How hackers exploit ‘the seven deadly sins’


hackers : ehack

hackers : ehack

The phenomenon of “social engineering” is behind the vast majority of successful hacking.

This isn’t the high tech wizardry of Hollywood but is a good, old-fashioned confidence trick.

It’s been updated for the modern age, and although modern terms such as “phishing” and “smishing” are used to describe the specific tricks used, they all rely upon a set of human characteristics which, with due respect to Hieronymus Bosch, you might picture as the “seven deadly sins” of social engineering.

Apathy:

To fall for a confidence trick, or worse, we assume others “must” have taken the necessary steps to keep us secure.

Sadly this leads to a lack of awareness, and in the world of the hacker that is fatal. When we stay in a hotel and we programme our random number into the room safe to keep our belongings secure, how many of us check to see if the manufacturers override code has been left in the safe?

It’s nearly always 0000 or 1234 so try it next time.

Continue reading the main story

If you’re not the paying customer, you’re very likely to be the product”

Curiosity:

Humans are curious by nature. However, naive and uninformed curiosity has caused many casualties. Criminals know we’re curious and they will try to lure us in. If we see an unfamiliar door appear in a building we frequent, we all wonder where it leads.

We might be tempted to open it and find out, but in the online world that might just be a trap waiting for an innocent user to spring it. A colleague built a website that contained a button that said Do Not Press, and was astonished to find that the majority of people actually pressed it.

Be curious, but exercise a healthy degree of suspicion.

Gullibility:

It is often thought of as a derogatory term, but we all suffer from this sin. We make assumptions.

We take others at face value, especially outside of our areas of expertise. Put a uniform on someone and we assume they have authority.

Give an email an official appearance by using the correct logo and apparently coming from the correct email address, and we might just assume it’s real, regardless of how silly its instructions might be.

All of this can be easily forged online, so make no assumptions.

Courtesy:

We quite rightly all teach our children to be polite. However, politeness does not mean you should not discriminate.

If you do not know something, or you feel something doesn’t feel quite right, ask. This principle is truer than ever in the online world, where we are asked to interact with people and systems in ways with which we are quite unfamiliar.

If someone phones you out of the blue and says they are from your bank do you believe them? No. Phone them back.

Continue reading the main story

If someone has a problem with proving who they are, you should immediately be suspicious”

And by the way, use a mobile phone as landlines can remain connected to the person who made the call in the first place and so whilst you might think you’re phoning the bank on a valid number you’re just talking to the person who called you.

Greed:

Despite what we’d like to think we are all susceptible to greed even though it might not feel like greed.

Since its inception, the very culture of the web has been to share items for free.

Initially this was academic research, but as the internet was commercialised in the mid-1990s, we were left with the impression that we could still find something for nothing.

Nothing is ever truly free online. You have to remember that if you’re not the paying customer, you’re very likely to be the product. In the worst case, you might find that you have taken something onto your machine that is far from what you bargained for.

Many pieces of malware are actively downloaded by owners unaware that the “free” product contains a nasty payload, even if it also appears to do what you expected of it.

Diffidence:

People are reluctant to ask strangers for ID, and in the online world it is more important than ever to establish the credentials of those whom you entrust with your sensitive information.

Do not let circumstances lead you to make assumptions about ID.

For example, if someone from “IT support” calls you and asks for your password so they can help fix your problem, how do you know they haven’t called everyone else in the building first until they found you who has really got a problem?

This is a well-known attack. If someone has a problem with proving who they are, you should immediately be suspicious.

Thoughtlessness:

Thinking before you act is possibly the most effective means of protecting yourself online. It is all too easy to click that link.

Stop.

How many of us when reading an apparently valid link in an email would bother to check whether the link is actually valid or whether instead it takes you to a malicious site.

It’s horribly easy to make links look valid so try hovering your cursor over the link for a few seconds before clicking to see what the real link is: the true link pops up if you give it a moment.

As cynical as it may sound, the only answer is to practise your A-B-C:

  • Assume nothing
  • Believe no one
  • Check everything

With more Christmas shopping expected to be done online this year than ever before, you should watch out for those that would exploit the deadly sins.

Don’t give criminals the chance to ruin your holiday season, and remember that a little bit of paranoia goes a long way online.

Thanks for reading. hope it might helped you.
http://ehack.thegeoadventure.com/

Advertisements

Posted on December 17, 2012, in hacking, phishing, security and tagged , , , . Bookmark the permalink. 26 Comments.

  1. 197286 767713Id need to verify with you here. Which isnt 1 thing I often do! I get pleasure from reading a put up that will make individuals believe. In addition, thanks for permitting me to comment! 324787

  2. 730957 467972Hey there! Excellent stuff, do maintain us posted when you lastly post something like that! 643457

  3. You created some initial rate factors there. I seemed on the internet for the difficulty and located many people will go along with together together with your web site.

  4. Only a smiling visitant here to share the enjoy (:, btw excellent style and style .

  5. Following study numerous the websites together with your website now, and that i genuinely appreciate your method of blogging. I bookmarked it to my bookmark website list and are checking back soon. Pls have a look at my web page likewise and let me know in the event you agree.

  6. I like this post, enjoyed this one regards for posting .

  7. for yet an additional fantastic informative post, I’m a loyal reader to this blog and I can’t stress enough how a lot valuable info I’ve learned from reading your content. I truly appreciate all the hard work you put into this fantastic blog.

  8. You’ve created various good points there. I did specific search terms about the matter and located mainly individuals will believe your web site

  9. Real informative and amazing anatomical structure of topic material , now that’s user pleasant (:.

  10. I agree completely with what you said. Excellent Stuff. Maintain it going..

  11. I really don’t accept this particular article. Nonetheless, I had searched with Google and I’ve found out that you’re right and I had been thinking in the improper way. Keep on creating top quality material similar to this.

  12. I’d should talk to you here. Which is not some thing Which i do! I like reading an write-up that can make individuals believe. Also, thank you for permitting me to comment!

  13. its wonderful as your other articles : D, regards for posting .

  14. I think your suggestion would be helpful for me. I will let you know if its work for me too. Thank you for sharing this beautiful articles. thanks a lot.

  15. You understand, a lot of individuals are searching around for this info, you can help them greatly.

  16. Would really like to always get updated wonderful internet site ! .

  17. I really like this blog site, will definitely come back again. Make sure you carry on creating quality content articles.

  18. There is visibly a bunch to know about this. I believe you made various good points in features also.

  19. Wow actually glad i came across your internet web site, i??ll be positive to pay a visit to back now i??ve bookmarked it??.

  20. I likewise conceive so , perfectly written post! .

  21. You produced some decent points there. I looked on the internet for that problem and located most individuals goes along with along together with your internet website.

  22. Wohh exactly what I was looking for, regards for putting up.

  23. Sweet internet site, super style and style , genuinely clean and use friendly .

  24. Merely wanna state that this is extremely beneficial , Thanks for taking your time to write this.

  25. I genuinely enjoy seeking by way of on this internet internet site , it holds superb articles .

  26. I truly enjoy examining on this internet website , it has got fantastic posts .

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: