Many people confuse technology for being safe as it is meant to ease our lives. For the most part, this is not true and just another misconception. While Cyber tech like IOT and AI has made it easier to shop and made our homes smarter, cyber threats are real for both individuals and corporations alike.
In this Blog, we look at the difference between Hacking and Phishing as these are likely two terms you are familiar with, but unless you have been a victim or you work in an industry related to computer security you might not understand the difference between the two.
What is hacking?
Hacking is an act of gaining information that is not authorized. When a hacker gains access to an account, he can use it for personal gains and can use it against the person or company and in worst cases demand ransom to release the information
What is phishing?
Phishing is scamming you with links to steal your important information. It could be an email that looks like it came from a bank or could be a link that seems to force you to sign in again to your account. The Sender, in this case, gets access to your accounts and important information by directing you to a site or link and making you share your account details.
What is the difference?
Hacking and Phishing, both are ways to obtain personal information; the difference is in the methodology. A phish occurs when a user is baited with an email, phone call, text messages and is tricked into “voluntarily” responding with information. Victims are tricked by individuals posing as known people by using forged phishing email or website and making them look official enough to make them act.
In a hack, information is extracted involuntarily, forcing the perpetrator to first take over your computer system, through brute force or more sophisticated methods, to access the sensitive data—that’s not the case with phishing.
In all fairness, there are ethical hackers—known as penetration or pen testers– who attack systems on behalf of owners to explore and document security weaknesses but they are different from the above.
Who are the victims?
Any individual, organization – small or large, across any verticals, and in any country can be vulnerable. The Motives for such attacks can involve espionage—stealing secrets–or could be monetary. A prime target for cyber thieves are an organization’s servers–that’s where the data is stored, and where the pot of gold lies in the form of sensitive data. In recent news, it was unveiled that over 3 Billion Users data was stolen from Yahoo which goes to show even the top organization aren’t safe havens of data.
Now that you know, here are some tips to save yourself from Hacking attacks
- Make your password hard to guess by using a combination of upper and lower case letters, numbers, and special characters.
- Change your password often.
- Do not use the same password with more than one account. Think about it: If you use the same email and Facebook password, and someone found out your Facebook password, they can log into your email and potentially gain access to every single account that that email address is associated with by using “forgot my password” links.
- Do not write your password down where someone else can find it. Don’t put it on a post-it near your computer. Keep it safe.
- Don’t tell anyone your password. Even if it is your best friend or significant other, no one should know your password.
- Install SiteLock on your website. This scans your website for potential threats and auto-blocks any unsolicited attempt.
Some tips to save yourself from Phishing attacks
- Use trusted security software and set it to update automatically.
- Don’t ever give any personal information over email or private message. If your bank needs to confirm your account number, call them using the number on the back of your bank card. Do not reply to email, text, or pop-up messages that ask for your personal or financial information. Businesses that are legitimate will not ask you to send private information over insecure channels.
- Don’t click on links within emails or in private messages.
- Log in to the company’s website by typing in the URL into the address bar. Don’t sign in through any links from the email or message.
- Be cautious of opening attachments and downloading files to avoid a virus.