For hackers, the ultimate goal is to make some money. However they go about doing it, be it stealing data and selling it, mining cryptocurrency or something else, they want to get paid for doing something illegal.
Needing to try and protect ourselves from them is a way of life in the digital age and something that gets more complicated and difficult as technology continues to advance at an incredible rate. Yet, we have to try.
That's why any time a new hack is discovered, it is imperative that we understand what it is and how to defend ourselves. In this case, the hack is trying to take a new-age approach to one of the oldest crimes in the book.
They are trying to rob the bank
Criminals have long looked to banks as a way to make crime profitable, but the digital age means they do not actually have to step foot in one to get away with some money. As has been discovered by Positive Technologies, a firm that provides internet security for products and businesses, banks and finance web apps are among the most vulnerable to hackers.
Most of their focus is on the apps, with the goal being to take advantage of the average person. According to Positive Technologies, 87 percent of the banking web apps they tested were susceptible to attacks.
With that kind of success rate, it's understandable that hackers would set their sights on the industry. At the same time, they also target government app users due to their being generally less security-savvy.
What makes them so vulnerable?
Positive Technologies says the most common vulnerability is in Cross-Site Scripting, which is susceptible to phishing attacks. As we know, those allow for malware to infect devices, which then causes all sorts of problems.
Phishing attacks often come via an email that pretends to be from someone or someplace you can trust, but in turn, infect your computer once you click on the links. Another common attack, a denial of service (DOS), blocks access to certain websites or services.
Positive Technologies discovered 75 percent of e-commerce web apps have vulnerabilities to DOS attacks.
You can blame employees
As much money and effort as companies and banks put into their security, there is always the possibility that human error will open the door for a hacker. Positive Technologies says employees often unknowingly let hackers in by downloading malicious files or getting caught in phishing attacks.
To test their theory, the company pretended to be hackers and sent emails that contained links to sites or forms that required password entry to employees. A total of 3,332 messages were sent, with 17 percent (or roughly 575 people) following through and getting caught in the would-be scam.
The most effective phishing method was with a link in an email. A lofty 27 percent of people who received one of those clicked on the link, with users paying little attention to the URL that would have given away the fact that it was not a legitimate site.
Whichever method they succumbed to, with the information employees provided, their own computer or possibly their company's entire network would have been compromised.
How do I keep my accounts safe?
With phishing expeditions, the key is being careful about what you are clicking on and with whom you are sharing information. If an email asks you to click on a link, first make sure you know who sent it, and second, look over the link for any irregularities.
If you don't recognize the sender or the link goes to an address that doesn't look right, don't click. The whole point of phishing attacks is hackers cast a wide net, but they only catch people who are not careful.
So yeah, your iPhone can be hacked in just 6 minutes
A mysterious company based in Atlanta named Grayshift has reportedly developed a relatively inexpensive standalone gadget that can crack iPhone and iPad passcodes in mere minutes.