• Posted on April 17, 2017 11:46 am
    Joseph Forbes
    No comments

    A hacker is a tech-savvy user who manipulates and bypasses computer systems to make them do the unintended. Sometimes this manipulation is noble, with the goal to create something beneficial. Other times, hacking is harsh and done with the wicked goal to hurt people through identity theft or other harm. You are likely familiar with the stereotypical 1980's hacker: the evil criminal who is socially isolated. While this stereotype does indeed describe some modern 'black hat' hackers, there exists a subset of hackers who are not criminals. In fact, there are many hackers who use their knowledge for good. This is broken down into three categories Today, 'hacker' is a descriptor that subdivides into 3 categories: 'Black Hat' Hackers: criminals and wrongdoers. 'White Hat' Hackers: ethical hackers who work to protect systems and people. 'Grey Hat' Hackers: dabble in both black hat and white hat tinkering. Classic 'Black Hat' Hackers = Criminals/Lawbreakers 'Black hat hacker' = criminal with evil intent. Gu / Getty This is the classic definition of a hacker: a computer user who willfully vandalizes or commits theft on other people's networks. 'Black hat' is a stylish way to describe their malicious motivations. Black hats are gifted but unethical computer users who are motivated by feelings of power, money and petty revenge. They are electronic thugs in every sense of the word, and they share the same personality traits as emotionally stunted teens who smash bus stop windows for personal satisfaction. Black hat hackers are renowned for the following common cybercrimes: DDoS Distributed, Denial of Service (flood) attacks that impair computer networks. Identity theft, Phishing, scams, social engineering schemes. Vandalism of systems, defacing, disabling, removing access. The creation of destructive programs, like worms, and CryptoLocker! 'White Hat' Ethical Hackers = Network Security Specialists 'White hat' hacker = security professional. Yan / Getty Different from the classic black hat hackers, white hat hackers are either driven by honorable motivations, or they are mercenaries working on honorable agendas. Also known as 'ethical hackers', white hats are talented computer security users often employed to help protect computer networks. Some white hats are reformed black hats, like former convicts who take on work as store security guards. While they themselves may have been unethical in the past, their current vocation is considered a white hat. With experience in what the 'bad guy' can do, these reformed hats, are among the most skilled at protecting their clients. Ethical hackers are motivated by a steady paycheck. It is not surprising to see ethical hackers spending those paychecks on very expensive personal computers in their personal lives, so they can play online games after work. As long as they have a good-paying job to support their personal habits, an ethical hacker is usually not motivated to destroy nor steal from their employer. Special note: some white hat hackers are 'academic hackers'. These are computer artisans who are less interested in protecting systems, and more interested in creating clever programs and beautiful interfaces. Their motivation is to improve a system through alterations and additions. Academic hackers can be casual hobbyists, or they can be serious computer engineers working on their graduate-level degrees. These are the people who create new viruses, as proof of concepts.  No intentions on making the world worse, but to help bright to light problems that need solving. 'Grey Hat Hackers' = Conflicted, Uncertain Which Side of the Law They Stand Grey hat hackers: a mix of good and evil. Peoplemages / Getty Grey hat hackers are often hobbyists with intermediate technical skills. These hobbyists enjoy disassembling and modifying their own computers for hobby pleasure, and they will sometimes dabble in minor white collar crimes like file sharing and cracking software. Indeed, if you are a P2P downloader, you are a type of gray hat hacker.  These are undisciplined members of the profession. Often users with access to tools, and 'kits' that enable their ability to accomplish their goals.  In most cases Grey hats are people who never gained the formal understanding of what they are doing. Gray hat hackers rarely escalate into becoming serious black hat hackers. Often times, Grey hats end up getting caught, or warned into stopping their activities. Subcategories of Hackers: Script Kiddies and Hacktivists Script Kiddies: this is a stylish name for novice hackers who are unskilled. Script kiddies can be white hat, black hat, or grey hat. These are people who feel empowered enough to cause others and themselves damages. Hacktivists: this is the hacker who is also a social activist fighting for a cause. Some people would argue that famous hackers like Lulzsec and Anonymous are hacktivists fighting government corruption and corporate misdeeds. Hacktivists can be white hat, black hat, or grey hat. Only a specified team they support at the time being. More About Computer Hackers Computer hacking is often exaggerated by the media, and very few public narratives give hackers the fair shake that they deserve. While most movies and TV shows of hackers are absurd, you might consider watching Mr. Robot if you want to see what hacktivists do. Every savvy web user should know about the unsavory people on the Web. Understanding common hacker attacks and scams will help you navigate online intelligently and confidently.

