Beware of social engineering, you too can become a victim!
Social engineering is an innovative technique to steal information from individuals by psychologically attacking them in a highly planned manner without others knowing. Such stolen information can be misused in various ways to put the victim in financial or social danger.
Social engineering
We are well aware of social media, social networking. But what is social engineering? Social engineering is an acting technique to steal information from individuals by using highly thought-provoking mental attacks without others knowing. Such stolen information can be misused in various ways to put the victim in financial or social danger. Hackers use a variety of methods for social engineering. Most of these approaches are related to the emotions of the individual. Hackers target a person by creating an environment that produces various human emotions like happiness, sadness, fear, excitement, anger, empathy, etc. and steal information from him to achieve their goals.
What is social engineering?
A stranger called and said, 'Your phone number has won lakhs of rupees in the lottery.' You were overwhelmed with happiness and excitement. Someone else called and said, 'Your bank account or ATM card has been blocked due to non-payment of KYC.' You were scared. An SMS, which said that if you do not pay the bill immediately by clicking on the link given below, your home connection will be disconnected at 9 pm. You were scared. A message came on WhatsApp with a picture, in which it was written that please help the child by clicking on the link given below for treatment. Your human mind was full of sympathy and hackers take advantage of this to steal valuable information without your knowledge and then use it to break into your bank account or steal some extremely sensitive information from your phone or laptop and try to blackmail you. Simply put, this is what social engineering does.
How is social engineering done?
Now the question is how is social engineering done? Recently hackers have developed many new methods for social engineering. In most cases, it is difficult for common people to decide which is true and which is false. Now, apart from calling from a distance, a person can come right up and talk to someone in different words and get confidential information with a smile. Although it may not seem very important, it is important to know the date of our birthday or wedding anniversary, the name of our parents or someone's household name, the name of our pet dog, the name of our favorite actor and actress. A clever person can easily extract this information from anyone. But what can you do with them? This is not an ATM PIN or e-mail password. This is correct. But the point is that if you forget your password then remember the questions you face to recover it. Aren't the answers in the things I've already mentioned? But Kerala is not alone, there are other methods of social engineering. That is discussed below.
1. Fishing
Like sitting on a fishing rod to catch fish, fishermen tempt the general user with a variety of rods. Those who do phishing are called phishers. For example, e-mails or mobile messages claiming to win billions of dollars in lotteries are easily accessible nowadays. This is also a form of phishing. Somehow, once you swallow that crores of rupees, a good amount of money can be withdrawn from the user's account. It is not just greed for money. Features entice Internet users in various ways. You can do this. There are many ways in which the features can be used to buy expensive products at very low prices, free antivirus installation on computers, free download of latest movies, etc. Therefore, everyone who surfs the Internet should avoid all the temptations found in the world of Saira. Otherwise, you will definitely become its victim. Phishing is a very dangerous tool of social engineering. Phishers are very clever cyber criminals.
Spear phishing is another form of social engineering. Spear phishing is a deadly tool. Spear phishing is actually a part of phishing. It sends a link from a website that seems well known to a person through SMS, WhatsApp, e-mail etc. For example, if a person receives an email stating that due to non-payment of KBYC for a long period of time his mail ID and all related services will be disabled in a few hours. To update KYC online, you can click on the verified link www.mail.gooogle.com/ and enter the required information. In such a situation, most of the people will click on the link without worrying much and then quickly fill the online form and try to get free as soon as possible. But in a hurry, you won't notice that the word 'google' in the link says 'google' with three '0's. And it's certainly not too hard to imagine what might happen next. Sometimes such mails are also received to update the KYC of the bank online, so beware of spear phishing.
2. Batting
One day a greedy man's eyes fell on a pen drive lying near him. The greedy man went home, put the pen drive in his laptop, opened it and played many old and new songs and watched many movies. There is some software also. He played some selected songs on his laptop and started doing other work. However, while doing this, he did not realize that as soon as he inserted the pen drive, one or two software were automatically installed in the laptop. This is batting. With those software, he not only sees whatever he does on the laptop, but also sends it to a remote server every moment. And thus everything from his e-mail to his bank password reaches the owner of the lost pen drive. I don't think I need to tell the story behind it. However, it is important not to immediately insert pen drives, CDs, etc. lying somewhere into the desktop or laptop. Otherwise there is a strong possibility of getting hit by batting.
3. Unexpected delivery
Hearing the sound of the calling bell, the man went out and saw an online delivery man flowing. But he also did not order anything. However, the address on the packet is correct. He reached out thinking that one of the children might have ordered something. The delivery boy said, this is 'cash on delivery'. The man asked, "So, how much do you have to pay?" The delivery boy pressed the mobile and said, seven hundred and fifty rupees. The man brought money from inside and gave it to the delivery boy. He gave the packet to the man. The packet was kept on the dining table for everyone to see, but no one claimed it till evening. Finally they all sat down and opened the packet. Inside came a bundle of pebbles and stones wrapped in paper.
