-
""

Securing your digital kingdom

14 August 2024

Please note: Barclays Private Bank does not endorse any of the companies or individuals referenced in this article.

These days, your true wealth extends far beyond traditional assets. In addition to your investment portfolios and estate, criminals are eyeing up a different type of target – your sprawling digital kingdom.

Every online account, every purchase, even that holiday photo you shared publicly – it all adds up. And this footprint, while seemingly innocuous, can be as valuable (and vulnerable) as your cash, making you a prime target for cybercriminals. 

That's the reality for many of us in today’s digital age, and for high-net-worth individuals, the stakes are even higher. 

Yet, this article isn't here to scare you (even if you feel like your online life is an open book); it's about giving you the upper hand. In it, we'll break down the growing threat of ‘stealer malware’ – nasty viruses that steal your info – and show how even the most innocent online activity can be used against you. But fear not. We'll also provide battle-hardened strategies and techniques to keep your digital life locked down tight.

What is a digital footprint? 

Before we dive into stealer malware, what is a digital footprint? Think of it like a trail of breadcrumbs you leave online every time you sign up, download, click, shop or browse.

These crumbs might seem harmless – who cares if someone knows you like cats or what your favourite sports team is? But for cybercriminals these crumbs can be like gold. They can use them to piece together a surprising amount about you – like your interests, habits, travel patterns and maybe even your log-in details.

“Every time you sign up for something online, consider the data you’re sharing,” says John Brown, Senior Account Manager at XCyber®, a cybersecurity firm specialising in protecting individuals and businesses from advanced cyber threats.

What is stealer malware – and why should I care?

A stealer malware is essentially a malicious programme (think of it as a digital burglar) that infects your device and steals your sensitive information, like usernames, passwords, browsing history, and even financial details.

“The biggest up-and-coming cyber threat today is stealer malware,” warns Brown. “They can steal everything on your machine.”

Often installed through malicious downloads, phishing emails, or even infected USB drives, they lurk silently in the background, and are virtually impossible to detect.

The ultimate aim of the cybercriminals is to access your bank accounts or investment portfolios. But the damage can go beyond finances, potentially impacting your personal life through reputational ruin caused by a data breach.

“This stolen information can also make its way to a hidden part of the internet (the dark web) where data breaches have become big business. Here, this information can be traded and used for further attacks,” says Brown.

“Machines infected with stealer malware can also act as gateways into other devices, highlighting the interconnectivity of cybersecurity risks. Think about it: if your device is compromised, it could become a launching point for attacks on others in your network.”

What does a cyber-attack look like?

Not all cyberattacks – the initial stages at least – are as high-tech as you think. In reality, a lot rely on basic trickery to gain access and gather your sensitive information. 

It could be a phishing email – emails that can look official but often when you read them, you notice there’s something about the language or tone that feels off. These ‘phishing’ emails try to lure you into clicking bad links, signing into accounts or downloading attachments with malware all to gather your information.

“Criminals may use information gleaned from your digital footprint to craft personalised attacks that appear more trustworthy,” warns Brown. “This social engineering tricks people, including colleagues and associates, into clicking malicious links or opening attachments.”

Or it’s a dodgy website, often with typos in the address, and weird pop-ups bombarding you, asking for far too much information than you would typically share. “While some are easier to spot than others, a well-designed fraudulent website can today look almost identical to a legitimate one,” adds Brown.

It could even be those mystery login attempts to your accounts from a device or location that you don’t recognise – don’t just brush it off, as it could be a sign someone is trying to sneak in. In such instances, you should change your passwords immediately.

Cybersecurity 101 – protecting yourself online

Being smart online is your ultimate weapon against stealer malware and a whole host of cyber dangers:

  • Always think and be cautious: Don't fall for phishing attempts. Avoid suspicious links, attachments, and double-check website addresses before entering any personal information. If in any doubt, don’t click. Never share sensitive information like your PIN numbers or two-factor authentication codes, especially with unknown individuals.
  • Review your passwords: Use unique, strong passwords for all your accounts. Multi-factor authentication is also your ally – enable it whenever possible for an extra layer of defence.
  • Keep software updated: Always keep your operating systems, browsers, and security software updated – as these updates often contain crucial fixes to protect you from new malware threats, including stealer malware.
  • Use public Wi-Fi with caution: Remember that while public Wi-Fi is a convenience, it shouldn’t be used for sensitive activities like online banking. “Public Wi-Fi can be exploited by cybercriminals to intercept your data and steal your personal information,” warns Brown. “If you must use it, a Virtual Private Network (VPN) encrypts your internet traffic, adding an extra layer of security.”
  • Share only what’s essential online: Limit the personal information you share online, and regularly review your privacy settings on social media platforms. Less is more when it comes to your digital footprint. 

“In today’s digital world, cybersecurity is no longer optional, it’s essential,” emphasises Hannah Rodden, Fraud Awareness Manager at Barclays. “By following these steps and staying informed about the latest online threats, you can significantly reduce your risk of falling victim to stealer malware and other cyber threats.”

Disclaimer

This communication is general in nature and provided for information/educational purposes only. It does not take into account any specific investment objectives, the financial situation or particular needs of any particular person. It not intended for distribution, publication, or use in any jurisdiction where such distribution, publication, or use would be unlawful, nor is it aimed at any person or entity to whom it would be unlawful for them to access.

This communication has been prepared by Barclays Private Bank (Barclays) and references to Barclays includes any entity within the Barclays group of companies.

This communication: 

(i) is not research nor a product of the Barclays Research department. Any views expressed in these materials may differ from those of the Barclays Research department. All opinions and estimates are given as of the date of the materials and are subject to change. Barclays is not obliged to inform recipients of these materials of any change to such opinions or estimates;

(ii) is not an offer, an invitation or a recommendation to enter into any product or service and does not constitute a solicitation to buy or sell securities, investment advice or a personal recommendation; 

(iii) is confidential and no part may be reproduced, distributed or transmitted without the prior written permission of Barclays; and

(iv) has not been reviewed or approved by any regulatory authority.

Any past or simulated past performance including back-testing, modelling or scenario analysis, or future projections contained in this communication is no indication as to future performance. No representation is made as to the accuracy of the assumptions made in this communication, or completeness of, any modelling, scenario analysis or back-testing. The value of any investment may also fluctuate as a result of market changes.

Where information in this communication has been obtained from third party sources, we believe those sources to be reliable but we do not guarantee the information’s accuracy and you should note that it may be incomplete or condensed.

Neither Barclays nor any of its directors, officers, employees, representatives or agents, accepts any liability whatsoever for any direct, indirect or consequential losses (in contract, tort or otherwise) arising from the use of this communication or its contents or reliance on the information contained herein, except to the extent this would be prohibited by law or regulation.