Apple fans have a lot to be proud of. By almost any metric, Apple outperforms its competitors – except perhaps in the price arena. But, as they say, you get what you pay for. Apple users have long benefited from a superior operating system that for many years held most malware threats at bay. It was, however, inevitable that the bad guys would catch up – it’s simple math. There are literally millions of people trying to hack into machines running iOS and – by comparison – only a handful of dedicated engineers trying to stop them. Apple’s software may be superior, but it’s not invulnerable.
Case in point: as of February 2021, a third ransomware strain for macOS devices has been found. “EvilQuest” attempts to encrypt macOS devices… and it’s truly evil. As one blog puts it: “We can find evidence that the ransomware is still being developed and is not yet in its final form. The decryption functionality, for example, is not completely implemented. Because the decryption routine is not called anywhere inside the code, victims will surely not be able to decrypt their files, even if they pay the ransom.” –Nasty.
Using a Safe Site Checker Browser Extension is a Smart Move
As these bad actors get smarter, users must likewise evolve. Among the simplest and most effective ways to not get burned is by installing a safe site checker that guarantees safe browsing. These real-time threat assessors alert you to sites that have been flagged, and then warn you – Red, yellow, or green. The rating system is based on algorithms, of course, but it’s also a kind of community. You are encouraged to report suspicious things as are millions of other users. With hundreds of millions of eyes keeping watch out for each other, plus advanced software that blocks ads and ferrets out phishing schemes, a safe site browser extension adds an extra layer to your defenses.
An interesting (if that’s the right word) development in hacking has to do with the rise in “fintech:” a portmanteau of “finance” and “technology.” In short, we’re all buying and selling a lot more on the internet, and huge segments of the population that once viewed online purchases as “risky,” now engage in them regularly. Naturally, more fintech means more fintech crimes, which are skyrocketing. As IBM put it in a 2020 report: “Faster payments equal faster crime. Financial institutions and banks are under immense pressure to supply such real-time, enhanced experiences, and to support multiple new suppliers and service options. In the rapid rise of new payments vendors and identification systems, non-traditional identifiers are being used, for example, personal IDs … cellphone numbers, or email addresses. Yet non-traditional identifiers and novel functions can facilitate the creation of synthetic identities and fraudulent transactions. While criminals exploit the safety gaps, many incumbent anti-fraud systems can’t pinpoint or prevent the new crime vectors.”
The Need for “Safe Browsing” is Real. You Are a Target.
In plain English: with more online payment options available now than ever, it’s becoming a whole lot easier for bad guys to trick you into handing over data and money. But, with the collaborative system used by site safety check browser extensions, one report of a bad actor is all it takes for the red flags to go up. The need for “safe browsing” is real, and the web security experts aren’t being hyperbolic. There are reams of stats showing how common – and lucrative – cybercrime has become, but many miss the fact that estimates say some 80% of breaches, malware, and ransomware attacks could have been prevented with “basic actions.”
So many cling to the notion that they’re not targets for cybercrime. “I don’t have any data or millions to steal! Why come after me?” Michael Trask, President at Xxtreme Cloud Solutions warned us back in 2017 that those days were over. Writing on LinkedIn, Trask noted, “Perhaps the thinking is they are only a small fish in a big ocean and not a very big financial fruit to be harvested. Years ago, that may have been the case … However, today things have changed a lot.” He went on to describe what has now become a top concern: ransomware. “Many times, they use a technique called crypto viral extortion which will encrypt a company’s data making it inaccessible,” Trask continued. “The extortionist will put a short timeline of maybe one or two days before the encryption key is lost forever along with all of the company’s data.”
And guess how ransomware gets on your computer in the first place? By clicking on a “malicious ad” (termed ‘malvertising’) that may appear on a legitimate website. You’re then redirected to a site – again, that looks real – and the deed is done. An “exploit kit” starts scanning your system for any way in. When a vulnerability is found, the exploit kit injects a ransomware attack into your computer.
All of this can be stopped by installing a simple browser extension that does real-time scans and warns you of imminent danger. Internet evildoers have upped their game…have you?