Common online threats

8 February 2021

In order to recognise the significance of the safety measures set out above, it’s important for users to learn about the most common threats they face in the online world.

JOSA

Hacked and stolen accounts

Malicious actors – often called hackers – can gain unauthorised access to a user’s account, often by knowing or guessing a user’s password. While online platforms tries to keep hackers at bay, users also need to take the necessary precautions to protect their passwords and accounts.

Extortion

When a user contacts another user and attempts to obtain money – or other valuables – by threatening to publicly reveal private or damaging information about the victim, this is called extortion. When the user threatens to reveal images of sexual nature, it’s referred to as sextortion.

Social engineering

Social engineering is the act of manipulating a person into performing a certain action, or revealing personal often sensitive information. Attackers often develop a friendship or employ psychological tricks to convince a person to share photos, share passwords, etc. Instead of finding a security vulnerability in the software, an attacker could pose as an IT support person and pretend to have a noble aim of supporting users with protecting their accounts, and request for the user’s password to accomplish this aim.

Phishing attacks

Phishing is when a user disguises themselves as a trustworthy entity and attempts to obtain (or “phish” for) sensitive information from another user such as their password or credit card information. For example, someone pretending to be a local grocery business, sends you a message claiming they have a discount at their grocery store. They ask you to place your order via WhatsApp, and to also send your credit card number, expiry date, and security code in order to “process your payment”. Another example, you receive an email that appears to be from Facebook. The email says there’s a threat to your account and that you should login right away to resolve it. You click the login link from the email and enter your email and password. There, you’ve handed your login credentials to the hacker.

Impersonations and fake accounts

Users often spot accounts that pretend to be someone they know, or themselves, or are simply fake. These fake accounts pose a threat as they are often used to gain other users’ trust and gain followers and friends, and then use the fake account to threaten the user they’re impersonating or extort them.