In the end, the attempt failed when we asked the representative from London to send us a confirmation e-mail before we provided our data and they simply hung up. To a certain extent, the scams based on the idea of sending letters on behalf of postal delivery services were similar to this approach. These messages most often claim that they couldn’t deliver a parcel, asking the user to click on a link to update their data. Naturally, the link is a cover for some clever little application, such as a Lokibot installer.
Let’s equip ourselves!
For the sake of brevity, I won’t go into all the typical types of scams, but I feel it’s important to talk about protection as well. Even if someone isn’t specialised in the field of cyber security and doesn’t want to spend money on various security services, they still don’t have to be concerned about being vulnerable. OSINT (Open-Source Intelligence) applications can help, you can choose the most effective device from the following list, based on your current needs.
- virustotal.com is a universal, one-stop-shop website, offering a range of important services. Users can analyse URLs through the site, upload suspicious files and run tests on practically all major antivirus software. The site can also manage hash-identifiers, allowing you to check whether a specific identifier is listed in any of the major antivirus definition databases.
- IBM X-Force exchange can be used to inquire about suspicious URLs and IP-address related reports. The site is incredibly effective at collecting the characteristics of previous suspicious activities on websites. It indicates, for example, if a website or the IP address, is currently or previously involved in the spread of a virus or whether other malicious activities are conducted through the site.
- Urlscan.io helps examine the contents of a URL without loading it on your device, allowing you to check its contents, find out where and who site is registered to, as well as identify the IPs addresses of the site.
- Whois.Domaintools provides a great deal of information on the registration dates and operators of websites. This can help handle cases where someone claims to be acting on behalf of Telekom or Facebook, while directing you to a site that isn’t registered to Telekom or Facebook via e-mail.
Protection doesn’t start with the use of these sites, but rather by boosting the consciousness of users. It’s good to keep in mind that there are a range of tools at our disposal to skillfully inquire about an e-mail, attachment or website that looks like a scam. All of the above-listed applications are free, so they can be used practically any time when we have to deal with a security-related issue. Despite being free, these applications don’t hinder work at all; they offer all the key functions one could hope for. Finally, keep in mind that no security technology can be truly effective if the operators of the system don’t have up-to-date knowledge on the latest methods of attacks, breaches and campaigns so it’s important for us to demand the same degree of conscious use from ourselves as we do from others.
Szerző:
Dávid János, FEHÉR
Source