Security Misconception 1: I'm safe because I never shop online
When Kindsight took to the streets, we found five key misconceptions about cybersecurity including the one in this video: I’m safe because I never shop online.
While there are definitely risks with online shopping, every time you go online you are potentially placing your identity at risk. Hackers are becoming more aggressive and use many different attacks to take over your computer and steal your personal information.
These attacks may include phishing emails where you are directed to a forged website that will ask you to login or enter your credit card. The site looks real but isn’t and the hacker captures the information entered by you. A lot of effort is put into making these sites look more and more real, which makes it difficult to detect the threat. This was one of the other misconceptions we uncovered: it was easy to recognize fake sites.
Another attack could be that the hacker creates a poisonous site, which again looks real, to download malware to your computer. In some cases, just visiting the poisonous site is enough to get infected but often the attack could be hidden in a download or as an email attachment.
This malware could be a Trojan that allows the hacker to take over your computer, or a keylogger where the hacker can record everything you enter, including user name, password and credit card numbers. These attacks work even if the site is secure which was another misconception: I’m safe because the website is secure.
Most frightening is that these malware attacks continue to grow according to McAfee’s latest Threats Report as reported by CNET. In the latest report, McAfee identified an average of 60,000 new threats each day in the third quarter, almost quadrupling since 2007.
Recently eWeek reported that more than 1.2 million Websites were infected by malware in the third quarter of 2010, according to security firm Dasient. This is more than double the infected sites from a year ago.