A decade ago, most of the cyber risks that Windows PC users faced are still the same today, albeit evolved versions. As more people become aware of cybersecurity, cyber-criminals keep upping their game to increase security.
However, even as more people are aware of the threats that abound, most ignore the dos, and the don’ts of cybersecurity. Another percentage does not know how to spot threats or how to spot the hazards. We shall look at the threats Windows PC users face and how to mitigate them.
Phishing is probably one of the most common types of threat and the most successful. Hackers use the weakest link to compromise your computer. In this case, the weakest link is you. Phishing is a form of social engineering, a form of attack that preys on your feelings. Most people act on their emotions, especially when they are not allowed to think. A phishing scam attempts to get information from an individual, such as passwords or credit card information.
A phishing scam often comes in an email or text message with a link or attachment. The email purportedly comes from someone you trust. For example, if you are a company CFO, an urgent email with a link may come into your inbox, seemingly from the bank. The email will inform you that there is an issue with the company account, and you need to log into the bank’s website to solve the problem.
The minute you click on the provided link, you are redirected to a dummy site that looks like the official bank site. The site will prompt you to enter company details, which hackers can use to wipe out the company’s account. The same can happen on an individual level, and clicking on the link or downloading the attachment will cause trouble. In these Covid 19 times, most people have been scammed via Covid 19 schemes.
Malware is an acronym for malicious software. Malware is a code specially designed to harm or gain access to your PC. The term malware covers various types of threats such as:
This is where a malicious actor takes your PC hostage by encrypting it. The hackers demand you to pay a ransom in exchange for a decryption key. The ransomware attacks your computer via malicious downloads, links, or email attachments.
Spyware is very covert and might be present in your PC for a long time before you find out. The spyware is installed on your PC without your knowledge. It takes over your PC, steals confidential data, and sends it to third parties like advertisers or data firms. Spyware can be downloaded disguised as an app that downloads itself automatically once you visit an infected site. This happens when you download free software from unofficial sites.
Another common threat for Windows PCs is viruses. Viruses are programs that alter the way your PC works. The viruses replicate and execute automatically, which causes damage to your PC.
Trojans get their name from ancient Greek mythology. The Greeks concealed themselves in a wooden horse that tricked Troy’s inhabitants into letting them into the city. Similarly, a Trojan comes disguised as an app or genuine software. Once you download it, it breaches your security system. The Trojan starts executing after a certain amount of time or after several actions.
Keyloggers are also called keystroke loggers, and they track your activity on your PC in real-time. The keylogger runs covertly in the background, recording everything you type. The hacker collects this information to steal your login details like passwords, usernames, credit card details, etc.
Have you ever come across a warning on your PC screen that displays a fake virus alert? The malware tricks you into buying software by using these scare tactics. A PC with scareware gets pop-ups of the fake malware alerts. To get rid of the annoying pop-ups, you are prompted to buy bogus anti-malware software.
3. Data Breaches
Data Breaches can happen to anyone, an individual, or a company. Hackers often target individuals and smaller businesses as they have less security. Hackers steal data and sell it on the dark web for a lot of money. Your identity is also stolen and used to commit crimes such as fraud.
Sometimes the hackers may just steal the data and post it online for the sake of malice. Data breaches are very risky for small businesses. If a client sues you for a confidentiality breach, your business may not survive the hefty lawsuit.
4. Public Wi-Fi Risks
If you use your PC over public Wi-Fi, such as a school or university, you are at risk of hacking. These public networks are unsecured, or the security is weak. Hackers prey on such networks, stealing data and launching attacks like Man-in-the-Middle (MiTM).
These attacks eavesdrop on communication between two parties and hijack them. In a communication between two parties, the hacker intercepts both party’s messages, altering information. The two think they are communicating with each other while, in essence, they are communicating with the hacker.
Hacking is intentionally breaking into someone’s PC with an intent to steal data. There are different reasons for hacking:
- Financial crimes- to steal money from the victims.
- Corporate spying- where companies steal each other’s data in business competition.
- Hacktivism where hackers destroy websites for various reasons such as religious or political convictions.
- Vandalism- where hackers on the dark web destroy websites to show off to other hackers.
How to mitigate these cyber risks
You can minimize these risks by:
1) Enabling Dynamic Lock
Dynamic Lock is a feature on Windows PCs that automatically locks your PC if you step away from it. This lock works via a Bluetooth connection to your phone, whether iPhone, Windows, or Android.
The PC locks if:
- There is no input from the user for 30 seconds.
- It does not detect the connected Bluetooth device. If the device is out of range or the signal is weak, the screen locks.
