Identifying Online Threats

The Internet is used by businesses and employees every day. While it’s quite easy to spruik the positive aspects of the Internet as a business tool, not enough attention is paid to its darker elements.

With the number of Internet users soon to eclipse 50% of the global population, unsavory characters will continue to take advantage of user ignorance to make easy money or cause malicious damage. With this in mind, what is the weakest point in your IT security?

Kaspersky Lab, a global IT security company, recently put out a quiz to 18,000 users across 16 countries – including Australia – entitled ‘Are you cyber savvy?’ Respondents were given a number of scenarios and questions to try and determine how safe their online conduct is, while also seeing if they could identify a threat.

The Weakest Points Identified

The results were startling, with 76% of users unable to discern between legitimate and phishing websites, 34% downloading a malicious executable instead of a music file, and 19% of users disabling anti-virus if a software installer prompts them to.

Users were given four screen shots of a Facebook login page and asked which one they would enter their personal credentials into. What would your look for on a website to decide if it was safe before entering your credentials? The clue wasn’t necessarily the page’s content, though many scam attempts succumb to poor spelling and grammar. Of the four screen shots only one had the correct web address (https://www.facebook.com/) but only 24% of quizzed users chose the legitimate website from the three fake websites.

In another scenario, users were shown four file names and were asked which one they’d download if they were attempting to acquire ‘Yesterday’ by The Beatles. Only one option (.wma) was safe to download whilst the remaining three (.exe, .scr and .zip) are file extension s commonly used by unscrupulous hackers to attack unwary users. Interestingly, respondents were easily  manipulated by simple tricks of throwing a spelling mistake into the correct file extension (‘Betles-Yesturday.wma’) and adding the well-known music term ‘mp3’ into the .exe file extension – the most dangerous file to download. The majority of respondents selected the potential malware. The correct answer was the misspelled (‘Betles-Yesturday.wma’), with the majority of respondents selecting potential malware.

Overall, the average score on the quiz was 95 points out of a possible 150; showing that users were exposing themselves to significant danger in these hypothetical situations.

How To Strengthen Your IT Security

At itro, we have a number of solutions available which will limit your exposure to these kinds of threats, from website blocking, to email filtering, and anti-virus. These are implemented using a range of hardware, software or both depending on different organizational IT Security requirements. However, this is only part of the puzzle, and we require your assistance to ensure that your staff remain vigilant while using the internet in the office, and at home.

You can try Kaspersky’s quiz here and see how you’d fair in these hypothetical situations.