    Blog Entry, EDUCATION, Hacking
  • Posted on February 8, 2017 11:55 am
    Joseph Forbes
    No comments

    Do you suspect your email account has been hacked? Can't login to your email account? Are you getting undeliverable and bounce messages for email you never sent? Are friends and family complaining of receiving email you never sent? Is it malware? A hacker? Here's how to tell. Undeliverable and Bounce Messages Spammers frequently spoof the From sender on the email they send. They just substitute their real email address with a random email address found on a mailing list or one just randomly made up. Some poorly configured email gateway products don't distinguish between the manually editable "From" address and the actual sender origin, so they simply send any undeliverable messages to the spoofed From address. To better understand how this works, and help you track down the real origin of an email, see: Reading Email Headers. Best defense: Simply delete the undeliverable/bounce messages. In other cases, email worms will send themselves disguised as an undeliverable/bounce message. The bogus email contains either a link or an attachment. Clicking the link or opening the attachment leads directly to a copy of the worm. Your best course is to learn to overcome curiosity. Best defense: If you receive an undeliverable or bounce message for an email you know you did not send, resist the temptation to open the attachment or click the link. Just delete the email. Unable to login to your email account If you are unable to login to your email account due to an invalid password, it's possible that someone has gained access and changed the password. It's also possible that the email service is experiencing a system outage of some sort. Before you panic, make sure your email provider is functioning normally. Best defense: Prevention is key. Most email providers offer a password recovery option. If you have even a hint of concern that your email password has been compromised, change your password immediately. If you specified an alternate email address as part of the password recovery, make sure that address is active and be sure to monitor the account regularly. In some cases, you may need to call your email provider and request a reset. If you go that route, be sure to change your password from the one provided during the phone call. Be sure to use a strong password. Email appearing in Sent Items folder If copies of the sent email are appearing in your Sent Items folder, then it's likely that some type of email worm might be involved. Most modern-day malware won't leave such tell-tale signs behind, so it, fortunately, would be indicative of an older, more easily removed threat. Best defense: Update your existing antivirus software and run a full system scan. Email is sent to address book, does not appear in the Sent folder, and it's a webmail account The most likely cause is phishing. Chances are at some point in the past, you were tricked into divulging your email username and password. This enables the attacker to login to your webmail account and send spam and malicious email to everyone in your address book. Sometimes they also use the hijacked account to send to strangers. Generally, they remove any copies from the Sent folder to avoid easy detection. Best defense: Change your password. Make sure you've checked the validity of any alternate email addresses included in the password recovery settings first. Symptoms don't match the above Best defense: Make sure you do a thorough check for a malware infection. Fully scan your system with installed up-to-date antivirus software and then get a second opinion with one of these free online scanners. Receiving complaints from friends, family, or strangers One of the problems with spoofed, hijacked or hacked email is that it can also lead to responses from angry recipients. Stay calm - remember, the recipients are just as much a victim as you. Best defense: Explain what happened and use the experience as an educational opportunity to help others avoid the same plight.

    Blog Entry, Data Recovery, Hacking
  • Posted on January 9, 2017 11:11 am
    Joseph Forbes
    No comments

