It’s the end of 2021, so I’d like to take some time to reflect on the significant security-related stories of the past year.
In 2021 we learned a great deal about the SolarWinds attacks, which were detected in December of 2020. The suspected Russian hackers behind the attack targeted multiple government agencies, thousands of private businesses, and other organizations that used SolarWinds Orion software.
Earlier this year, Microsoft warned that the hacking group, known as Nobelium or Cozy Bear, returned. This time, Microsoft says the group was trying to disrupt the global IT supply chain by attacking resellers and technology providers that help customers manage and deploy Microsoft’s cloud services.
Ransomware was a problem for United States government agencies, and businesses across various industries, from water systems in the United States to payroll companies. At the end of the year, Microsoft even warned that an exploit paved the way for state-sponsored hackers from China, Iran, North Korea, and Turkey to launch ransomware attacks.
Phishing was another headache for security personnel. With many employees working from home, the environment was ripe for people to click on nefarious links in emails and spread malware.
To avoid getting caught in phishing, hacking, and other attacks, we recommend using any of our top picks among antivirus solutions. Some of you pushed back pretty hard against using third-party antivirus in the comments of this article, going as far as accusing me of taking kickbacks from Norton. I can assure you that’s not the case—our tests showed the built-in antivirus Microsoft Defender Antivirus does not provide the total protection found with many third-party options, even the free ones.
The best antivirus has excellent phishing protection. PCMag’s lead security analyst Neil J. Rubenking noted Defender received poor scores for phishing protection but also remarked that Defender was an adequate fallback.
Whatever you choose to do regarding antivirus protection, make sure to stay vigilant. Having excellent antivirus protection does not give you carte blanche to click on links from emails residing in your spam folder or visit unsecured websites. Common sense is a form of antivirus protection too.
Like what you’re reading? You’ll love it delivered to your inbox weekly. Sign up for the SecurityWatch newsletterSign up for the SecurityWatch newsletter.
4 Post-Holiday Shopping Security Tips
Cybercriminals don’t take time off during the holidays. The busy online shopping season is like catnip for hackers, who are happy to steal your money and information while you’re browsing the post-holiday sales.
Here are some tips to stay safe in the new year:
Use credit cards. Debit cards are the same as cash, meaning that when someone steals your money, it’s likely gone for good. Credit card users have better protection against fraud than debit card users.
Visit secure sites. Make sure that any sites where you’re using your credit card are legitimate. A telltale sign is a locked padlock icon in the address bar. If you don’t see that, the site is not secure.
Use a password managerpassword manager. Use unique, strong passwords all around the web, and make it easy on yourself by using a password manager. Most password managers are encrypted vaults that store not only logins and passwords, but also other sensitive information you use online, like credit card numbers.
Get fraud alerts. Sign up through your bank or credit card processor to receive alerts of suspected fraud. Your institution may let you set your account up to block charges or receive emails or text messages for charges exceeding a certain amount.
