Today’s’ society is web oriented. Internet is becoming part of our life. It allows us to find information, to shop online, to share our life with friend… This is the good part!
The Bad part… can be really bad. Imagine this scenario. I am the bad guy. By chance your name is on my list. I type your name in Google search and… surprise! I get into your FB page. If your profile is public I can find little information about you like where are you from, how old you are, what hobbies you have, what you like and most importantly your email address.
Do I target you as a business person? It is simple like changing the FB for LinkedIn. Here I can see all your career history and the actual job. And I build up the initial profile of your taken from FB.
There are out there websites which allow me to see more about a certain person for a fee of a few dollars. I can find information like shares that you have or your roles and positions etc. Usually this kind of data are public and should no harm for persons listed!
I (the bad guy) will organise now the attack against you *your computer). I already know your email address so all I have to do is to send an email, make you to open that email and to follow the instructions in that email. The bottom line is to make you to download and install on your computer a “backdoor” that will allow me to get access and control your computer and later your network if applicable.
I simply create and send you an email that will appear to you as a legitimate email, but in reality it is fake one. I have to take care so all written in that email will not make you suspicions. And… finally the magic link which will work on my evil proposes.
You find the email into your email box and of course you will open the email with no doubt that is not a genuine one and… of course follow the link. YES you clicked my link. It is a for example a video from YT where you will find out more, but it is missing a codec. Everybody knows about codes so you will install it your computer. The application is asking for your permission to run, you quickly click OK. Repeat the OK answers few times without paying attention and… you will see the Video that I made it for you.
Everything is done, I (the bad guy) have installed on your computer my small program and I can do whatever I wish based on my “hacking knowledge”.
A good intruder will make that everything to run smooth and you will never know that someone else is controlling your computer.
What can happen now on a hacked in computer?
- all you type can be sent as a string of characters to an email address
- all your email can be diverted
- all your not encrypted data can be read
- the most common, your computer will be used to attack networks, servers or other computer
How can you avoid to be hacked in (basic)?
- When you receive any email, before doing anything else, put the mouse on “FROM” name and ask for details about the sender. Usually right-click and try to see the email address. I give an example: From name is “PAYPAL SUPPORT” but when you try to see sender can be “firstname.lastname@example.org” which is NOT a Paypal email for sure. Any email coming from paypal MUST have at the end paypal.com
- Do not allow any program to be installed on your computer except you know exactly what it is about.Please make sure your protection is activated (it is by default), it means the computer will ask you to confirm any program installation.
- Make sure you have installed on your computer a valid (NOT FREE) firewall and antivirus software. Antivirus is NOT enough.