Most recently a cyber attacker compromised a friend’s Facebook account and sent a series of odd messages enticing his followers. This can happen to anybody. Hackers can be individuals or groups who target a person or organization. Sophisticated attacks can even be orchestrated by a foreign government with a specific agenda such as political, military, or economic gain.
A lot of planning goes into this. Cyber crooks start by studying websites and social media accounts. They harvest key information, such as backgrounds, structures, acquaintances, and where the prospective target is located.
If a business or consumers phone list is accessible online, they can identify victims and their roles, including levels of management. They are keen on extracting social media profiles and data that has been publicly shared.
Afterwards, scammers identify the specific individuals to target. Like a scholar researcher, a hacker will gather all the information they can snare and it’s not limited to social media. Messages on public forums, pictures you shared, interests, and hobbies shared by family and friends can make you vulnerable.
A spear phishing attack is one of the popular methods used. Attackers customizes a specific phishing email for a certain target. Since they have familiarized themselves with a target in mind, they can generate an email that may appear very convincing. This message includes an urgent request to have sensitive documents, such as personnel records, sent over. When you respond, you assume you are communicating with a person you know. This is how a scammer can use this trick in having you email sensitive data.
Accepting virus infected attachments from a shady sender compromised personal and financial accounts. These malicious attacks request receivers to enable macros or introduces a link to click on. After you comply with this, you are taken to a website that hacks your operating system. After the cyber attacker gains access to your computer, all the information on it is compromised and your device can be used as a launching point to cripple other systems in your network.
Antivirus software and other technological safeguards alone cannot quell targeted attacks. What you can do is limit the information you publicly share. This will make it challenging for
thieves to research and target you.
Here are some other signs of a targeted attack.
- Phone calls or messages with a sense of urgency.
- Someone pleading with you to bypass or ignore work related procedures.
- The “from address” in their email is work related; but the “reply-to-address” is someone’s personal email attachment.
Be mindful of email attachments, most certainly the ones that ask you to enable macros. You should open attachments that you expect from trusted senders. Here are some things to look for in these cases.
- The tone or content don’t seem right.
- Misspellings with the signature.
- Odd language.
- Calling you by a name you never go by.
Phishing attacks can be avoided. You can learn more about this scam from an episode of my show, “Cyber Brats” on Spondulics TV at https://spondulics.org/watch?v=17
You can also check out my website at https://shadowworldpresent.wixsite.com/safe
Until next time, stay sage and stay secure!
