Videocast | Personal cybersecurity – the invisible battle everyone is fighting

Individual security is the cornerstone of any stable organisation

Videocast | Personal cybersecurity – the invisible battle everyone is fighting
~ 5 min read
Автор: Economic.bg Economic.bg

In today's fast-paced digital world, personal cybersecurity often takes a back seat to corporate security concerns. But the truth is that our individual security is the cornerstone of any stable organisation. Why is it so important, and what are the main threats we face?

Krasimir Kotsov, cybersecurity expert and founder of SoCyber and Kikimora.io, and Angel Sirakov, marketing director at the companies, reveal interesting facts and practical advice in the third episode of the White Hat Riddles video podcast series.

The evolution of phishing attacks – from naive emails to AI scams

Classic phishing attacks, relying on well-written emails with fake links and attachments, are still relevant. But the future (and the present) belongs to more sophisticated methods. There is already a growing trend towards the use of AI-generated deepfake videos that imitate familiar faces in order to lure us in. Although AI is not yet perfect in this role, its combination with skilful social engineering makes these attacks increasingly convincing and difficult to detect.

How can we distinguish between what is dangerous and what is safe?

Can we tell with the naked eye whether a file or link is dangerous? Often, no. Malicious files can look completely harmless.

That is why it is crucial to rely on technological aids such as antivirus software and online scanners. When it comes to links, the rule is simple: be extremely cautious and do not click on anything that looks suspicious or comes from an unknown source.

Prevention is the best defence

For organisations, prevention starts with implementing systems to filter and analyse incoming emails. But for individual users, the most important thing is to develop critical thinking and not give in to emotional manipulation. Promises of quick profits, urgent requests for help, or messages that create a sense of urgency are often red flags.

The psychology of hackers – how human weaknesses are exploited

Social engineering is the art of manipulating human behaviour. Attackers know how to push the right emotional buttons – greed, fear, compassion – to make us make mistakes. Even our financial situation can make us more vulnerable to certain types of fraud.

Telephone scams – the voice of fraud in the age of cybersecurity

Telephone scams are also part of the cybersecurity landscape. By creating a sense of authority and urgency, scammers can try to extract valuable information or get us to perform unwanted actions.

Passwords – the key to our digital fortress (and how not to lose it)

Password management is a fundamental aspect of personal cybersecurity. Experts advise using unique and complex passwords for each account and relying on password managers to store them securely. Don't forget to encrypt your devices – an extra barrier against unwanted access.

Working remotely – new networks, new risks

The pandemic has changed the way we work, with many people switching to remote working. This has created new opportunities for cyberattacks, especially when using unsecured public networks. Using a VPN is key to ensuring an encrypted and secure connection, no matter where you are working from.

Be careful what you download – the pitfalls of the internet

Downloading files from untrustworthy sources is like playing Russian roulette. Malicious software can hide behind seemingly harmless applications or updates. Be extremely vigilant and always check the source before downloading and installing anything.

Anydesk and other remote access tools – convenience with potential risk

Tools such as Anydesk make remote support easier, but they can also be used by malicious individuals to gain unauthorised access to our computers. Be especially careful when granting remote access to someone you don't know personally.

Social media – a breeding ground for scams

Social media is not only a place to communicate, but also a potential incubator for various types of fraud. Fake profiles, misleading posts and malicious links lurk around every corner. Be sceptical of the information you see and do not trust suspicious offers.

Have you been attacked? First steps for surviving digital chaos

What should we do if we fall victim to a cyberattack as individuals? If it is ransomware, immediately disconnect from the internet and seek help from someone more knowledgeable. Unfortunately, if you have not taken precautions in advance, it is difficult to be sure that the system has been completely cleaned after a successful hack. In most cases, the safest solution is to completely reinstall the operating system.

Sometimes it is difficult to realise that you have been hacked. Some malicious programs, such as crypto miners, can simply use your computer's resources, slowing it down and increasing power consumption without causing any visible damage to your files.

Mobile banking – convenience at the expense of security?

Switching to mobile banking offers great convenience, but it also has its risks. Although digital banks rely on traditional banking infrastructure to store funds and often offer similar deposit protection, fast payments and easy password recovery procedures can also be exploited by fraudsters. Experts advise us to be extremely careful when making payments via mobile apps, especially to unknown recipients.

Cryptocurrencies – a revolution in finance or a recipe for chaos?

Cryptocurrencies come with a price in terms of security. Unlike traditional banking, where there are regulators and the possibility of recovering misplaced funds, transactions in the crypto space are often irreversible. There are also specific risks such as ‘front-running’ attacks and vulnerabilities in smart contracts. Overall, the crypto space is a double-edged sword, where innovation goes hand in hand with high risks.

Fake IBANs and other payment scams – how not to become a victim?

One of the growing threats is fraud involving fake IBANs. Attackers can compromise the communication between two parties and, at the right moment, replace the bank account on the invoice. To protect ourselves, we must be extremely careful and always check the payment details by alternative means, such as by phone. Once the payment has been made to a fake account, it is extremely difficult to get the money back, as fraudsters quickly transfer it through multiple other accounts, often registered with fake personal details in countries with weak banking controls.

Telephone scams and AI calls – the new wave of social engineering

Calls from salespeople or organisers of ‘free’ training courses may be legitimate marketing attempts, but others aim to collect personal information to be used for further phishing attacks.

With the advent of AI, automated calls imitating human voices are already appearing. It is important to be vigilant and not provide personal information over the phone to strangers.

Quick tips for better personal and corporate security

  • It is essential to use a password manager and two-factor authentication for all important accounts;
  • For personal devices, disk encryption (e.g. BitLocker) and the use of a VPN when working on public networks are also recommended;
  • Installing antivirus software is also essential.

Organisations are advised to prohibit personal devices from connecting to the corporate network and to establish clear security policies. Even small companies with limited budgets can significantly improve their security by investing a few days in consulting with a cybersecurity expert.

Translated with DeepL.

More from Cybersecurity

More