The National Cybersecurity Institute makes the ‘Guide to cyber attacks. Everything you need to know at the user level ‘. It is a guide that aims to become a reference document for Internet users interested in learning about the types of cyberattacks to which they are exposed. All this without the need for great technical knowledge. You can check it here.
What will you find in the cyberattack guide?
Cybercriminals are always on the lookout for new ways to attack users. They do so by taking advantage of our ignorance or vulnerabilities in our defenses. Its objectives are many and can have different consequences for the user.
The guide is divided into four main categories. Password attacks, social engineering attacks, connection attacks, and malware attacks. It examines more than 30 different types of attacks. These include both the most popular, such as phishing, viruses, or malicious applications; like those less known, among which we can find dumpster diving, spoofing, or cryptojacking, among others.
For each of these types of attacks, the manual gives you some guidelines so that you know everything you need to know and prevent them. Specifically, it will tell you how each attack works and what is the objective of cybercriminals with it. Finally, it will offer you instructions to protect yourself against the attack. In addition, it also includes more relevant information with each of them.
Decalogue of good practices in cybersecurity
In its guide, the Internet Security Office proposes the following decalogue of good practices in cybersecurity to improve the protection of devices and the security of user information against attacks:
- Use an antivirus to scan all suspicious files and downloads. You must always keep it updated and active.
- Keep the operating system, browser, and applications always updated to their latest version to avoid vulnerabilities.
- Use strong and different passwords to protect all your accounts. If possible, use two-step verification or another authentication factor.
- Be wary of suspicious attachments, links, or overly attractive promotions. Most scams are based on social engineering attacks that can be detected using common sense.
- Be careful where you navigate. Only use secure websites with HTTPS and digital certificates and use incognito mode when you don’t want to leave a trace.
- Only download legitimate applications or software from official sites to avoid getting infected by malware. In the case of applications, remember to give only the essential permissions for their operation.
- Avoid connecting to public Wi-Fi networks or unknown wireless connections. Especially when you are going to exchange sensitive information, such as bank details. And, in case you have to go online in an emergency, try using a VPN.
- Do not share your personal information with anyone you do not know or publish or save it on untrustworthy web pages or services.
- Make backup copies to minimize the impact of a possible cyber attack.