Even the most techno-savvy computer users need to be vigilant as online fraudsters continue to home in on potential weaknesses in technology. Philip Cheung / The National
Even the most techno-savvy computer users need to be vigilant as online fraudsters continue to home in on potential weaknesses in technology. Philip Cheung / The National
Even the most techno-savvy computer users need to be vigilant as online fraudsters continue to home in on potential weaknesses in technology. Philip Cheung / The National
Even the most techno-savvy computer users need to be vigilant as online fraudsters continue to home in on potential weaknesses in technology. Philip Cheung / The National

Gone phishing: the vital steps to take to guard against cyber crime


  • English
  • Arabic

We don’t usually need to know how the internet works. It just does. The many services that it enables, from email to Netflix to smart home lighting systems, are all delivered to us regardless of whether we understand any of the magical connectivity that takes place under the hood.

But that lack of understanding can leave security loopholes, and those loopholes are exploited by criminals who seek to steal our personal information.

The common reaction to being lectured about computer security is one of apathy and indifference, and that’s hardly surprising.

Greed at the root of increasingly sophisticated scams

The advice we’re given is often misleading, plenty of it is jargonised and over-complicated, and even if we take the trouble to act on the advice, we rarely get to see the benefit – these are preventative measures, after all. In addition, few of us believe that we could ever be a target.

The truth, however, is that most hacking is automated, and automated systems don’t discriminate. They just look for weaknesses and attack them, and if your personal information is vulnerable then your money is, too. While a small proportion of hacking is done for mental exercise, most of it is motivated by greed. They want what is ours, and they’re getting better at grabbing it.

How cyber criminals infiltrate our personal data

Criminals have three routes to our personal information. One is by attacking companies who keep hold of it, with our permission, to make it easier for us to use their services. Most companies guard that information – biographical details, addresses, credit card numbers, passwords – with great care, but a series of well-publicised breaches offer proof that security can’t always be guaranteed.

As consumers, all we can do is recognise that our personal information has value, only to give it to firms we trust, and only send them information via a secure web interface. That generally means that a padlock is visible next to the address bar in the browser and the address begins with “https” rather than “http” – but that’s not a cast iron guarantee. We need to stay alert for other signs that a site isn’t genuine, perhaps the wrong website address, poorly copied design or clumsy language.

That moment where we send information across the internet is the second point of weakness that’s frequently exploited. Fake websites, set up to collect passwords or credit card details, are often landed on via links in emails or messages which we often click on without thinking.

Even the most computer-literate can be caught out

To persuade us of the legitimacy of those messages, criminals might masquerade as a company, a charity, or a friend, a technique also known as “phishing”, or “social engineering”.

None of us like to believe that we’d fall for those tricks, but even the most computer-savvy people have been known to drop their guard and discover that they’ve unwittingly become a victim.

There’s no magic way of stopping phishing in its tracks. Yes, there is software which can help to alert us to the veracity of certain messages by either flagging them or sending them to a spam folder. But the main weapon we have is our own vigilance: being wary of messages that feature tempting offers or ask us to send personal information, and being alert to websites that just don’t look right.

Modern devices such as smartphones are not free from the threat posed by determined cyber criminals. AP
Modern devices such as smartphones are not free from the threat posed by determined cyber criminals. AP

A password should never be as easy as 1, 2, 3

All our vigilance, however, can be undone by one failing, and it’s one that we’ve exhibited for more than two decades, despite being repeatedly scolded by experts: bad passwords. It’s commonly acknowledged that the whole idea of passwords is flawed. They can be easily guessed or stolen, we’re bad at choosing them and we insist on using the same one again and again.

If you have a password that’s the name of someone or something you hold dear, perhaps with a number appended, it can and will be guessed. It might be an emotional wrench to change it, but you should. If you’re one of the 3 per cent of people who have, at some point, used the world’s most-used password – “123456” – it’s time to change it, if you haven’t already.

And if you reuse the same password across many services – as many of us do – you’re making yourself vulnerable. If your password to one service is compromised, it compromises you everywhere else, too.

Security firms tell us that if we only do one thing to try and improve our online security, it would be to start using a password manager such as 1Password or LastPass.

They generate strong passwords for every website you use, and remember them for you when you’re trying to log in. If you’re using a service that offers the option of two-factor authentication, or 2FA, turn it on. Then, whenever you log in, you’ll be texted or emailed a code to make sure you are who you say you are.

