Recognising a hacker

13th of November 2017 Article by Jacco Vonhof
Recognising a hacker

Netherlands correspondent Jacco Vonhof, chairman of VSR, reports on a new book about hacking and its implication for cleaning companies and suppliers.

Many companies and private individuals think: “I have nothing to hide. I wouldn’t be of interest to a hacker.” But research journalist Maria Genova dispensed a rude awakening for our members during our annual VSR summer party. She began by asking us all what we had stored on our computers.

“Scanned passport, photos, passwords,” came the responses from the attendees. So in fact, this could be pretty interesting to a hacker.

Genova explained that hackers wishing to penetrate a company will often no longer target the company itself, but work via its staff instead. “They can intercept quotes and invoices through the staff’s own private computers. They copy the invoice, replace the bank account number and receive the money.”

A business may also have to deal with malware. This is where hackers demand money (generally €300-€1000) to unlock your computer or system. Phishing emails are another risk to contend with. Even just opening one of these emails could result in compromise, and clicking a link inside is certain to end in tears.

Maybe you’re wondering now: “But won’t my anti-virus program protect me? I’ve got a Mac - does that make a difference? Can’t my internet provider offer protection?” None of that really helps, according to Genova, though there are some measures we can all take. At most though, these will just give the hacker a harder time of it. The best defence against a hacker is to recognise the
hack attempt and attempt to prevent it. I’ll gladly share her tips with you:

• Phishing emails. Genova says: “Hackers might send emails about a package that’s on its way, those coffee cups you ordered or an invoice from your provider that’s ready to view. There’s always someone for whom this will be relevant.”

Tip 1: How do you recognise a phishing email? If you right-click on the sender, a completely different email address will often appear.

Tip 2: Check the domain name. If you get an email at work from company@secure.com, then it might seem legitimate, but hold on: the domain name is wrong. Only e-mails ending in ...@company.com are safe.

• Weak or repeatedly-used passwords. If one account is hacked, they can get into them all. “A hacker might then be able to place Internet orders from your account and receive the purchase amount in their own bank account. That would make you appear to be a fraudster yourself.”

Tip: choose a long password, for example a sentence like ‘thisisaniceplaceF<for Facebook>13’, while for Instagram you would use: ‘thisisaniceplaceI13’.  Genova says: “Difficult to hack, but still easy to remember. Password managers can also work well.”

• Banners and Wi-Fi. Banners, advertisements and public Wi-Fi networks can also be risky, so it’s important to always run software updates. And if you’re not using Facebook or YouTube for a while, it would be safer to connect to the internet via 3G or 4G.

Conclusion: you don’t need to be a sitting duck; take all the obvious measures and always think things through.

Our Partners

  • ISSA Interclean
  • EFCI
  • EU-nited