    How your online habits leave you and your computer at risk Keeping safe online takes more than just installing a few security programs. To protect both you and your computer, here are the top ten bad habits you need to avoid. Browsing the Web with javascript enabled by default Today's attackers are more likely to host their malicious files on the web. They may even update those files constantly using automated tools that repackage the binary in an attempt to bypass signature-based scanners. Whether through social engineering or through website exploit, the choice of browser will be of little help. All browsers are equally susceptible to Web-based malware and this includes Chrome, Firefox, Opera, and the much-maligned Internet Explorer. Disabling Javascript on all but the most trusted sites will go a long ways towards safer web browsing. Using Adobe Reader/Acrobat with default settings Adobe Reader comes pre-installed on most computers. And even if you never use it, just the mere presence can leave your computer at risk. Vulnerabilities in Adobe Reader and Adobe Acrobat are the number one most common infection vector, bar none. Making sure you stay up-to-date with the latest version of Adobe products is imperative, but not foolproof. To use Adobe Reader (and Acrobat) safely, you need to make a few tweaks to its settings. Clicking unsolicited links in email or IM Malicious or fraudulent links in email and IM are a significant vector for both malware and social engineering attacks. Reading email in plain text can help identify potentially malicious or fraudulent links. Your best bet: avoid clicking any link in an email or IM that is received unexpectedly - particularly if you do not know the sender. Clicking on popups that claim your computer is infected Rogue scanners are a category of scam software sometimes referred to as scareware. Rogue scanners masquerade as antivirus, antispyware, or other security software, claiming the user's system is infected in order to trick them into paying for a full version. Avoiding infection is easy - don't fall for the bogus claims.   Logging in to an account from a link received in email, IM, or social networking Never, ever login to an account after being directed there via a link received in an email, IM, or social networking message (i.e. Facebook). If you do follow a link that instructs you to login afterwards, close the page, then open a new page and visit the site using a previously bookmarked or known good link.   Not applying security patches for ALL programs Chances are, there are dozens of security vulnerabilities waiting to be exploited on your system. And it's not just Windows patches you need to be concerned with. Adobe Flash, Acrobat Reader, Apple Quicktime, Sun Java and a bevy of other third-party apps typically host security vulnerabilities waiting to be exploited. The free Secunia Software Inspector helps you quickly discover which programs need patching - and where to get it.   Assuming your antivirus provides 100% protection So you have antivirus installed and are keeping it up-to-date. That's a great start. But don't believe everything your antivirus does (or rather doesn't) tell you. Even the most current antivirus can easily miss new malware - and attackers routinely release tens of thousands of new malware variants each month. Hence the importance of following all the tips provided on this page.   Not using antivirus software Many (probably infected) users mistakenly believe they can avoid malware simply by being 'smart'. They labor under the dangerous misconception that somehow malware always asks permission before it installs itself. The vast majority of today's malware is delivered silently, via the Web, by exploiting vulnerabilities in software. Antivirus software is must-have protection. Of course, out-of-date antivirus is almost as bad as no antivirus software at all. Make sure your antivirus software is configured to automatically check for updates as frequently as the program will allow or a minimum of once per day. Not using a firewall on your computer Not using a firewall is akin to leaving your front door wide open on a busy street. There are several free firewall options available today - including the built-in firewall in Windows XP and Vista. Be sure to choose a firewall that offers both inbound and (as importantly) outbound protection.   Falling for phishing or other social engineering scams Just as the Internet makes it easier for legitimate pursuits, it also makes it easier for scammers, con artists, and other online miscreants to carry out their virtual crimes - impacting our real life finances, security, and peace of mind. Scammers often use sad sounding stories or promises of quick riches to hook us into being willing victims to their crimes. Exercising common sense is one of the best ways to avoid online scams. For extra help, consider installing one of the free anti-phishing toolbars

    Blog Entry, Hacking, Internet
  • Posted on December 27, 2016 9:08 am
    Joseph Forbes
    No comments

    [ALERT] Scam of the Week: George Michael Dies at 53. Watch out for Phishing Attacks Yesterday, news broke that George Michael was found dead on Sunday at his home in Goring in Oxfordshire, England. He was 53. A police statement said: “Thames Valley Police were called to a property in Goring-on-Thames shortly before 2 p.m. Christmas Day. Sadly, a 53-year-old man was confirmed deceased at the scene. At this stage the death is being treated as unexplained but not suspicious.” Mr. Michael’s manager, Michael Lippman, told The Hollywood Reporter that Mr. Michael had died of heart failure “in bed, lying peacefully.” This is a celebrity death similar to Prince that the bad guys are going to exploit in a variety of ways. You have to warn your users right away that a series of scams are underway using the George Michael death as social engineering trick. Earlier celebrity death scams show there will be a high click rate on scams that claim to show Michael's last words on video. Whatever ruse is being used, your users will wind up with either infected workstations at the house or in the office, giving out personal information or unleashing ransomware on the network. Give them a heads-up that especially now they need to Think Before They Click. I would send your employees, friends and family something like the following. You're welcome to copy/paste/edit. "Yesterday, news broke that pop star George Michael was found dead in his home in Oxfordshire, England. He was 53. Internet scum are going to exploit this celebrity death in a number of ways, so be careful with anything related to George Michael's death: emails, attachments, any social media (especially Facebook), texts on your phone, anything. There will be a number of scams related to this, so Think Before You Click! For KnowBe4 customers, as you read this, there will be a new template "George Michael Dies at 53" in the Current Events campaign that I suggest you send to everyone more or less immediately. If you are not a KnowBe4 customer yet, at times like this, it is very good to know what percentage of your users are vulnerable to emotional manipulations like this. We recommend you do your complimentary Phishing Security Test and find out what your phish-prone percentage of your users is. https://info.knowbe4.com/phishing-security-test-chn Let's stay safe out there.