Another incident. This time the online delivery boy came with a big packet and the man said, 'We have not ordered anything.' The delivery boy smiled and said, 'Who knows, is it true?' payment has been made. If you take it, it doesn't matter if you don't. The man moved forward to take the packet. The delivery boy handed him the packet and said, 'Tell me the OTP.' The man held the packet with one hand and took out the mobile from his pocket with the other hand and gave me the OTP. However, this time a set of cups worth Rs 100 came out of the packet. The delivery boy also withdrew a lot of money from the person's bank account through OTP.
4. Unexpected order confirmation
This is also a very clever strategy of social engineering. In this case, the person is informed by phone or message that the order has been booked in his name. This type of order is usually referred to as an expensive item at a very low price. If you say that an iPhone sells for Rs 15,000, it is natural for some people to be greedy. But the person knows that he never placed that order anywhere. Then what will he do? Perhaps he will succumb to temptation and agree to confirm the order. Otherwise, you will be asked to cancel the order. Whether to confirm or cancel the order, politely ask for the name, address, mobile number and bank account number of the other party to process it. After entering it, an OTP will come and you will be asked for it. As soon as the OTP is issued, a large amount will be withdrawn from the account immediately.
5. Spamming
Spamming is a method of sending the same message to many people at the same time. It is commonly adopted by businesses as a strategy to advertise or promote their products. In this case, the message can be sent instantly to all the e-mail IDs or phone numbers in the organization's database. But how do organizations collect this information? Why don't you take your phone number whenever you pay the bill after shopping in the shopping mall? Again, you don't need to have an e-mail ID to buy and sell online! Therefore, these data are stored as packages in the databases of various institutions. And that is why many people nowadays receive e-mails or SMS from various shopping malls or online retailers on a regular basis. Till that time everything was fine. But what is not right is that data packages get lost or stolen from the database from time to time. Some unscrupulous employees hand over such information to others in exchange for large sums of money and that is when problems arise. Hackers take advantage of this opportunity and send messages with fake offers to different people at the same time and if even one percent of them become victims of this, then the purpose of the hackers is accomplished and the crowd starts fighting. Spamming is considered another important tool of social engineering.
6. Vising and Smitching
The two most dangerous pitfalls of social engineering are vishing and smishing. But how is wedging and smeeching done? These two words may sound strange, but the phenomenon is not unfamiliar. That is, from time to time you get a call that you have won so many lakhs of rupees in the lottery of some organization on your mobile number and you have to do this to get it, or your debit card is blocked and both of you Are on. Point out the numbers you have on the side of the card - this type of thing is upside down. At the same time, when such tempting or intimidating things come through SMS or WhatsApp messages, then it is called smishing.
Witching and trafficking are the most common forms of cyber fraud in our country.
Pop-up window
Usually, an unnecessary small window appears while viewing some websites. In computer language it is called popup window. Despite being very small in size, this window is also scary. The window that appears says: Your computer has a virus, click the button below to scan it for free. Or click on the link below to buy an iPhone for just Rs 3,000 and make payment within five minutes. If even one out of a hundred becomes a victim of such pop-up windows, he can immediately transfer his hard-earned money to the hacker's account.
Whatsapp video call
A beautiful girl who made a new friend on Facebook has been crazy about that man day and night for the last few days. He is very interested to know about the man and his place! She gets jealous when I delay a bit in replying to messengers. Can I keep checking my messenger? So that day he asked for a WhatsApp number and she happily gave him the number. Since then, he has stopped keeping track of how many messages she sends him throughout the day, starting with good morning. In such a short time the girl became so free,
Now she has started talking to him about personal things which she cannot tell to others. They are doing it in confidence. She is going to make a video call today. It is 5 pm in the evening.
He told me to stay busy. After dinner, the man went to the study and closed the door. He called exactly at five o'clock. It's even more beautiful than it looks in the pictures.
Girl First he asked to show his room. Then after talking among themselves they said that it was very hot and took off their clothes. The man's eyes widened. There is a perfect young naked girl on his mobile screen. He asked her to take off her shirt and shirt. He opened it. Sweeten like this for half an hour. After a sweet conversation the video call ended with a promise to call again the next day.
The next morning, while reading the newspaper, a WhatsApp message came on the man's phone. Did he send it? Yes. He is the one who gave it. A video of good morning. He watched the video and his ears and head got hot. There is a song that conveys a double meaning in the background between the video call and some of the conversation from last night. He turned down the volume and watched the video carefully. He is sitting naked and talking to a naked girl. Sometimes he keeps showing his study here and there.
What do they mean? Why was the video made? The reply came from the other side within one hours, deposit three lakh rupees on the number given below. Otherwise you will be tagged on Facebook and the video will go viral. The man started sweating like a fever. He went crazy thinking what would happen if his college kids, his teacher's wife, his coworkers, neighbors, relatives saw this video. He sent me a message again. But this time the message was not delivered. When he called, the switch came off. He became desperate and deposited Rs 3 lakh in the beautiful girl's account. But the story does not end here. Therefore, it is important to take measures to prevent the spread of the disease. Therefore, it is important to take measures to prevent the spread of the disease. Therefore, it is important to take measures to prevent the spread of the disease.
Who can be a victim of social engineering?
