Καθώς πλησιάζει η περίοδος των καλοκαιρινών διακοπών, η Check Point Software Technologies Ltd., πάροχος κυβερνοασφάλειας, προειδοποιεί το κοινό να παραμείνει σε επαγρύπνηση λόγω των αυξημένων κινδύνων στον κυβερνοχώρο με στόχο τόσο άτομα όσο και τους οργανισμούς.
Despite airport delays, rising costs and continued uncertainty surrounding COVID-19, international travel this summer is expected to grow 11% from pre-pandemic levels.
In the rush to catch up on their vacations, for some their first in three years, travelers are likely to neglect cyber security and face risks related to their online activity. Cybercriminals are well aware of this vulnerability and, if anything, ramp up their efforts during the summer season.
According to the report Threat Intelligence Report by Check Point Research (CPR), the global average number of weekly attacks on travel and leisure organizations increased by 60% in June 2022 compared to the first half of June 2021.
Between May and August 2021 attacks on these sectors increased by 73% and this year is likely to see a similar surge, with one of the key trends involving hackers impersonating established brands in phishing attacks as holidaymakers look for last-minute holidays and travel, hotel and attraction offers with delayed availability.
Figure 1 Phishing email impersonating Delta Airlines
Figure 2 Deceptive Delta Airlines page
A potential vacationer who clicks on a phishing email or provides their login information over an unsecured public Wi-Fi connection could face personal risk in terms of credential theft, as well as lead to financial losses. However, there is also an even more serious risk to their employers.
The trend toward so-called hybrid vacations, where people work remotely for part of the summer vacation, makes this threat even more real. Personal laptops, tablets or mobiles often provide criminals with easy access to corporate networks, especially if BYOD devices are not adequately secured.
Εν τω μεταξύ, τα ίδια τα εταιρικά δίκτυα είναι πιο ευάλωτα αυτή την εποχή του έτους ή ακόμη και τα Σαββατοκύριακα και τις αργίες καθ’ όλη τη διάρκεια του έτους. Με τις ομάδες επιχειρήσεων ασφαλείας να εργάζονται με μειωμένο προσωπικό, οι επιθέσεις στον κυβερνοχώρο μπορεί να μη γίνουν αντιληπτές μέχρι να είναι πολύ αργά και η ζημιά να έχει γίνει. Χαρακτηριστικό παράδειγμα ήταν η επίθεση ransomware στο δίκτυο της Kaseya στις 4 Ιουλίου πέρυσι από τη ρωσόφωνη εγκληματική συμμορία REvil, η οποία επηρέασε πάνω από 1000 οργανισμούς σε όλο τον κόσμο, επιπλέον περίπου 15 παρόμοιων επιθέσεων ανά εβδομάδα κατά τη διάρκεια του Μαΐου και του Ιουνίου, σύμφωνα με την CPR.
For many of us, this may be our first time traveling abroad since the pandemic, and as such there may be some elements of our travel routine that we may have forgotten, including cyber security habits. This is highly desirable for opportunistic hackers looking to take advantage of lax behavior and unprotected devices. It is also a risk at an individual level in our hyper-connected world, as well as for any organization with which a person communicates, including their employer, said Michalis Bozos, Sales Manager Greece & Cyprus, Check Point Software.
By planning ahead, individuals can look forward to their vacation knowing they have taken simple but necessary precautions to secure their devices while protecting their employers' networks. That's why Check Point has put together ten top tips to help consumers stay safe during the summer months.
Top tips to keep your devices secure
1. Treat public Wi-Fi hotspots with caution. Free Wi-Fi access is attractive, but it can also pose some serious security threats. It's not uncommon for hackers to sit in airports, waiting for travelers to join public Wi-Fi networks so they can take advantage of unsuspecting travelers. Avoid unsecured Wi-Fi networks altogether if possible, but if you must use them, avoid accessing personal accounts or sensitive data while connected to those networks.
2. Pay attention to those around you. The person sitting next to you on the plane or while you are waiting to board your plane may have malicious intent. Someone could be looking over your shoulder while you're entering your credit card information or logging into social media. It's smart to get a screen protector, which can help you hide your information from prying eyes.
3. Double-check the websites you make travel reservations on. Travel-related cyberattacks can happen even before the trip begins, so it's vital to check the travel website you use. Scammers like to impersonate genuine websites and pretend to offer luxury vacations or discounted travel in order to steal your personal information. If an offer looks or sounds too good to be true, it probably is. Before proceeding, thoroughly research the company offering the deal. Use a credit card for travel transactions, not a debit card. Credit card companies often have fraud protection in case you fall victim to cybercrime, whereas with a debit card, your money is likely gone.
4. Beware of language mistakes. In this case, we are not talking about learning the local dialect, but rather be aware of any spelling or grammar mistakes, as well as authoritative phrases that push you to make hasty decisions, as this could indicate that something is not right. it's going great. That's because cybercriminals rely on people not taking the time to look at the small details that might signal an email or message isn't legitimate. To stay protected, always take an extra minute to verify the authenticity of a message, especially if it's trying to get you to reset your login details, as once a hacker gains access, it won't take long to wreak havoc.
5. Never share your credentials. Οι περισσότεροι άνθρωποι επαναχρησιμοποιούν τα ίδια ονόματα χρήστη και κωδικούς πρόσβασης σε πολλούς διαδικτυακούς λογαριασμούς, γι’ αυτό και η κλοπή διαπιστευτηρίων αποτελεί κοινό στόχο των απάτης phishing. Ως εκ τούτου, θα πρέπει να είστε ιδιαίτερα προσεκτικοί κάθε φορά που σας ζητούνται τα στοιχεία σύνδεσής σας. Τα μηνύματα ηλεκτρονικού ταχυδρομείου/μηνύματα phishing συνήθως αντιγράφουν γνωστές μάρκες, υποδύονται ειδικούς υποστήριξης πελατών ή ακόμη και υποδύονται τον εργοδότη σας. Για να διατηρήσετε τους λογαριασμούς σας ασφαλείς, μην μοιράζεστε ποτέ τα διαπιστευτήριά σας μέσω ηλεκτρονικού ταχυδρομείου ή μηνυμάτων κειμένου και εισάγετε τα online για να αποκτήσετε πρόσβαση σε υπηρεσίες μόνο εφόσον έχετε πιστοποιήσει τον ιστότοπο, πηγαίνοντας απευθείας από το πρόγραμμα περιήγησης που έχετε επιλέξει.
6. Turn off automatic Wi-Fi/Bluetooth connections. There may be a default setting on your smartphone to automatically connect to an available Wi-Fi or Bluetooth network, which may allow malicious actors to gain access to your device. Make sure this feature is disabled to prevent cybercriminals from hacking your device.
7. Use multi-factor authentication. When you are on vacation, you may need to access important services that contain confidential or financial data. To be safe, use a multi-factor authentication (MFA) process to ensure that you are the only person who can access these services and that you are notified if an unauthorized person attempts to connect.
8. Download the latest security updates. Before you get ready to leave for your trip, make sure all your devices are up to date with the latest security updates. This way you will keep them protected from the latest known threats.
9. Get informed about the latest attacks. It's a good practice to do some research on the latest attacks going around so you don't fall prey to any tricks threat actors might use to spread ransomware. Remember that not all scams are based on phishing and that you could still be exposed to provide your credentials over the phone or SMS.
10. Be suspicious of ATMs. Avoid withdrawing money from ATMs, as hackers, especially in tourist areas, have been known to attach credit card skimming devices to stand-alone ATMs. If it is necessary to use one, find an official bank machine, preferably one located within the lobby of your trusted bank.