BitLocker is an encryption feature that comes with versions of Microsoft Windows starting from Windows Vista. The feature protects your data via encryption of the entire disk and is easy to implement and manage.
The BitLocker means your data is highly protected from unauthorized access. BitLocker to Go is BitLocker’s subset and is used similarly, but instead, it protects information on your external media like USB drives. It needs a key to decrypt the data before use.
3) Restore Points
A system Restore Points is an image/snapshot of your system’s configuration and settings in your PC’s Window Registry. The restore point allows you to restore your system to an earlier or previous date when the system was operating normally.
The system does this by creating restore points after a certain period. You can create a preferred restore time, but Windows automatically does this for you once every week. Before a significant system event such as new device driver installation, running a Windows update, or installing an app, Windows creates a system restore.
4) Install a VPN
Most Windows PC users use Windows 10, so a VPN for Windows 10 will come in handy in securing your PC. A VPN (Virtual Private Network) creates a secure ‘tunnel’ between your PC and the internet. If you use public networks often, you can use a VPN. Logging into the internet via a VPN does a couple of things.
First, it hides your IP address, meaning nobody can trace your actual physical location. It allows you to log in via its numerous servers across the globe so that you can browse anonymously. You could be in the US but log in via a server in the UK.
Second, the VPN encrypts your data, which protects you from prying eyes and attacks like MiTM. Most VPNs use a 256-bit encryption standard called Advanced Encryption Standard (AES 256-bit). This standard is so secure that the US government uses it for data protection.
5) Activate the firewall
Your Windows PC comes with an inbuilt firewall. This firewall prevents unauthorized access and alerts you of any attempts. Always keep the firewall enabled, and If you need an extra security layer, you can buy a hardware firewall.
6) Install Anti Malware and Anti-Virus software
Antimalware and antivirus software protect your PC against unauthorized software/programs or code that tries to enter your operating system. This software plays a significant role in protecting your system in real-time. They detect threats and eliminate them immediately. Some variations offer automatic updates, which protect you from new threats. Run the software regularly to keep your PC clean.
7) Do not click on links
Do not click on any links in your emails. If need be, go to your browser and visit that site directly. If it is malware-infected, the PC’s inbuilt firewall or installed antivirus will thwart any attempts.
You can also hover your cursor on the link and check if it’s an HTTPS or HTTP. The former is safe, and the latter is a suspicious URL, so you should delete the email immediately. Beware of spam mail. Luckily, today’s inbox spam filters have become much better at arresting spam.
8) Strong passwords
Hackers have an easy time getting into PCs because users have weak passwords. Setting a password with obvious details like a child’s or pet’s name, years of birth is risky. These are the first things a hacker will check, and by the time a hacker targets you, they already have a lot of your information.
Use an alphanumeric password and reinforce it using upper- and lower-case letters combined with unique characters and numbers. Make it nearly impossible for the hacker to guess but easy enough for you to remember. Do not use one password across sites because if your password is hacked, the hackers get access to all your online accounts.
9) Use password manager
A password manager securely stores all your passwords across all your favorite sites and social media platforms. Make the password manager’s password unique to avoid hacking.
10) Use 2-Step Authentication
2-step authentication or multi-factor authentication uses a password and a second unique and one-time passcode. The second passcode is sent to a device you trust, like your mobile phone.
You can also use biometric authentication. Some Windows PC versions allow you to use your fingerprint to log in. This makes it hard for a hacker to hack your PC
11) Keep your operating system, browser, and apps up-to-date.
Install new operating system updates. Most updates fix security vulnerabilities that hackers can exploit. Review all the browser settings as well as installing updates. For example, you can block websites from tracking your online activities via your browser.
12) Install Anti Spyware
To prevent spying via spyware, installing an anti spyware package takes care of these threats, including keyloggers. The software detects and eliminates these threats as soon as they are detected.
Unfortunately, Windows is the most targeted and attacked operating system. No matter how much Microsoft tries to keep its users safe, hackers always seem to find vulnerabilities and exploit them.
Keeping a step ahead of these hackers means getting to know the threats faced by Windows PC users, how to detect the threats, what to do if you encounter the threats, and how to avoid them in the first place.
Most people tend to ignore these security tips, thinking they are not worth a hacker’s time. This is not true. Information is worth a lot on the dark web, and a hacker would much rather hack ten individuals or small businesses than waste time trying to hack into one large corporate. Individuals and small businesses are easy to hack, as their security is not as layered as a large company.
These security methods need a hefty dose of common sense as well. If you see a strange email, don’t click on any attachments or links in it. If you use public networks, use a Dynamic Lock, BitLocker, or a VPN to stay safe. A large percentage of security starts with the weakest link-you.