Social Engineering

Thursday, July 12, 2018

A lot of scams and online hoaxes can be avoided with a few fundamentals in security, using common sense, and being extra cautious.

Often the old adage applies, that “If an offer appears too good to be true, it probably is.” So if someone says you won a lottery or they are a beautiful model and want to date you and need you to visit a link to get verified to meet up then don’t fall victim to click-bait, otherwise you may get a flooded email inbox full of spam.

Phishing, is a type of email scam that attempts to retrieve bits of information from the target to breach or cause mayhem and commit fraud. Often scammers use a sense of urgency, intimidate through threats or fear, and use social engineering which may be making you think they are someone friendly or one of your connections you may know. They try to get you to take immediate action by maybe responding to an email or clicking a link or filling a fake form. Often these types of scams have a few common characteristics such as being urgent, provoking curiosity, sounding like they are from an official organization, may redirect your info toward the attacker’s personal email, has mistakes in spelling, requests personal info, has a weird tone that may not sound like the person that they are trying to impersonate, may use generic greetings or salutations. And the From and Reply has two different emails with one possibly being a personal email.

Experts recommend if you get a strange or unusual email that you shouldn’t try to read the contents of any attachments. Only open expected attachments. Also they recommend that basic security and situational awareness about using email is important. Be aware of what you’re doing in the email and slow down so that you don’t make mistakes or that the computer when it does autocomplete, that it doesn’t send information to incorrect email addresses and also to be careful to not to use reply all if you’re not trying to send an email to every on the recipient list so that you can limit the audience.

Some of this information was also given and narrated by Lance Spitzner.

If you use online services be sure to log off at the end of the session to kill any open sessions so that you don’t leave a vulnerable opening. Be careful of plugins. Plugins can destabilize and otherwise stable program if not programmed properly.

Some browsers have a warning banner when you visit certain sites which have been flagged or have invalid certificates. This means a site could be dangerous.

Another thing to be away about is mobile security. For smartphones, don’t lose it. Losing a phone or misplacing it is more likely to  happen than to be stolen. They also recommend using a screen-lock. Make sure to use the latest operating system and keep it updated. Consider buying a new device if it no longer supports the latest operating system or basic app updates.

Only get apps from official sources and only ones truly needed. Look at app reviews, how many people use it as well as app permissions. If you can, then disable the excessive permissions. Keep apps up to date. Using Jailbreak / Root is potentially dangerous. It could void a warranty. Disable Wifi & Bluetooth to save energy and prevent intrusions. Enable remote wiping if lost or stolen.  Be careful what you store on your mobile device. Report stolen devices.

For passwords they recommend you use long passphrases, different password for each account. And you may also consider using a password manager.

Two Factor Authentication or 2FA should be also be enabled to prevent someone from hacking your account easily. Make sure to change your password ASAP after you discover a breach.

Beware of using the cloud. Once it’s on the cloud it’s not really private. Use screen lock. Secure any devices also with a physical lock or use a cable. Use encryption technologies. Be careful of using removable media. Don’t browse internet as root or be logged in as root or elevated privileges. Instead, log in as a normal user and elevate to root as needed. Get rid of records only when no longer needed.

Make sure if you are trying to use a website to be aware of options like HTTPS & VPN. Don’t disable security protections that are set. Also don’t plug bad compromised devices into good ones.

Insider threats are people working inside an organization and may purposely infect or take out physical items. Some suspicious activity may include asking for inaccessibles, bypassing policies, transmitting large files out that may not need that: data to USB, cloud, physical boxes, remote access at strange hours, or coming in early or late past time, accessing accounts not normally doing.. changed behavior, need to know & review on regular basis… store as required. Only allow access to certain people. Don’t share passwords.