Social Engineering Exploits Are Like Bad MEMES

One of my favorite (worst) things my paranoia likes is trusting people. It feeds from all the stuff I see and read on the all mighty internet every day, see in the news and experience in my own life. Topic: Social Engineering a.k.a. Human Hacking. It is an art of manipulating people into doing the things you want them to do, also involves programming people to give up sensitive information or gaining their trust in order to exploit them and their lives further in life. Some Social Engineering methods can include special software, fake programs, whoring, phishing etc. I will attempt to tell you (My paranoia will try to tell you) how to protect yourself from becoming a victim of social engineering. So here is the main antivirus to protect yourself is YOU!
The reason I like Social Engineering is that there is no protection against it except your own knowledge and a healthy level of paranoia. You have to train your gullibility if you have not done it yet… Because no one will do it for you!

Phishing

What is phishing?

Image result for phishing“Phishing is a form of fraud in which an attacker masquerades as a reputable entity or person in email or other communication channels. The attacker uses phishing emails to distribute malicious links or attachments that can perform a variety of functions, including the extraction of login credentials or account information from victims”

Great examples of this type of Social engineering technique are the email which we love so much. You know what I mean? The Saudi Arabian prince who searched for someone to send his millions to, or the free subscription you won for P0rnhub… I think that the last one was a real email…
Moving on!?!?!
 So the core if this Social Engineering method is to pretend to be someone you are not, usually it is a person of authority (President, prince, banker, lawyer, police) who sends you an email with a great story and instructions. The recent popular one was the “Ebola email exploit” who was passing around information to people so they would be aware of the problem, which had a link to a malicious website with a virus.
In Phishing attempts, the attacked tries his best to distribute the emails in order to boost the open rate of the emails. The second thing the attacker focuses on is to have a believable message in the email in order for the victim to take action, which most of the time means to follow a link to a malicious website or to download a malicious file.
The popular ones include messages such as:
  • “Problem with your account, please click/download the/from link
  • You won a title of a meme lord, please follow the link to get your prize!

Social Media Phishing

Very popular Social Media Phishing technique is to share a link on Twitter or Facebook which has a catchy title and an intriguing image attached to the link. Usually, this link (usually cloaked) leads to another website which has a malware.
Katty Perry phishing post
The reason this works is because we are brainwashed by the media and guys have enough blood pressure to send blood to one head at a time. Anyway, this attack works in a domino effect, because the malicious link/software will use your social media account to share/send the same link so more people would click on it and infect their devices, and so on.
From the same department is “Whoring”, of pretending to be someone else, such as an attractive girl (most popular) in order to obtain sensitive content which later can be used for blackmail, or sold on the darknet. Storytime:
I personally saw an ONION WEBSITE  which was selling nudes if guys and girls. There were over 26 000 social media accounts from Facebook, VK, and Instagram which were all real, and were selling nudes of each account. All these people (mostly girls) were exploited, scammed, hacked, whored which lead to the attacked actually obtaining/getting their private photos and then selling them for cryptocurrency on the darknet. All real, no jokes, no hoax…

HOW NOT TO BE A VICTIM OF PHISHING?

too good to be true

Ultimate Rule – If it is too good to be true, it probably is.

This applied to everything you see online. Even things which are not malicious, are considered to follow some other goal. Marketers use it all the time and I am 99% sure you saw them a lot, for example:

  • Free Ebook
  • Free MP3
  • Subscribe and download/win/get
  • Free Lessons
  • Free PDF

I am not saying you will not get what they are selling, but you might get a virus with it, and some fake or useless information as well.

I clicked the link and downloaded a Malware because I do not pay attention to anything and do not care about my online security, what now?

Well… I am glad you asked! Malware has different categories:

virus trojan worm

There are 3 most popular ones:

  1. Virus
  2. Trojan
  3. Worm

All these can be attached to a file you downloaded and/or installed which allows the attacker to do anything he wants with your information and computer. This is not a joke, imagine the private information you have on your PC can be obtained. I suppose I will provide hacking instruction in one of my upcoming articles. Something not very harmful.

What can hackers do with my Information?

Social Engineering Hackerman

Please remember that we are living in an age of information, this, therefore, means that information is the most valuable resource nowadays. With enough information, knowledge, and data very good things can be done, as well as bad things. As we are discussing social engineering, phishing, and human hacking, the information that these attackers are obtaining is mostly harmful to companies and us, simple peasants…

The information that you can lose can be used for taking control over your social media, your private pictures which allow the attackers to blackmail you and your loved ones. Another side of the medal is to sell this information to someone who will exploit your accounts.

