If we talk about ‘bots,’ you’d be forgiven for thinking of the fantastic AI chatbots that have been all over the news lately.
But this isn’t a good news story. Bots are just automated programs, and bot malware is a worrying new security risk you need to defend your business against.
Malware bots are particularly dangerous because they steal full user profiles –a complete snapshot of your ID and settings. This potentially allows cyber crooks to bypass strong security measures like Multi-Factor Authentication (MFA).
Usually, if a criminal steals your username and password, they still can’t access your account because they can’t access your MFA authentication method. But with your complete profile available to them, they can trick security systems using your cookies and device configurations and effectively switch off MFA.
Once profile information is stolen, it’s sold on the dark web for as little as $5.
And it’s not even super-sophisticated cyber criminals deploying this technique. Just about anyone can obtain your details and use them for phishing emails, scams, and other criminal activity.
Since 2018, 5 million people have had 26.6 million usernames and passwords stolen, giving access to accounts including Microsoft, Google, and Facebook.
All this means there are things you need to do – right now – to keep your profiles and your business protected from bot malware.
- Update your antivirus software and keep it on at all times.
- Use a password manager and Multi-Factor Authentication to keep your login credentials safer
- And encrypt all your files so that there’s very little to steal if anyone does access your profile.
These are the things we help our clients with every day. If we can help you, get in touch.
Published with permission from Your Tech Updates.