What are Phishers?
Phishing is a technique a hacker uses to also steal your personal data (ie. logins and passwords) This is done by a uploading a fake but exact replica of a website or something similar with a catchy idea to it, the hacker will spread around the URL for the phishing website either by himself, with previous hacked accounts or bots on the Internet, for people to click on. For example a link might have been sent to you, you click on it and it takes you to the Twitter page to login before you can see the content. Wrong, in fact it’s not the Twitter page at all.
The corner of your eye tells you it’s Twitter, but if you look closely at the URL you’ll notice a slight difference to it, instead of being Twitter.com it’s Twitt3r.com. This is used to fool you into thinking you’re entering your personal details on a legitimate website. Sadly there are still quite a few people who fall for this and enter their credentials. Once this is done it stores your username and password for the hacker to grab at any time.
Another good example of this is with Personal Messengers such as MSN, Skype and Facebook. You might receive a message saying ”LOL look at this picture of you “www.example.com/username” When you click that link, it will take you to a phishing website that will most likely say “If you wish to see the picture please login with your details”
Always remember to check the URL in the browser address bar before entering your credentials anywhere on the Internet, another quick note is that if you’re buying items online and purchasing them with your credit cards etc. Double check for the secure connection notification like below (such as HTTPS).
Poor Wireless Security
It’s fantastic how we can easily access the Internet from anywhere in our homes or public places these days, With WiFi technology you’re literally wireless. You’ve just bought a new home computer all set up and running right out of the box with a router for Internet. But are you taking the time to set it up correctly so you’re properly protected? Some WarDrivers could be enjoying your brand new computer too.
What is War Driving? This has been around for quite some time, some of you may notice suspicious cars parking near or outside your homes. They are actually using your Internet WiFi connection and browsing all your personal files on your computer systems. The “War Drivers” drive around local neighborhoods in search of “OPEN” and “WEP” enabled WiFi systems. This is a bigger problem than you think, watch the video’s below to get an idea just how severe this can be.
One thing about these videos though, they all talk about “OPEN” networks, yes you should never leave your Wireless connection open, but before you stop there is your Wireless “WEP” enabled? This is almost just as bad as an open wireless network. WEP has now been proven to be crack-able in under 10 minutes using the right tools and these “tools” are distributed freely all over the Internet, Youtube is full of video tutorials demonstrating how to hack WEP enabled devices.
WEP encrypted devices are cracked with the hacker sniffing your packet data and collecting it over-the-air, the encryption is then decrypted via the algorithm and your WEP password is revealed.
WPA protected systems is another one, this is a little bit more secure than WEP encryption. However it’s not bulletproof, it’s just a little harder to crack. The hacker would have to Brute Force an attack with a Wordlist in order to gain access to your router.
The most recommended encryption to use now days is WPA2, it has replaced WPA and introduces a new AES-based encryption mode with strong security. It’s highly encrypted and much safer. Another recommendation is to hide your SSID so any passing War Drivers don’t see your network, and if you’re really paranoid you can limit your network to only allow specified computers onto your network. Always remember to use unique password using words that are not necessarily in a dictionary or very common words on the Internet. Numbers and special character are also highly recommended.
Below are 2 quick videos with some more tips on how to secure your Wireless Network and another video focusing on how to create unique strong passwords (Clever trick)
Please feel free to dicuss these topics below, I welcome all feedback. After all, in the world of I.T you never stop learning.