By gaining access to your emails, the attacker can get almost any kind of information, because he can recover almost any password of any account your email is used for. If it is a working email, then all the working private information can be obtained by again, exploiting the email or reading the email you wrote before.

Remember you did those scans of your passport and your credit card for a visa to Russia? I suppose they are still on your computer, which means I have your identity and bank information. Imagine what can be done now? I can commit a crime online, buy anything I want, including your credentials and it WILL BE YOUR FAULT!

How can I protect myself from Social Engineering?

  1. If it is too good to be true, then it is
  2. Healthy level of skepticism/paranoia
  3. Safe complicated passwords
  4. Double verification of accounts
  5. Different passwords for your accounts
  6. Backups of your files
  7. Do not share nudes with strangers
  8. Do not trust strangers
  9. Question everything (This is how I lost all my friends because I became super annoying and now I am super lonely and have no friends, and no one likes me but hey, at least I am safe in this void of darkness)

>mfw be me

>Be safe

The Doomsday Clock – Two and a Half Minutes to Midnight

Nuclear Bomb

Doomsday Clock 2017

The Doomsday Clock isn’t an actual clock as the name suggests it to be. It’s not a clock that will perfectly predict when humanity will face a global catastrophe. Instead, the Doomsday Clock is a symbol which represents the likelihood of a global catastrophe. There are many questions someone may have after finding out about this clock. Why do we have a Doomsday Clock and who created it? How does the Doomsday Clock work? Can we trust the Doomsday Clock?

Why do we have a Doomsday Clock?

The first appearance of the Doomsday Clock was on the cover of the first edition of the Bulletin of Atomic Scientists magazine. The Bulletin of Atomic Scientists was developed in 1945 by concerned scientists that worked in the Manhattan Project which was the project that developed the first atomic bomb. The scientists developed this magazine because they felt morally responsible to inform and warn the public about the possible catastrophic consequences of their creations. Back then it was only about nuclear bombs and nuclear accidents but through the years the Bulletin has included other factors that could also cause a global catastrophe such as global warming, bio weapons or cyber security.

How does the Doomsday Clock work?

The symbol of the Doomsday Clock itself was created by Martyl Langsdorf, wife of Alexander Langsdorf Jr. which was one of the Manhattan Project scientists. The Doomsday Clock debuted at 7 minutes to midnight. There was no real reason why it was put at that time. Martyl Langsdorf herself said, “It seemed the right time”. However, the Doomsday Clock that we know today isn’t arbitrary. The clock will always show the hour hand at zero or twelve and the minute hand will always show the minutes to midnight. The closer the minute hand is to midnight the more likely it is that there will be a global catastrophe. The Bulleting announces the Doomsday Clock every year. This year they announced that it is two and a half minutes to midnight. This is the closest we’ve been to midnight since the year 1953 when the US and the Soviet Union started developing and testing hydrogen bombs.

Doomsday Clock Timeline

What does two and a half minutes to midnight mean?

This does not necessary mean that you should have your apocalypse kit ready at any moment or that you should go buy such kits. This means that the current situation the world is facing at the moment can have disastrous consequences, especially if we don’t try to do anything about it. The Doomsday Clock come together with a statement that shows why the clock is at a given time. What is interesting about this year’s statement is that they included the political situation in the United States of America, in other words President Trump and his cabinet. This doesn’t mean that the Bulletin is a bunch of liberals trying to “attack” Donald Trump’s presidency. The reason he is in the statement is because of the way he and his team talk about climate. As you may or may not know president Trump and his team haven’t officially recognized climate change caused by human activity and I don’t believe they will do anytime soon. This behavior towards climate change will most probably stop or slow down any progress we’ve made these past few years. The Bulletin also saw this behavior towards climate change coming from other international leaders which make the matter even more serious. In addition, reckless language by international leaders was also mentioned in the statement. This obviously makes sense, communication between countries is extremely important.

We are already our third month into the year so we can all hope this year goes by as quickly as possible. At the same time, we can also hope the international leaders open their eyes to what is climate change. This is the one thing that I’ll never understand, the 2017 Doomsday Clock Statement could not have said it better, “Climate change should not be a partisan political issue”.

Want to know more about the Bulletin of the Atomic Scientists?
Visit their website: http://thebulletin.org/