Sunday 1 December 2019

Social Engineering

Just adding to this topic as this is pretty accurate!







With the Christmas season upon us, this topic is gold. There are tons of scams, emails, fake ads, you name it. Everyone wants your money, especially the scammers.

Social media platforms are a hotbed in this season. Beware and watch closely on what you are clicking on, and/or purchasing if you buy off of social media.

Here’s a nice blurb from KimKomandoabout Facebook and other social media sites.

Thistactic is employed daily, in many different ways. From blatantly obvious, to so subtle that it is very hard to catch. This is a topic that can take pages and pages to explain. But hopefully you can understand the basics of it. There are many different types that are used, below are just a short few:

Phishing

Spear Phishing

Smishing

Impersonation


Social engineering has been around a long time, in many forms. So much that most people don’t even recognize that they’ve been a victim in a social engineering tactic. The most common form is usually when a user clicks on a pop-up ad or another form of a malicious link on a web page. Sometimes, you click, and boom... your computer is locked up and there is only a pop-up window saying to call this phone number to fix it. There are some that will call, and even worse, will give full remote access to their computer in order to “fix” it. This usually leads to a scammer installing malwareof sorts for them to gain back-dooraccess to your computer at any other time. Some even worse will provide credit card information etc. Yikes! Allowing remote access to your system is THE worst thing you could ever do! (especially to someone you do not know)

The Facebook platform becomes an epicenterfor social engineering. You know all those “what kind of cheese are you” posts? Or the ever-popular “can this Pic get 2000 likes? Well, guess what? Someof those posts are a “phishing” technique. Most of those posts, as soon as you click on them, you are allowing the poster access to your profile. Where it can give that person access to your friend's list, which in turn can start a snowball effect of data collection. It can be a little complicated to explain, but that is the gist of it. Also, never respond to any direct message from any facebook retailer, some can be pretty slick when they talk to you directly! Also, NEVER use your real credit card when purchasing off of social media, there are many options out there. PayPalis one of the best. But re-loadable Visa/MasterCard's are good as well.

Snap chat and Instagram is two other social media apps that people give away their information so readily, thinking they are making friends, etc. There are literally tons of people out there collecting all your data, email addresses, usernames, etc. And they, in turn, get bundled up and either sold for advertising purposes or used maliciously to help the party gain access to games, credit cards, or any number of other items out there that one may be fascinated with. Don’t get me wrong, not all social media is bad, it is a great thing to use and have if used properly. Use the security settings that those platforms provide for you. Make sure only friends can see your posts, pictures, and profile. In this day and age, you should NOT have your profile set as full public access for any reason.

The most popular Phishing technique is used via email. Everyone gets them, most are noticeable and people just trash them or report them as spam. But every once in awhile the odd one will get through that looks legitimate. It may contain your information, anywhere from your local grocery store, to your bank info. Most of the time they will say there has been a change in your personal data and you need to click on the link listed to verify or correct such information. Well, once you click that link, the whole process has started again. You have just verified that you are indeed a customer of such content and the link you just clicked will more than likely take you to a fake page (that may look very real) and you input everything you are ask too, thinking you are doing what your bank, store, or whatever has asked. These links will also 75% of the time install Malware {we will discuss in a later post} which provides hackers back doors links to your PC and all it’s data.

There are many aspects and variations of social engineering, that it is getting hard to keep up, and to realize what may or may not be trickery! Don’t forget the golden rule – What sounds too good to be true, probably is.

Feel free to read more:

Social Engineering on Wiki

Here is another good read on some prevention techniques: MUO

Sevenowl

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

ChatGPT, How fun it is.

 Below is an article regarding ChatGPT, and is written by ChatGPT with some of my own input. Enjoy. Exploring the Capabilities of ChatGPT In...