The customer databases of popular companies like Target are a goldmine for hackers who want to craft social engineering schemes.
This doesn't mean you should abandon conventional security measures. You should absolutely have a firewall in place and antimalware tools that are kept up to date. Those things are table stakes that are required just to maintain the status quo for computer security. But theyre not enough. You also have to exercise some degree of skepticism about emails, text messages, or other communications you receive.
Users have been conditioned for years not to open file attachments or click on links in email messages from unknown or suspicious sources. The way attacks are evolving, though, you now need to approach everything with similar caution. Attackers go wherever there are potential victims. As social networks and mobile devices have spiked in usage, cybercriminals have targeted users there as well, and many users who know better have been caught off-guard.
The secondand more importantissue is that its no longer just about communications from unknown sources. The sheer volume of sensitive, personal information that has been compromised means that attackers know a lot about you, where you live, and which companies you do business with. It means that attackers who just used to cast a wide net and hope to find a gullible victim can now target victims with much greater precision using accurate and relevant information.
Your security software cant help you hereonly awareness and common sense can block these types of attacks.
Users must be ever vigilant, otherwise they will become victims, Melancon said. Unfortunately, vigilance doesnt come naturally to most users.
Sign up for CIO Asia eNewsletters.