    Blog Entry, ENTERTIANMENT, Hacking
  • Posted on December 18, 2016 12:30 pm
    Joseph Forbes
    No comments

    Request Did some gorgeous model just send you a friend request? You search your memory but just can't seem to remember the person trying to add you as their friend. Are they for real or is this a fake friend request? Why Would Someone Bother to Create a Fake Friend Request? You may receive fake Facebook friend requests for any number of reasons, some harmless, some malicious, here are some types of people that might send you fake and/or malicious friend requests: Social Engineering Methods Scammers Scammers may create fake Facebook profiles and request to be your friend in order to gain more access to personal information that you restrict to "friends only". This information may include your contact information (for spamming), or other personal information that might be useful in setting you up for a phishing attack. Malicious Linkers You may also get requests from attackers that post malicious links to malware or phishing sites which may end up in your Facebook newsfeed after you accept their friend request. Catfishers As the MTV television show "Catfished" has shown time and time again, the person behind that sexy profile pic may be nothing close to what they advertised. Catfishers may create elaborate online profiles using pictures of models, in an attempt to hook victims looking for love online. They may send out random friend requests to huge numbers of people before they find a willing victim. Ex-wife / Husband / Girlfriend / Boyfriend If a relationship ends badly, you may end up unfriending that person. You may think that they are gone and out of your circle of Facebook friends, but they may try to find their way back in by creating a false profile and befriending you using their new alias. This allows them to keep up with what you are up to without you knowing that it's them on the other side of the screen. Also, never forget, you may have 'unfriended' the person, but your friends may not have. Through those friends information about you can still be obtained. Current Wife / Husband / Girlfriend / Boyfriend If your spouse or significant other is trying to test your fidelity in an unscrupulous manner, they may resort to creating a false profile using an attractive profile picture to entice you into becoming their friend so that they can further test you by trying to get you to respond to their suggestive posts or chats. They could record this information with the intent of using it against you later. You see, this is why we can't have nice things. Private Investigators Private investigators could also use false profile friend requests to help them learn more information about you. The kind of information that you normally would restrict from public view and reserve for friends only. These types of investigations are the pinnacle of social engineering tricks used to obtain information you normally would never give. How Can You Spot a Fake Friend Request? There are several clues that the friend request you received might not be genuine. Here are five questions you should ask yourself to help determine if the friend request might be from a fake profile: 1. Do You Know the Requester or Have Any Friends in Common With Them? Although obvious, this is the first clue. If you can't recall ever meeting this person in real life or meeting through any mutual friends, then it is likely a friend request sent to you under false pretenses. Check their friends list (if it's viewable) and click the "mutual" list to see whom you both know. Check with your mutual friends to see if they know them. It only takes one friend to not realize they are helping the scam. 2. Is the Friend Request From an Attractive Person of the Opposite Sex? If you're a guy and you get a random friend request from a beautiful woman, then this is your first tip-off that it might be a ruse. Same holds true for the ladies. A friend request with a picture of an attractive person posing in a provocative way is often the bait used by those creating fake friend requests. 3. Does the Request Come From a Person With a Very Limited Facebook History? If, according to their Facebook timeline, the person just joined Facebook an extremely short time ago, then this is a huge clue that the friend request is bogus. Most legitimate Facebook users will have a long history on their timeline dating back several years. Fake profiles are often created hastily and most profiles will indicate when the person joined Facebook. If their Facebook timeline says they joined Facebook 12 days ago then the person is most likely trying to scam you, unless it's your grandmother, who is very late to the Facebook party and has a legitimate reason for having a limited history. 4. Does the Person Have a Unusually Small or Large Number of Friends, and Are They All the Same Sex? Fictitious profiles may have an extremely small, or possibly a large number of friends on their friends list. The reason? They have likely spent very little effort on setting up the fake profile, or they have 'shotgunned' a ton of friend requests out and received a ton of responses. Another clue is the sex of those on their friends list. Depending on who the person behind the fake profile is targeting, you will likely see friends that are predominantly of the opposite sex of the requester since that is likely who they are targeting when they send out their fake friend requests. If the request is from a lady targeting men, expect almost all men in the friends list, instead of a mix of men and women like you would expect from a real person. 5. Is There Very Little Personal Content on Their Timeline?  You likely won't see a lot of day-to-day activity on a fake profile because of the effort required to generate 'real' content.  You may see some pictures, perhaps some links, but you probably won't see a lot of location check-ins or status updates. This may or may not be true for scammers of the Catfishing-type, as they may spend a lot of time and effort making their online persona seem as real as possible. Next time you receive a random friend request, ask yourself the questions above. If the answer is yes to more than one or two of them, then you may have just spotted yourself a fake friend. If you are like me, you have no friends  (unhappy-face)    No really, I have friends (happy-face)

    Blog Entry, SOCIAL ENGINEERING