Vulnerabilities Lead to Security Breaches Online
Vulnerabilities Lead to Security Breaches Online

Submitted by q2tech on April 11, 2019

The holidays are over, but that doesn’t mean cyber criminals have stopped trying to gain access to your online accounts and personal information. To them, it’s a full-time job. A couple of recent program attacks show they that don’t intend to take any time off from attacking your personal and financial information online.

Recently Fortnite, currently the most popular game app for children and adults, experienced such an attack. A cyber security company, Check Point Technologies, has recently discovered a vulnerability with respect to how the players of Fortnite authenticate and log on to play. Authentication is simply the verification of a program that wants to know that you are who you say you are. Every time you enter a username with a password, that is authentication. It was discovered that attackers can possibly gain access to a player’s account and therefore have access to that player’s virtual currency used in the game, as well as any personal information (such as a credit or debit card number) associated with that player.

The producers of Fortnite, Epic Games, has fixed the problem. But they cannot say how long this vulnerability has existed before now. You can read more about this attack here.

Another attack, closer to home, recently occurred at Wichita State University. Employees were targeted with phishing emails which resulted in the cyber criminals gaining full control of personal data and banking information for three of the employees. Learn how they did it here.

Both attacks describe above used a scam called phishing. A phishing email is the fraudulent practice of sending fake emails, representing a reputable or known company, to get individuals to reveal personal information, such as passwords and credit card numbers.

It’s important to recognize the clues of phishing:

  • Do not click on any unrequested or unrecognized web links. Be aware that any link from a secure site will have “https” at the beginning of the web address.
  • Never click on a link unless you know where it will take you.
  • Look at the web address or link–it may contain a misleading name or domain.
  • The offer seems too good to be true, it probably is.
  • If you’re asked to send money or reply with personal account information.

It’s also a good practice to use two-factor authentication when using cloud-based applications, such as online games, social media, or any web site with financial account information. It’s one more advantage in your arsenal for protecting your online activity. For more information on two-factor authentication, read about it here.