If we talk about ‘bots’ you’d be forgiven for thinking of the amazing AI chatbots that have been all over the news lately. But this isn’t a good news story. Bots are just automated programs, and bot malware is a worrying new security risk you need to defend your business against. Malware bots are particularly dangerous because they steal whole user profiles – that’s a complete snapshot of your ID and settings. This potentially allows cyber crooks to bypass strong security measures like Multi-Factor Authentication (MFA). Usually, if a criminal steals your username and password, they still can’t access your account because they don’t have access to your MFA authentication method. But with your whole profile available to them, using your cookies and device configurations, they can trick security systems and effectively switch off MFA. Once profile information is stolen, it’s sold on the dark web for as little as $5. And it’s not even super-sophisticated cyber criminals deploying this technique. Just about anyone can obtain your details and use them for phishing emails, scams, and other criminal activity. Since 2018, 5 million people have had 26.6 million usernames and passwords stolen, giving access to accounts including Microsoft, Google, and Facebook. All this means there are things you need to do – right now – to keep your profiles and your business protected from bot malware.
- Update your antivirus software and keep it on at all times.
- Use a password manager and Multi-Factor Authentication to keep your login credentials safer
- And encrypt all your files so that, if anyone does access your profile, there’s very little to steal.