What is it?

It looks like a trusted program, but it gives thieves a back-door to your information.

How can you avoid it?

Be on the lookout: you wouldn’t invite suspicious people into your home, so make sure you can trust the things you are downloading.

Learn more:

Kaspersky Internet Security Center Trojan Onion Ransomware News:
Improved Version of CTB-Locker Emerges Chthonic Zeus Variant Targeting
Online Bank Users Globally Neverquest Trojan: Built to Steal from Hundreds of Banks

What is it?

An open WiFi hotspot (or access point) can be a trap. Once you connect, you may be tricked into giving your login details to fake websites, where someone can steal your usernames and passwords.

How can you avoid it?

Stop random hook-ups: only connect with access points that are secure and you are familiar with.

Ask for the real deal: simply ask a restaurant or airport for the name of their WiFi network before logging in, so you don’t fall for the phonies.

Learn more:

Millions of Smartphones Vulnerable to Rogue Hotspots by Default Easily Avoid Wi-Fi Insecurity

What is it?

It looks just like a real website, but once you login, it steals your username and password.

How can you avoid it?

Verify before you ratify: if you landed on a webpage that seems suspicious (clicked on a banner or a link that you were sent), make sure you are dealing with the real deal. Look at the URL address and verify that it is written exactly as the official site’s address.

Learn more:

Why phishing works and how to avoid it Social Networkers Beware: Facebook is a Major Phishing Portal How to set up Safe Money

What is it?

When information is transferred over a network, a program called a packet sniffer can read pieces of the data.

How can you avoid it?

Keep your valuables hidden: it’s better to build a secure nest combining Tor and VPN, because while VPN encrypts your traffic it doesn’t provide anonymity, and Tor has several weak points of its own.

Learn more:

Protecting the Whole Home Network and Everything Connected to It Dozens of Popular Android Apps Leak Sensitive User Data Bad Guys Are Watching You (via insecure Wi-Fi)

What is it?

An attacker who pretends to be a part of a network connection, stealing information as it passes through. More advanced forms of this attack include Man in the Browser, where an attacker gets between you and the security mechanisms within the browser.

How can you avoid it?

Stay updated: the newest versions of operating systems and browsers fix security issues to prevent attacks. Download updates regularly to ensure your protection.

Don’t tell too much: be suspicious and don’t fill in more details than usual, like additional passwords or PINs that your bank wouldn’t normally ask for.

Learn more:

What is a Man-in-the-Middle Attack?

What is it?

An app on your smartphone that may not be visible on your home screen, but provides remote access to your information.

How can you avoid it?

Seal of approval: make sure you only download apps that have been verified by a trusted source, like those on Google Play or the App Store.

Don’t be old school: install updates for your mobile OS and applications regularly to prevent old security flaws from being attacked.

Learn more:

The Big Four Banking Trojans Mobile Protection for Your Android Device iOS Vulnerability Behind WireLurker Apple Malware Revealed

What is it?

A program that records every keystroke that you make, even on a mobile device.

How can you avoid it?

No typing, no problem: a password manager or a browser that remembers your login details lets you sign in without using any keystrokes.

Type with your mouse: a virtual keyboard program shows you on-screen keys that you can click when entering sensitive data.

Increase security: security software is the surest way to protect access to your data.

Learn more:

What is a Keylogger? Keyboard Spies: Now on iPhones Tip Of The Week: Protecting Personal Data From Online Interception

What is it?

A pop-up or page that looks real, but when you type your account or bank details, it steals your information.

How can you avoid it?

Reality check: in mobile devices, fake pages often launch as a pop-up over the browser window. If you are about to enter sensitive information, check the other running apps and make sure you are still typing in your browser on the official page, and not on a phony pop-up.

Learn more:

Step-by-Step: How to Use the Safe Browser on Android Is Your iPhone Already Hacked? A Fruity Bait

What is it?

When your smartphone is connected to a wireless network, the information it transfers can be read by a program called a packet sniffer.

How can you avoid it?

Turn on, tune out: using a mobile data connection like 3G or LTE can protect you, since packet sniffing for mobile devices mainly occurs through Wi-Fi.

Learn more:

Protecting the Whole Home Network and Everything Connected to It Dozens of Popular Android Apps Leak Sensitive User Data Bad Guys Are Watching You (via insecure Wi-Fi)

What is it?

An attacker who inserts themselves into the digital conversation between your device and your network. Even smartphones can be manipulated.

How can you avoid it?

Lock it up: a browser will show which sites are secure by showing the icon of a lock or HTTPS in the address bar.

Double down on verification: using a second form of verification, like one-time passwords sent from your bank to your phone, can prevent an attacker from being able to use stolen bank details.

Learn more:

What is a Man-in-the-Middle Attack? 11 Unsecure Mobile and Internet Messaging Apps

What is it?

A virus that is downloaded onto your tablet, sometimes bundled with another app, that allows someone to perform attacks remotely.

How can you avoid it?

Strict permissions: every time you install an app, try to limit the access it has to parts of your device. If a wallpaper app or game wants to access your accounts, text messages, contacts, and location, it is very suspicious.

New is not always safe: even if it’s from a trusted source, be suspicious of apps that are less than a month old. Read the app’s reviews to see if other users have had problems with it.

Learn more:

The Big Four Banking Trojans Mobile Protection for Your Android Device iOS Vulnerability Behind WireLurker Apple Malware Revealed

What is it?

Any password that can be guessed on the basis of personal information or doesn’t include special characters or numbers. Even if your password is complex, it can be weak if it hasn’t been changed in a long time.

How can you avoid it?

Your system – your safety: it is much better (and safer) to make up your own system that lets you generate unique, complex passwords. For example you can take any verse that you know by heart and use the first letters of each line to generate a password. Also it’s a good idea to add numbers to your password (like the exact count of words in the used verse) and special symbols.

Learn more:

Must-have link Worst passwords of 2014 False Perceptions of IT Security: Passwords

What is it?

An email, message, or pop-up that directs you to a fake site to steal your sensitive data like login or credit card information.

How can you avoid it?

No sweat: often, phishing messages are designed to make you panic by demanding you urgently to login to fake sites. Check the email address of the sender or make sure that the site is real by cross referencing the original contact or site.

Learn more:

The Evolution of Phishing Attacks How to Play Strong Defense Against Malware Attacks During the World Cup Why phishing works and how to avoid it Social Networkers Beware: Facebook is a Major Phishing Portal

What is it?

A program used by an attacker that reads pieces of data as it flows through a network.

How can you avoid it?

Speak in code: encrypting the data that you send and receive will ensure that an attacker can’t read it. Use a VPN (Virtual Personal Network) available on browsers like Tor, that can automatically encrypt your data to keep you protected.

Learn more:

VPNs and Why You Should Use Them Bad Guys Are Watching You (via insecure Wi-Fi) Protecting the Whole Home Network and Everything Connected to It

What is it?

An attacker who gets between you and your network connection and reads sensitive information as it is sent and received.

How can you avoid it?

Secure without a doubt: to be certain that attackers can’t read your information, you can use a free app like HTTPS Everywhere, which lets you browse in secure mode on sites that support HTTPS.

Learn more:

What is a Man-in-the-Middle Attack? Digital Certificates and ‘HTTPS’