Have you ever found a memory stick without knowing its owner? Were you curious to find out to whom it belonged? Should you insert the device in your own computer and have a look at the files to find out the owner?
You receive a friend request in Facebook or LinkedIn from a seemingly nice person, however, not being quite sure who that person is. You may also have one or two mutual friends. What on earth does s/he want from me?
You receive an email with a subject line that arouses your interest but the sender is completely unknown. Would I lose the chance of my life if I did not open this good offer?
What is this all about?
The memory stick you inserted in your computer seemed empty but in reality you might just have installed a programme that sends all of your existing and future files to a criminal. When accepting a friend request from an unknown person you allow this person to see some of the email addresses of your friends. You possibly also told this guy when your home is empty. Opening an email does not necessarily do any harm, but by opening the file attachment you may allow all of your previous week’s emails to be sent to the world.
As a holder of identities of your friends and colleagues and a possessor of information, money and device resources, you may be useful to criminals in many ways. Your identity can be used to make purchases and searches in the Internet, where trust is based on identity. Even your own email or other valid addresses contained in your email client are merchandise worth a great deal of money. You may work at a company who process data of their own or of their customers that must not get into wrong hands. It is also possible that the goal is to prevent you from accessing your own data or to demand ransoms for the return of this data. Almost in everyone’s circle of friends and acquaintances there is one person whose credit card has been used for unauthorised purchases.
But what if I after all inserted the memory stick in the computer and opened a suspicious email?
If all of your device software is updated and data security applications work reliably, the risk of your workstation becoming infected is significantly reduced. However, it is possible that a virus that has accessed your computer is so new that even updated data security software fails to recognise it. It is also possible that the intruder uses a so-called zero-day attack, vulnerability for which a protection does not exist yet. In this case, even the latest updates do not necessarily provide protection.
The biggest data security threat is that you don’t know what you are doing and start to avoid the good sides of the digital world. Information security is a combination of understanding, management and technology. Do you have this understanding?
Download our digitalisation guide: