Guard Against the Latest Cyberthreats

by Posted on
a person sitting on the floor with vr goggles using a computer

The Internet offers us many benefits. Along with them comes the increasing threat of cybercrime. Effective safeguards for privacy and security are a consistent requirement. Reliable proxy servers give us a great start. They act as a go-between for your device when accessing the Internet.

But it’s important to be aware of new cyberthreats and the ways you can avoid them. They present a risk of security breaches and identity theft that most Internet users may not even be aware of. Hence the need to be proactive about security.

Let’s examine some recently discovered cyberthreats among the range of tactics that cybercriminals use to encroach upon vulnerable sites. They help to illustrate the challenge of maintaining cybersecurity.

Zero-Day

The term “Zero-day” covers several security vulnerabilities that hackers can use to attack systems. It conveys that an organization has only just learned of the flaw and has “zero days” to fix it.

Here’s one way the attacks can happen: Hackers trick a victim into previewing a malicious MS Office document in File Explorer. This gives them control of a system and the victims may not realize that it is compromised.

To protect against zero-day exploits spreading via malicious attachments, or dangerous code slipping by detection tools, organizations need to make sure they are following zero-trust principles — for example, by using threat isolation as layer of defense. For details on zero-day threats and who carries them out, see What is a Zero-day Attack? – Definition and Explanation.

Clickjacking

Clickjacking tricks users into interacting with an invisible user-interface element. Users think they’re clicking on the page they see before them, but are unknowingly clicking on a different page.

Here are examples of the many clickjacking techniques.

  • An invisible iframe with a tool page loaded into it, which the user is misled into clicking.
  • A 1×1 pixel iframe that moves with the mouse cursor, whose symbol cursor covers it. Wherever the user clicks, malicious content is loaded via this frame.

Attackers may employ clickjacking with many different goals in mind:

  • To collect user information (e.g., social media or email addresses) and sell it to mass advertisers.
  • To secretly buy merchandise for the attacker while the victim is logged into an e-commerce account.
  • To transfer funds from the victim to the to the attacker without detection.
  • To download malware onto the victim’s computer.

Owners of websites and web applications need to prevent web assets from being used in clickjacking. To find out if your site or individual devices are vulnerable, follow this link to methods of testing for clickjacking.

You can use preventive methods singly or combine them. For example, maintain a Content-Security “frame ancestors” policy. Here’s a link to one remedy: CSP frame-ancestors. For more about clickjacking threats and prevention, see Protecting Your Users Against Clickjacking.

Social Engineering

“Social engineering” refers to a range of malicious actions achieved through human interactions. Manipulated by the technique, users may omit security steps or reveal sensitive information.

Generally, since it results from human interaction, you can’t guard against social engineering with technology. However, multifactor authentication (MFA) does help, by heightening the barrier against the technique. Also, keep your antivirus software updated. But above all, be wary of tempting offers.

SIM-Swapping Attacks

With SIM-swapping, someone impersonating you asks your mobile carrier to activate a new SIM card for your account. Bypassing two-step verification via “forgot password” and “account recovery,” the hacker takes over online accounts linked to your mobile phone number. They can easily reset passwords.

SIM-swapping damage can include ruined reputation, cryptotheft and loss of funds from bank accounts. And incidents are on the rise. They’ve increased from 321 in 2018-2019 to 1,611 in 2021.

To protect against SIM-swapping:

  • Never post information about your financial assets on the Internet.
  • If someone telephones to request information about your mobile phone number or account, do not give it. To find out if the call was legitimate, contact your cell phone provider’s customer service department directly.
  • Minimize sharing personal information online.
  • Use a strong, unique password for each of your online accounts.
  • Watch out for any changes in SMS-based connectivity.
  • Use strong MFA methods and physical security tokens.
  • On your mobile device, do not store passwords or usernames that someone could use to hack your online accounts.

Here’s what to do in case of SIM-swapping:

  • Ask your cell phone provider for help in recovering control of your phone number.
  • Change the passwords to all of your online accounts.
  • Alert your financial institutions to watch for any suspicious activity in your accounts.
  • Report any suspicious activity to your local FBI field office and to the FBI’s Internet Crime Complaint Center.

Man-In-The-Middle

“Man-In-The-Middle” proxies can benefit users in legitimate ways. With an Mitmproxy interactive tool, you can track all of your requests and the server responses. So you can inspect, intercept, and modify these responses needed.

But MITM can fall into the wrong hands. By injecting themselves into your communication, MITM attackers can harvest personal information and login credentials, while also installing malware on your device. They can also post harmful messages and reroute your communications. So, although less common than other types of cyberattacks, Man-In-The-Middle attacks can create a great deal of damage.

Things to watch for that may indicate MITM attacks are underway:

  • Recurring disconnects can mean an attacker is listening.
  • Addresses in your browser bar that don’t look quite right: for example a legitimate-looking address with one letter off.
  • Avoid using public Wi-Fi networks. If you connect to fake “free wireless” networks, hackers can watch your activity.

You can stymie an MITM with SSL/TLS encryption and HTTPS, encrypting data on its way through each gateway. Although hackers can intercept encrypted data, it’s unreadable and useless.

Also:

  • Be cautious when responding to unsolicited emails asking for your password or login credentials. Instead, go to the actual website with which the attacker is pretending to be associated.
  • Don’t click on any email links you haven’t thoroughly investigated.
  • Make sure you have installed Internet security software on your device, such as Bitdefender or F-Secure, and keep it up-to-date.
  • Use a VPN such as ProtonVPN or F-Secure Freedome VPN when on public Wi-Fi
  • Use strong, unique passwords for all your connections.
  • Check all URLs of any website you visit to be sure it has HTTPS (with the “S”).

Smishing

Smishing messages ask the recipient to confirm payment information or other financial details. Or they ask recipients to click on a link or respond to a question. A smishing attack may send an email or a text message to induce people to click on fake links.

Reportedly, in recent years, smishing – or mobile phishing – attacks have increased by more than 300 percent. The FBI has reported that losses from phishing and other scams topped more than $3.5 billion to individual and business victims in 2019.

  • Be aware; learn to recognize smishing messages.
  • Ignore these messages; don’t let them stampede you. Your best bet for safety is not to respond at all.
  • Review bank accounts for unexpected activity.

For more about smishing, see What is Smishing and How to Defend Against it?

Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS) attacks inject malicious scripts into trusted websites. The attacker uses a web application to send malicious code, for example via browser side script, to a legitimate end user.

Vulnerable system flaws can occur anywhere a web application employs input from a user. The application may not validate or encrypt output.

The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page.

For more details on the different types of XSS flaws, see Types of Cross-Site Scripting. Also see:

Wrap Up

These are just a few developing threats. There are many more. A recent study identified 21 emerging cyberthreats. Businesses and individual users need the highest level of data security they can obtain.

In today’s environment, data communication and messaging are vitally important. Good-quality proxy servers are an integral part of great security. But cyber thieves are continually devising new ways to steal your identity and assets, and those of your business. Use reliable preventive measures, including employee training and automated crisis response. And, to avoid serious damage, keep constantly informed about the newest threats and protections.

Check out ProxyMesh for fast, secure, affordable rotating proxy servers!

Core Topic: Protecting Your Privacy and Data Online

Published by Thomas Rankin