We live in a digitally connected world. And for the most part, this has made our lives immeasurably better. Advances in technology have enabled everything from on-demand gaming to remote medical consultations. Incremental innovation keeps us safer, happier and more productive. But inevitably, there are also drawbacks, with cyberthreats being an inherent consequence of our interconnected, technology-driven world.

Wherever there’s money to make and people to scam, cybercriminals won’t be far away. That makes awareness-raising initiatives like Cybersecurity Awareness Month (CSAM) in the US and Canada, as well as European Cybersecurity Month, so important. Whether you’re a still at school or full-time employed, single or married, baby boomer or Gen X, Y or Z – cybersecurity matters.

Why are we vulnerable to cyberthreats?

We’re surrounded by technology today. In fact, we’ve come to rely on it. Just try living your life without internet connectivity for a day and see. That should be a concern, not just in terms of what might happen if hackers manage to disrupt the services on which we rely, but in terms of the access we may unwittingly grant them to our most sensitive data and finances.

But why are humans so vulnerable to cyber-threats? Consider the following:

  • We’re social creatures: Social media is a global phenomenon, attracting nearly five billion users worldwide. But social sites are also a hotbed of too-good-to-be-true scams and phishing links – some of which are shared by our friends, or hackers who have hijacked their accounts. We’re more likely to trust this content, and fall for the scam.
  • We believe what people tell us: Part of being a social creature means wanting to believe what other people tell us, especially if they claim to be someone of authority. This is why social engineering is such a popular tactic for cybercriminals and fraudsters. Deployed primarily in phishing messages, the end goal is usually to trick the victim into handing over their logins, personal information or card details, or getting them to click a link which could download malware to your machine or device. They won’t just impersonate a figure of authority but may also use pressure techniques to rush a decision we know we shouldn’t make.

The same tactics are at play in tech support scams, where fraudsters call us on the phone pretending to help solve a non-existent IT problem. Or romance fraud and investment scams, where our better nature is manipulated by scammers to extract money from our online accounts.

  • We’re mobile: Most of us now own a smartphone or tablet. But this opens us up to yet more cyber-risk. We’re typically more distracted on these devices, as we may be out and about or talking to others at the same time. That means we could be more likely to click on phishing links and/or download malware. Also, fewer of us protect these devices with security software.
  • We’re surrounded by smart technology: The digital revolution has also spread to our homes in the form of smart everything. TVs, refrigerators, security cameras, speakers – you name the appliance and you can usually buy a version which is connected to the internet and sports a computer chip for processing data. The problem is that if it’s connected and digital, it can also be hacked. Hackers could theoretically hijack our smart devices to launch attacks on others, or to get inside our home networks, and from there target our personal information and online accounts.
  • We make mistakes: Humans are social, but we’re also fallible. That means we don’t always choose strong and unique passwords, instead opting for ones that are easy-to-guess or crack. Or else we share the same credentials across multiple accounts, so that if one is compromised, hackers could theoretically access them all. We may also forget to update our machines and devices with the vital patches that manufacturers release to keep them secure. And, or course, we fall victim to phishing attacks and scams on a frequent basis.
  • We trust others to guard our most sensitive data: Even if we secure our devices and online accounts, what happens to the personal and financial information we entrust with our insurer, healthcare organization, bank, cloud storage provider or other business? Unfortunately, many of these organizations are struggling to manage rising cyber threats to their own IT systems. If they are compromised, then so too may be your data. One recent study found 2022 was a near-record year for publicly reported data breaches in the US, with over 422 million downstream victims.

These organizations may have their customer databases accessed and stolen. Or hackers could find a way to embed info-stealing malware on website payment pages, to steal your card details as they are entered (aka digital skimming). Unfortunately, fallible humans also work at the organizations many of us put our faith in to keep our data secure.

What’s the worst-case scenario?

The impact of the above should be obvious to anyone who has ever suffered a serious cyberattack. It could include:

  • Loss of access to your devices/machines (if they become compromised with malware)
  • Loss of access to your social media accounts
  • Financial loss due to stolen card details or scams which trick you into sending money/buying fraudulently advertised items
  • Psychological distress from suffering a breach or scam
  • Time and money spent trying to reclaim fraudulently obtained funds
  • The administrative burden of regaining access and resetting account passwords across multiple accounts
  • Physical danger, if smart home security cameras and child monitors are hijacked

The scale of some cybercrime categories is astonishing. Investment fraud was the highest grosser last year, netting criminals over $3.3 billion, according to the FBI. Tech support scams ($807 million), personal data breaches ($742 million) and romance fraud ($736 million) were also big earners.

How to stay safer online

With this in mind, we all need to think more carefully about how we stay safe from cybercriminals and fraudsters, so consider at a bare minimum the best practices advocated by the CSAM:

Keep in mind that cybersecurity awareness is a year-round affair as well as that multi-layered security software from a reputable provider will go a long way towards keeping you safe. Let’s work together to build a more secure digital world.