Hackers on the prowl

A couple of days ago I received an e-mail from my bank. It contained a security advisory about a new method hackers had developed and could use to hack the account of unsuspecting customers. The hackers would send the target an email purportedly from the bank prompting them to take an urgent action to secure their account.

The email would supposedly contain a link that would lead to the bank's website for the customer to take the necessary action. The trick was designed to evade a superficial check by any targeted customer. It involves cloning the url of the bank's website to divert customers to a malicious website instead of the genuine one.

You might be wondering how they could possibly manage to pull it off considering the fact that no two websites can have the same url. How then is it possible for the hackers to create and host a website with a URL that will be identical to that of the bank's website?

The url of the link the hackers would insert in the email would be an exact replica of the bank's genuine url except for one little detail. The alphabet a in the word 'bank' would be formatted with a font type different from the default font used by the bank.

This little detail could easily be missed by any unsuspecting customer. Hence the warning from the bank for customers to always be on the look out for the little details in email correspondence which may appear to have originated from it particularly those requiring or requesting the customer to click a link.

A second one I came across was borne out of a warning to freelancers who use freelancing platformers. In this instance the hackers would pose as potential clients offering tempting offers to engage freelancers. In the event that the freelancer eventually takes the bait and indicates interest, the hacker would then proceed with the con.

They would usually send the freelancer a file and not a readable document which purportedly contains the details of the job. The catch is that the freelancer would not be able to access the contents of the file hence he would reach out to the client for assistance.

The client-hacker would gladly offer to help offering instructions on how to open the file which would require them accessing the freelancers computer remotely. This access if granted would allow them to compromisie the computer in an attempt to access the freelancer's payment platforms so as to steal their funds.

The instances above are just a peek into the toolkit at the disposal of hackers. Hackers can compromise computers using various methods, such as exploiting vulnerabilities in software, tricking users into clicking on malicious links or downloading infected files, and using techniques like phishing to steal login credentials.

They might also employ techniques like social engineering to manipulate individuals into revealing sensitive information. Once they gain access, hackers can install malware, steal data, control the system remotely, or escalate their privileges to gain more control over the compromised computer.

It's important to keep your software up-to-date, use strong and unique passwords, be cautious of suspicious links and attachments, and use reliable security software to protect your computer from such attacks.

Amongst the tricks used by hackers, social engineering stands out. It is a tactic used to manipulate people into divulging confidential information or performing actions that compromise security. This can involve exploiting psychological, social, or emotional factors to deceive individuals.

Examples include phishing emails that appear legitimate, phone calls impersonating authority figures, or creating a fake sense of urgency to manipulate someone into revealing sensitive data. It's important to be cautious and verify the authenticity of requests for sensitive information, especially when they come unexpectedly or seem unusual.

Be alert and security conscious at all times.

Thank you for reading.