What is phishing?
“Phishing is a form of fraud in which an attacker masquerades as a reputable entity or person in email or other communication channels. The attacker uses phishing emails to distribute malicious links or attachments that can perform a variety of functions, including the extraction of login credentials or account information from victims”
- “Problem with your account, please click/download the/from link
- You won a title of a meme lord, please follow the link to get your prize!
Social Media Phishing
HOW NOT TO BE A VICTIM OF PHISHING?
Ultimate Rule – If it is too good to be true, it probably is.
This applied to everything you see online. Even things which are not malicious, are considered to follow some other goal. Marketers use it all the time and I am 99% sure you saw them a lot, for example:
- Free Ebook
- Free MP3
- Subscribe and download/win/get
- Free Lessons
- Free PDF
I am not saying you will not get what they are selling, but you might get a virus with it, and some fake or useless information as well.
I clicked the link and downloaded a Malware because I do not pay attention to anything and do not care about my online security, what now?
Well… I am glad you asked! Malware has different categories:
There are 3 most popular ones:
All these can be attached to a file you downloaded and/or installed which allows the attacker to do anything he wants with your information and computer. This is not a joke, imagine the private information you have on your PC can be obtained. I suppose I will provide hacking instruction in one of my upcoming articles. Something not very harmful.
What can hackers do with my Information?
Please remember that we are living in an age of information, this, therefore, means that information is the most valuable resource nowadays. With enough information, knowledge, and data very good things can be done, as well as bad things. As we are discussing social engineering, phishing, and human hacking, the information that these attackers are obtaining is mostly harmful to companies and us, simple peasants…
The information that you can lose can be used for taking control over your social media, your private pictures which allow the attackers to blackmail you and your loved ones. Another side of the medal is to sell this information to someone who will exploit your accounts.
By gaining access to your emails, the attacker can get almost any kind of information, because he can recover almost any password of any account your email is used for. If it is a working email, then all the working private information can be obtained by again, exploiting the email or reading the email you wrote before.
Remember you did those scans of your passport and your credit card for a visa to Russia? I suppose they are still on your computer, which means I have your identity and bank information. Imagine what can be done now? I can commit a crime online, buy anything I want, including your credentials and it WILL BE YOUR FAULT!
How can I protect myself from Social Engineering?
- If it is too good to be true, then it is
- Healthy level of skepticism/paranoia
- Safe complicated passwords
- Double verification of accounts
- Different passwords for your accounts
- Backups of your files
- Do not share nudes with strangers
- Do not trust strangers
- Question everything (This is how I lost all my friends because I became super annoying and now I am super lonely and have no friends, and no one likes me but hey, at least I am safe in this void of darkness)
>mfw be me