Staying up to date is key

The third route to our information, of course, is via our devices themselves. The idea of a criminal hacking directly into our computer or smartphone may seem like the stuff of science fiction fantasy, but again, hacking systems are becoming increasingly automated.

If you have a modern phone running software that’s bang up to date, you’re likely to be safe; manufacturers are waging a constant battle against hackers, and the security of the latest devices is pretty good. But older machines can be open to attack.

On average, it takes approximately 20 minutes for any computer running Windows XP to be hacked after connecting it to the internet. Now, Windows XP has been out of support since 2014, and if you’re still using it you may resent being asked to upgrade – after all, it can mean a big disruption to your computing environment – but ultimately it’s for your own good.

The truth, frankly, is that computer security is dull. It’s boring to think about, it’s arduous to implement, and the rewards can seem to be non-existent. But new hazards are emerging constantly, and a small amount of time spent dealing with it today can help to avoid a whole heap of misery tomorrow.

If you go

Flying

Despite the extreme distance, flying to Fairbanks is relatively simple, requiring just one transfer in Seattle, which can be reached directly from Dubai with Emirates for Dh6,800 return.

 

Touring

Gondwana Ecotours’ seven-day Polar Bear Adventure starts in Fairbanks in central Alaska before visiting Kaktovik and Utqiarvik on the North Slope. Polar bear viewing is highly likely in Kaktovik, with up to five two-hour boat tours included. Prices start from Dh11,500 per person, with all local flights, meals and accommodation included; gondwanaecotours.com 

Mia Man’s tips for fermentation

- Start with a simple recipe such as yogurt or sauerkraut

- Keep your hands and kitchen tools clean. Sanitize knives, cutting boards, tongs and storage jars with boiling water before you start.

- Mold is bad: the colour pink is a sign of mold. If yogurt turns pink as it ferments, you need to discard it and start again. For kraut, if you remove the top leaves and see any sign of mold, you should discard the batch.

- Always use clean, closed, airtight lids and containers such as mason jars when fermenting yogurt and kraut. Keep the lid closed to prevent insects and contaminants from getting in.

 

SPECS

Nissan 370z Nismo

Engine: 3.7-litre V6

Transmission: seven-speed automatic

Power: 363hp

Torque: 560Nm

Price: Dh184,500

ICC Women's T20 World Cup Asia Qualifier 2025, Thailand

UAE fixtures
May 9, v Malaysia
May 10, v Qatar
May 13, v Malaysia
May 15, v Qatar
May 18 and 19, semi-finals
May 20, final

Volvo ES90 Specs

Engine: Electric single motor (96kW), twin motor (106kW) and twin motor performance (106kW)

Power: 333hp, 449hp, 680hp

Torque: 480Nm, 670Nm, 870Nm

On sale: Later in 2025 or early 2026, depending on region

Price: Exact regional pricing TBA

COMPANY%20PROFILE
%3Cp%3E%3Cstrong%3EName%3A%20%3C%2Fstrong%3ESmartCrowd%0D%3Cbr%3E%3Cstrong%3EStarted%3A%20%3C%2Fstrong%3E2018%0D%3Cbr%3E%3Cstrong%3EFounder%3A%20%3C%2Fstrong%3ESiddiq%20Farid%20and%20Musfique%20Ahmed%0D%3Cbr%3E%3Cstrong%3EBased%3A%20%3C%2Fstrong%3EDubai%0D%3Cbr%3E%3Cstrong%3ESector%3A%20%3C%2Fstrong%3EFinTech%20%2F%20PropTech%0D%3Cbr%3E%3Cstrong%3EInitial%20investment%3A%20%3C%2Fstrong%3E%24650%2C000%0D%3Cbr%3E%3Cstrong%3ECurrent%20number%20of%20staff%3A%3C%2Fstrong%3E%2035%0D%3Cbr%3E%3Cstrong%3EInvestment%20stage%3A%20%3C%2Fstrong%3ESeries%20A%0D%3Cbr%3E%3Cstrong%3EInvestors%3A%20%3C%2Fstrong%3EVarious%20institutional%20investors%20and%20notable%20angel%20investors%20(500%20MENA%2C%20Shurooq%2C%20Mada%2C%20Seedstar%2C%20Tricap)%3C%2Fp%3E%0A
UAE v Ireland

1st ODI, UAE win by 6 wickets

2nd ODI, January 12

3rd ODI, January 14

4th ODI, January 16