In this digital age, the harsh reality is if you're doing business online, you're a target for hackers.

We reached out to the team at Aura Information Security to get their tips on to avoid becoming the next target.

Social Engineering

Social engineering is a component of many - if not most types of exploits. When it comes to getting employees to divulge information they normally wouldn't hackers have a fairly large bag of tricks. Here's some tactics to look out for:

Baiting: This is when an attacker leaves a malware-infected physical device such as a USB flash drive or CD-ROM in a place it is sure to be found. The finder then picks up the device and loads it onto his or her computer, unintentionally installing the malware.

Pretexting: is when one party lies to another to gain access to privileged data. For example, a pretexting scam could involve an attacker who pretends to need personal or financial data in order to confirm the identity of the recipient.

Spear phishing: This is like phishing but is tailored for a specific individual or organisation. Often the attacker is likely trying to uncover confidential information specific to the receiving organisation in order to obtain financial data or trade secrets.

Tailgating: Is when an unauthorised party follows an authorised party into an otherwise secure location such as an office building. Once inside the authorised party has free rein to explore, download and steal information.

Phishing: Is when a malicious party sends a fraudulent email disguised as a legitimate email, often purporting to be from a trusted source. The message is meant to trick the recipient into installing malware on his or her computer or device, or sharing personal or financial information.

Password Tips

While having one password for all your accounts may make things easier for you, it also makes it easier for hackers to gain access to your data. Most passwords can be hacked in under an hour, so how can you protect yourself?

  • Make passwords long and strong: Combine capital and lowercase letters with numbers and symbols to create a more secure password.
  • Unique account, unique password: Separate passwords for every account helps to thwart cybercriminals.
  • Write it down and keep it safe: Everyone can forget a password. Keep a list that's stored in a safe, secure place.
  • Never text or email passwords to colleagues, friends or family.
  • Change passwords regularly.
  • Consider using a password management application.

For more information visit www.kordia.co.nz