Skip to content

Hackers’ Toll Goes Beyond Finances

May 3, 2016

I wrote about the toll hackers and cyber criminals take on end-users four years ago and think the topic deserves a refresh given the ramped up attacks since then.

Each year, the increasing cyber crime menace impacts us beyond the financial cost of anti-virus and anti-spam programs and firewalls, expensive virus removal fees, or splurging for a Mac because they appear to be immune from infections (truth: they’re no more immune from social engineering attacks than Windows computers).

The toll is no longer just financial, however. Hackers have diminished our confidence in the good nature of others and our ability to discern between good and evil.

The attacks have been so clever — designed to look like legitimate security or virus alerts with scary messages about the consequences of not following the instructions — that not only are end-users tricked into clicking them, they no longer have the confidence to click on the legitimate notices.

Of course, if they don’t follow through on legitimate alerts, they risk the security of their computers and their data by ignoring critical updates.

Hackers have confused end-users to the point of near paralysis. End-users might spend hours or even days trying to figure out if they should abide by an update alert or ignore it out of fear that it’s an infection. We get many calls from clients asking those very questions about good notices, as many as we do about actual infections.

Phishing emails, booby-trapped attachments from friends who have been hacked, threatening phone calls and on-screen warnings, pretexting believable but false scenarios, reconnaissance with seemingly innocuous questions that reveal valuable information to hackers, forged web sites and emails with links to infections, alarming or normal emails reputedly from UPS, the IRS, FedEx, banks and retailers … all of them far more convincing than the stereotypical Nigerian Prince scams of years past.

Pile on sneaky “Recommended” add-ons that the likes of Java and Adobe add to their updates that tangibly change your settings, annoying repetitive renewal and update notices from legitmate security software that mimics the behavior of infections, and Microsoft’s shady Windows 10 update procedure, and it’s a wonder anyone clicks any notice anymore.

This particularly affects less savvy end-users for whom any alert sounds convincing or scary. Honestly, faced with a bewildering array of alarming alerts on their computers, how many end-users will be comfortable enough to trust that their next click won’t encrypt the company’s files? How much time and money is lost to such paralysis?

Your end-users need to be educated on the differences between valid and malicious alerts and appropriate responses to the malicious ones.

A good security awareness program such as our FlexIT End-User Security program, that gets their attention and maintains their diligence, can not only help them avoid infections but restore the confidence they need to work safely and efficiently.

No comments yet

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: