The first known use of the term “trick or treat” was found in a November 1927 edition of Blackie, Alberta’s Canada Herald:
Hallowe’en provided an opportunity for real strenuous fun. No real damage was done except to the temper of some who had to hunt for wagon wheels, gates, wagons, barrels, etc., much of which decorated the front street. The youthful tormentors were at back door and front demanding edible plunder by the word “trick or treat” to which the inmates gladly responded and sent the robbers away rejoicing.
“No real damage” from “youthful tormentors?” Sounds a lot like the early days of hacking. Unfortunately those days are long over.
“It’s a business,” F-Secure’s Chief Research Officer Mikko Hyppönen told Wired UK.
“There’s a whole structure there that’s needed,” F-Secure’s “Cyber Gandalf” Andy Patel told ITPRO. “An individual can’t just go in and do this now; it’s not a one man job… these are companies.”
The cyber crime “industry” has raked in hundreds of millions and possibly even billions of dollars. And it does it, in general, by counting on people to make mistakes.
“People do stupid stuff,” Mikko explained. “You cannot patch people.”
The first step to avoiding a threat is knowing it exists. So this Halloween as you search for treats online, look out for these tricks.
F-Secure Labs has warned about malware that holds your digital files hostage to demand a ransom for most of the last decade. But it’s in the last year that the threat has burst into the mainstream and become something you can’t go a few weeks without hearing about it on the news. How do you avoid this trick? Keep your system software updated and run security software at all times. Make regular backups of every file that matters on your computer and never click on attachments and links in emails that you weren’t expecting.
- Find My iPhone Scam
This scam answers the question, “How can losing your iPhone get any worse?” People who use the “Find My iPhone” app have been targeted by criminals who’ve gotten ahold of their phones with a scam that allows the crooks to gain access to the device and — possibly — the owner’s most intimate financial details. How do you avoid this? Check the URL before entering any confidential data. Or as Apple says, “You should never enter your Apple account information on any non-Apple website.”
- Phishing Scams
As cyber criminals have gone pro, they’ve gotten better at using old tactics that we thought had faded away — like email attachments and phishing scams. Like the trick that gives crooks access to stolen iPhones, a phishing scam just tricks you into entering your private credentials into the wrong site. And it then uses those credentials to hack your email, financial accounts, etc. Checking URLs before entering data is crucial because with the explosion of photo editing software and skills, it’s now easier than ever to make a fake site look real. Experts believe that one wrong click to a fake site led the chair of a major presidential campaign to expose his entire inbox to the world.
- Having someone else leak your password
Millions and millions of passwords have been leaked in 2016, some from breaches of data that took place years ago. It might not sound scary that your Yahoo! password from 2005 is now public, except if you are still using that password today on a critical account. This is why you need to use strong, unique password for each important account. Yes, remembering all that is almost impossible. So consider using a tool like F-Secure’s KEY to manage your passwords. KEY is free to use on one device.
- Haunted IoT devices
As our homes are getting smarter by connecting almost everything to the internet, they’re also getting haunted — by cyber criminals. A botnet is a network of computers that have been hacked and “enslaved.” Security expert Brian Krebs was recently hit by a monster attack on his site that he believes was powered by a botnet powered by “‘Internet of Things,” (IoT) devices — routers, IP cameras and digital video recorders (DVRs) that are exposed to the Internet and protected with weak or hard-coded passwords.” What can you do? So much of this problem requires manufacturers to improve their security. But you can help by keeping every device updated with the latest software from the manufacturer and always changing your default passwords.
[Image by Daniel Lewis | Flickr]