Today marks the 19th edition of Safer Internet Day, a global initiative that focuses on making the Internet a safer and better place for all.
In the digital age, the Internet plays a critical role in keeping people connected, spreading information, boosting collaborations and enabling business success. However, while it undoubtedly brings a plethora of benefits for organisations and individuals alike, the Internet is also often misused to exploit vulnerable users.
Each year, cybersecurity concerns continue to increase. In fact, 2.57 million phishing attacks were detected across the Middle East over the past year.
As the world marks Safer Internet Day, cybersecurity experts are urging everyone to take steps to protect themselves against online risks.
“Safer Internet Day presents the perfect opportunity to raise awareness among Internet users about the myriad of threats they face today,” said Vishal Pala – Senior Sales Engineer, Barracuda Networks. “Today, individuals transact, communicate, share private and sensitive information via web channels and in doing so, and implicitly trust the services they utilise. As our lives have become increasingly digitally dependent, our risk exposure also continues to grow.”
The Covid-19 pandemic has also exacerbated the security risks that users face online as cybercriminals exploit the social and economic uncertainties it brings. A recent study by Barracuda revealed a 521% surge in COVID-19 test-related phishing attacks between October 2021 and January 2022 – coinciding with the rise in Omicron infections. “Cybercriminals have been extremely effective in exploiting this trust and social engineering attacks such as phishing remain a dominant threat to Internet users as they can circumvent traditional threat defences by instead exploiting human behaviour,” explained Pala.
Offering key tips on how users can ensure safety online, Bahaa Hudairi, regional sales director for META at endpoint-to-cloud security firm Lookout, highlighted that practising online safety does not have to be complicated. He noted that there are basic yet effective steps that Internet users can take to protect themselves.
“Consider limiting the private information you share online,” said Hudairi. “When posting or sending information online, you may want to consider how much information you feel comfortable sharing. In the case of the LinkedIn and Facebook breaches in 2021, the combined leaked information from online profiles included phone numbers, physical and email addresses as well as personal and professional details.”
Another simple piece of advice Hudairi offered is to “think twice before you share your personal data.” It is important to remember that there’s always an option to not share your details when purchasing a service or product online.
Conducting an audit on your account’s or application’s security settings is also an effective step in mitigating any online risks. “Check your account security settings and customise your controls for all your online accounts and devices. In the case of social media accounts, according to a November 2021 Lookout survey, almost one in four people (25%) have their profile set on ‘Public’. This is particularly concerning as people often use personal information in their account login passwords, which can also be found on their profiles. Attackers can easily scrape this information from social media posts and attempt to use this information to log in to accounts or attempt identity theft,” explained Hudairi.
He added, “If you are using applications on your mobile device, you can manage your apps by deleting, disabling, or changing their privacy settings — which will reduce an app from collecting data.”
Morey Haber, chief security officer at BeyondTrust, underlined that there’s no age limit when it comes to practising online safety. “We should consider teaching all users to be wary of risks of opening suspicious file attachments, unknown links and taking unknown phone calls and text messages,” he said.
When it comes to email security, Haber noted that it is always important to remember that while an email may come through to your inbox, it is impossible to screen them for all possible threats. “Security best practices teach us to verify the source before we open the attachment. Similarly, users should also err on the side of caution when it comes to clicking links from unknown or unverified sources.”
While individual users need to take measures to ensure their online safety, businesses also need to do their part to protect their customers who engage with them online. A study by cybersecurity firm Mimecast revealed that consumers expect their favourite brands to protect them from cyber-attacks or risk losing them as customers. In fact, 75% of respondents in Saudi Arabia, and 78% in the UAE, said they would stop spending money with their favourite brand if they fell victim to a phishing attack involving that brand.
“A lack of adequate security measures make it easy for cybercriminals to impersonate popular brands and dupe consumers into taking unsafe action, which often leads to financial losses,” said Heino Gevers, cybersecurity expert, Mimecast. “Our research shows that consumers feel it’s the brand’s fault if they act upon authentic-looking requests for private or confidential information – as is typical in phishing attacks – and then suffer losses as a result.”
According to Gevers, companies need to implement brand exploit protection services that help protect their brands online, and use tools such as DMARC which limit threat actors’ ability to hijack their email domains for nefarious purposes. “An ongoing campaign of cybersecurity awareness is needed both within and outside of the organisation – with a specific focus on empowering consumers to identify and avoid risky online behaviour,” he said.
As the Internet continues to evolve, cybersecurity challenges will also inevitably rise. Therefore, it is important to remember that education and awareness are the keys to ensuring a strong first line of defence against future security threats.