Now the question is, who can be a victim of social engineering? Although these so-called engineers target you and me, they are never 100 percent successful in this regard. However, they also know that they cannot be 100 percent successful. Their success rates usually range between one and five percent. The one to five percent I mentioned may be ignorant, short-sighted, fearful, naive, or greedy. These people are usually victims of social engineering. The interesting thing is that among these five percent, the number of greedy people is highest. There is a saying that 'fishes die of greed' and this applies to these people.
How to avoid social engineering?
The first and most important weapon to avoid social engineering is self-awareness. Always keep one thing in mind that in today's materialistic world no one cooks free food for anyone. Not even a thing to live for. Never forget this when you are lost in the colorful world of mobile phones and the Internet. Just as we know to keep our purse carefully while walking in the middle of the road, mobile and internet users should remember that social engineers are keeping an eye on us every moment. With a little carelessness there is a possibility of falling into their trap and destroying everything. Therefore, caution should always be taken when using these techniques.
What to do if you are a victim of social engineering?
If you are unfortunately a victim of social engineering, don't sit back and wait for your fate. Any kind of cyber fraud can be reduced to a great extent by timely reporting. If you are facing financial loss or fraud by cyber criminals, you should dial 1930 immediately. This is India's national helpline number where the public can immediately complain if they are financially defrauded by cyber fraudsters. Call this number and provide details. The website https://cybercrime.gov.in can be used to report any type of cyber crime. If necessary, a complaint can also be lodged directly with the cyber crime branch of the district police station. But anyway, the main thing is not to sit quietly due to embarrassment or any other reason, but to complain to the concerned authorities.
Can hunters also be hunted?
Have you ever wondered what these social engineers or hackers are doing? There are people who like to earn easy money, harm others, misuse their education. There are people who are forced to do this even if they do not want to. But why? Are they hunter or prey? I will answer this in this article.
How to protected data and bank detailed from social engineering?
Following this steps to protected information -
1. You need to enter the password, fingerprint or pattern lock on your smartphone. If someone other than your family member asks you to call on your mobile, ask for the number, dial it yourself, lock the phone and hand it over after it rings. Keep your mobile in your pocket like a handkerchief and your laptop like a bathroom towel. At present these items are for personal use only. Apps should only be installed from Google Play Store or similar secure locations.
2. If the delivery boy asks for OTP then read the message carefully and give it only after confirming that the OTP comes from the concerned website. It can ensure the reliability of a website by ensuring that the name is preceded by https. HTTP only websites are less reliable. Install a good anti-virus software on your computer and keep it updated regularly.
3. Secure the computer with a user ID and password. If someone else wants to use the computer, they will be allowed to use it from the Guest user account instead of using your User ID. Make sure that guest users cannot install any software on their computers.
4. Password or lock folders that store important information on your computer or mobile. Always be cautious while using computer, mobile or internet. Users should avoid all forms of greed, unnecessary pleasure, excitement, fear etc. at all times. Passwords used for e-mail, social media, internet banking, payment apps etc. should be changed regularly at regular intervals.
6. Remember, if other people send you money through Google Pay, Phone Pay etc. then you do not need to do anything. The money will come into your account without you doing anything. Some fraudsters sometimes send you so much money, you can ask them to 'accept' by opening the app however, doing so will only drain your account. so be careful.
7. Don't be afraid when you encounter any kind of social engineering or cyber criminals and don't waste time in filing a complaint at the appropriate place.
8. Do not allow someone else's e-mail ID to log in to your mobile. Also do not allow others to use your e-mail account.
9. E-mail accounts from others or from unsecured mobile or computer,
10. Do not log into bank accounts.
11. Do not open any link received in e-mail or social media without checking.
12. Do not install any apps found on Google or sent by others.
13. Do not install any app on your smartphone. When an app is installed, the app must be allowed to view or access several important areas of the mobile including storage, gallery, camera, microphone, etc. This often leads to data theft.
14. Don't be afraid of someone calling and telling you that your debit card has been blocked or something unexpected happens. Make sure you know the truth of the matter. Under no circumstances will you give your account, card, password, PIN etc. details over the phone.
15. Do not tell the OTP received on your phone without looking here and there just because someone is asking for OTP. To be able to say that it has come, first to know for sure why it has come.
16. That he won millions of dollars in the lottery. Don't be too happy when someone calls you. Is this really true? Ask yourself once.
17. Limit your social media friends to just that. Never give them your phone number. Never accept video calls from unknown numbers.
18. Do not share any password with others under any circumstances.
19. Never write your debit or credit card PIN, net-banking or e-mail ID password anywhere. This should only be remembered in your mind.
Posts
![2023-2024 Iti Workshop calculation and science MCQ [Latest]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGgp3rh9IMpumLZ4PkKjs8U74o_epkhHEcrazTJr6B06xyg56c8J1-qfXlIQhA2Ny2qxgYYtXU67ri4s_t2BmryCcsLUFoECe0Ns6GsqMVS-J6F5OJnw-DV9WZbT2NFKhBy4yBZqOrrkBsGXD0e_1_A0-gXqx1dDK138W5f8HBqEle1kXTBkLMx3N7-w/w72-h72-p-k-no-nu/new.png)
0 Comments