If you think privacy is unimportant for you because you have nothing to hide, you might as well say free speech is unimportant for you because you have nothing useful to say – Edward Snowden
What is Hacking?
‘hacking’ was a term used in place of ‘tinkering’ long before it was used in the now common criminal sense. When computers came around, a hacker was someone who made them operate differently than they were intended to. This could be by altering the programs, OS, or the hardware. “Cracking” is the proper term for breaking into systems. While the modern use of the word hacking may not be correct, meanings of words tend to change over time and that’s something that can’t be avoided.
What is Social Engineering?
Social engineering is the art of manipulating users into revealing confidential information that can be used to gain unauthorized access to a computer system / Website. The term can also include activities such as exploiting human kindness, greed, and curiosity to gain access to restricted access buildings or getting the users to installing backdoor software.
Knowing the tricks used by hackers to trick users into releasing vital login information among others is fundamental in protecting computer systems.
Your name –
Your name can be your worst enemy when you are online as it can be used to expose as much information about you to the point of where you could be located & ransomed.
Where should you ever use your real name online? NEVER. Why? Because, using your name alone make it extremely easy to search names, e-mails, etc to dig information about whoever you want.
Websites in the below list, make it extremely easy to search names, e-mails, etc to dig information about whoever you want.
I highly recommend that you NEVER use your real name, instead use an edited name or initials instead. If your friends on social networks already know you, they should not need to see your complete name as they already know you.
Use big companies such as Yahoo, Hotmail, or Gmail for your email provider, since these are secured companies and will always be up 24/7 any time of the year.
Have seperate emails for Social networks and for serious business such as your Paypal, Bank, etc.
Not much to say on that, just have different e-mails for different activities for security measures. Not only that, but also have different passwords that require extensive typing with various complicating symbols such as:
That above is a ridiculous example, but I believe you get the idea. 😀
You know what hackers love the most? Not having to do much work and having everything set for them easily for the taking. For example, if you are infected with a keylogger, a hacker would love to have one e-mail to have access to all of your online accounts. So, this gives you an idea why you should have a variety at all times with up-to-date information to assure that you could retrieve it, in case if it were to get stolen.
What you sign up to
Ever wondered why you get so much spam e-mails? Well, it’s simple. It’s because e-mail collectors acquire a list of e-mails in which they can mass e-mail to send spam.
There are many websites which sell their database of e-mails to E-mail spammers for a certain amount of money behind the scenes or the collectors themselves have set traps through the internet such as Phishing to acquire a list of e-mails to spam.
Avoid registering to websites such as products and random useless subjects that promise to pay you money for signing up or trying their products.
Information you expose unknowingly on Social Networks
Privacy does not exists anymore.
If you use Social Networks, try to have your information concealed as much as possible from the public and do not expose your Intimate Pictures Valuable information such as Birthday, location, or name to keep yourself as underground as possible, you might think your account is safe when it is set to private but that’s a lie. Data breaches are very common and when your friends account gets compromised / hacked, the hacker gains access to your pictures.
You have to consider that information could be leaked physically or electronically as well. People can misuse your pictures, think twice before posting on social media, if you are really concerned about your privacy.
Keep yourself up-to-date and informed to know if a company you might use has been breached or not.
As they say, Google is your friend. Use it when you need it.
Common User Side Attacks
R.A.T. – Stands for Remote Administration Tool. The attackers take full control of the infected computer (better known as slaves) by spreading a Trojan, a Trojan is malware (malicious software) and is mostly presented as a helpful handy program. But in fact it gives access to your PC. This gives him the possibility to access all your files, webcam, keyboard, mouse it can let you open sites, download stuff and edit your folders. To achieve his goal a Trojan must be undetectable, hackers do that by crypting it. If this is done well, the AV (Anti-Virus) of the victim doesn’t detect the Trojan.
A bunch of slaves is called a Botnet, that is mostly used to perform a DDoS attack/mining. A DDoS Attack to take sites/servers down, or mining bitcoins to earn digital money.
Keylogger – Records keystrokes and sends them back to the hacker in files called logs by FTP (File Transfer Protocol) or email.
Crypters – Make your virus undetectable from AVs (Anti-Virus eg. Norton Security). The best ones (and private versions) make RATs FUD (Fully Undetectable). Most crypters eventually get outdated.
Bruteforcers – Bruteforcing a password is when the attackers try every combination and use different attacks or methods to obtain the passwords of the users.
- Dictionary Attack – Is when the program uses every word in the dictionary
- Hybrid Method – Is when the program uses words put together eg boardcat.
- Bruteforce Attack – Uses every possible combination (depending on the settings this could take several years!)
- Wordlist – Is when it uses a list of possible words to get access eg. list of words used on the victims facebook account.
- Rainbow Tables – This is the most complicated method. It uses special tables of characters to try and crack the password.
Common Server Side Attacks – A Server Side Include Attack is an attack for executing commands on the server. Where the hacker gains control over the database and the website.
● SQL Injection – Structured Query Language Injection)
● XSS – Cross-site scripting
● RFI – Remote File Inclusion
● LFI – Local File Inclusion
Keeping you safe
- Privacy – Privacy should be your top priority – https://www.privacytools.io/
- Limit what you share online.