might seem harmless enough, but when one message tells people that they are at home, and the next tells people that they are away on holidays for two weeks, the message would-be burglars see is: “Here is my home address. It will be empty for the next few weeks. Make yourself at home and try not to steal too much.”
4. Password Stealing Tricks
Many free password strength checks are not designed to test the strength of your password, but rather the strength of your security awareness, as they often simply log the passwords you enter and then employ them in all kinds of criminal activity. Some people not only hand over their Facebook passwords in this manner – some do the same with their bank account passwords.
5. Reusing Passwords
Many people still use just one password for all their online activity, which means that if one account is compromised, all of the user's accounts are vulnerable to attack. This is such a common issue that it has been largely to blame for huge attacks on email servers, with some people's Hotmail being hacked, only to give cybercriminals their password for their Gmail and Facebook accounts as well. Each different account should have its own separate and unique password.
6. QR Codes
QR codes have grown big time with the boom in the smartphone market, but the lack of information surrounding them means that users could be putting their devices at risk. Flyers containing a QR code may provide access to a genuine app, a viral marketing campaign, or some malware waiting for the next victim. Often users are too quick to scan any barcode they encounter, without considering the possible threats.
7. Public Computers
Clicking “Stay logged in” on a public computer is an obvious faux pas, but it is one many do largely from habit, leaving their accounts exposed to the next individual who uses the computer. While many people will simply log out of an account they encounter, not everyone is so honourable. Users need to be extra cautious when accessing public computers, which include test products in stores, such as a display iPad.
8. Public Wi-Fi
Public Wi-Fi is not secure, which means anyone can snoop on what users are doing. Certain high security things like online banking are best employed on a private Wi-Fi network.
Downloads remain one of the most common sources of malware, as many users download files, software and apps that they know next to nothing about. Users should always be extremely cautious with downloads, ensuring they are genuine products from a genuine source, and that they actually instructed the download to begin.
10. Shortlinks
The limited space on Twitter has led to a number of link shorteners like Bit.ly coming on the scene. These provide a valuable service, but they also help mask links, which means a user has a harder time finding out if that link to a supposedly cute kitten is not directing them to malware. Twitter's implementation of its own link shortener has helped this issue somewhat, but users still need to be careful when clicking shortened links.

Leave a Reply

Your email address will not be published.

Read previous post:
First iOS App Store malware detected

The first malware on Apple's iOS App Store has been detected, marking the latest in a series of security problems...