Hacking and hacking over the internet have increased in recent months as a side effect of the Coronavirus epidemic. As working from home has become the norm, the cyber attackers have intensified their attacks; A PC is much more fragile than the one that a company's technical team protects, and the average person is more likely to get lost and make a mistake while at home.
To provide you with assistance in this regard, cybersecurity company Proofpoint has published a report on the technologies most used by hackers during the fourth quarter of 2020. Therefore, they are the most popular scams which will continue to be tracked in 2021.
Below is a summary of the report and tips on how to avoid the techniques described.
Social engineering
Social engineering is the # 1 technology that hackers use to try to hack your computer. It's the tactic that is used 99% of the time. Typically, cyber attackers combine this technology with another tactic that exploits a security breach.
Social engineering is understood as a ploy that manipulates the user so that he is the one who provides the hacker with unconscious access to his computer.
For example, arriving at a malicious email asking you to open it is a social engineering tactic. Tricking you into clicking on a dangerous URL. Creating a fake page that resembles logging into a social network like Facebook to enter your login details is also social engineering.
As you can see, in all these examples, manipulation is used with a more technical tool: an email with malware, a URL that downloads a virus, or a fake webpage ...
Phishing email: a hacker trojan horse
Proofpoint has listed the most commonly used technologies in these phishing emails:
Run a macro for an Office document
A macro is a series of commands and instructions that automatically complete a task in Office. Its original mission is to save time and steps for users. But hackers use it to infect computers. The user opens an email attachment that he thinks is important and activates a hard-to-detect macro that directs Office to spread malware to all documents on the computer.
Evading protection status
In theory, Gmail or Hotmail have systems that detect if email contains viruses. Threat detector usually plays suspicious content in an isolated, protected environment, for example on a virtual machine, to verify if it is safe or not. But hackers now use evasive techniques that prevent malware from activating during these tests. Thus, the malware detection tools are deceived and considered valid email that does not pose a risk to the user.
PowerShell
There are techniques that use PowerShell found in Windows to infect a computer. To be activated, the user is manipulated to enter a page with code running PowerShell to invade the computer. Since it is a technology used by an official tool, it is very difficult to detect.
HTML
It looks the same as above: the user clicks and comes to a page with code that takes advantage of security breaches in browsers and even operating systems. It is a trick that is difficult to discover because it is sometimes hidden in ads on legitimate websites.
Invading messages and impersonating the victim
This technology is only used when a victim's email account is actually accessed. The hacker then writes to the contacts of the occupied account, and responds to them to impersonate the victim and direct the victim's contacts to the trap as well.
Files with passwords
Sometimes, a threat detection tool won't identify a file with malware if it requires a password to open. The email will contain instructions for the user to open it and infect his computer himself.
GeoPrimetry
A new technology that consists of restricting the behavior of malware on certain sites, because this type of restriction prevents the detection of malware.
To read the full report, go to the following link: proofpoint
read also :
Comments
Post a Comment