Do not take the bait! Understanding Email Phishing

What precisely is phishing?

Phishing is a tactic used by hackers to trick you into providing personal information or account data. Hackers steal sensitive data by generating new user passwords or inserting malware (such as backdoors) into your device once they have your knowledge.

Financial frauds or identity hacks perpetrated using the victim’s private information are the more serious consequences of phishing. Phishing is responsible for almost 90 percent of all data breaches.

What are the various kinds of phishing scams?

Depending on the perpetrator, phishing attacks will hit a wide variety of people. It is likely that this is a generic email phishing scam searching for someone with a PayPal account. However, these are almost certainly phishing attempts. Phishing may also take the form of an email that is sent to only one user. Because of their access, the attacker would devote time and effort to crafting an email for a single recipient. If the email is on this end of the continuum, even the most suspicious individuals are likely to fall victim to it. According to statistics, 91 percent of data security breaches begin with some form of a phishing scheme.

What is the concept of Email Phishing?

Since the 1990s, email phishing has possibly been the most prevalent form of phishing. These are the emails that a hacker sends to any and all email addresses he or she can get his hands on. The email normally advises the user that their account has been compromised and that they must reply immediately by clicking on the ‘this page’. Since the English are not always plain, these assaults are normally easy to detect. It sometimes gives the idea that someone used translation software to go through five different languages before deciding on English.

suspect source if you search the email source and the actual connection that you are being led to.

Sextortion is a form of a phishing scheme that involves giving someone an email that seems to be from themselves. The hacker appears to have broken into your email server and then into the machine in the email. They claim to have two crucial pieces of information: your password and a video of you. The sextortion takes place on the captured footage.

They claim to have two crucial pieces of information: your password and a video of you. The sextortion takes place on the captured footage. According to the claim, you were viewing adult entertainment videos on your monitor while the camera was recording. You must pay them, normally in bitcoin, otherwise, they will reveal the video to your relatives or co-workers.

How to Recognize a Phishing Email?

Every month, users all over the world receive an average of 16 malicious emails! Furthermore, given the plethora of email newsletters that we knowingly sign up for, a detailed review of an email prior to answering can be time-consuming. Nonetheless, being aware is crucial in thwarting future efforts to steal your personal or company information.

Here are few pointers on recognizing a phishing email:

  1. Avoid any email requests for sensitive information.

Remember that a legal company will never send you an email requesting confidential personal or financial information. Furthermore, an organization with which you are familiar would like to have a phone call with you about some account details. Unsolicited emails demanding personal information and containing a connection or attachment should be avoided. It is unquestionably a ruse. Generic Email Salutations Should Be Avoided

  1. Avoid emails that address you as a “respected member,” “favorite client,” “customer,” or “account manager,” among other words. 

    Emails with such generic salutations should be stopped at all times since they are almost invariably spam. Bear in mind that a legal business will call you by your name. Any cyber con artists, on the other hand, totally disregard the salutation portion of the text! As a consequence, make sure you check the other things on this guide and see whether it’s deceptive or not.

  2. Verify the Sender’s Domain in the Email Address

Examining the sender’s address is one of the most effective ways to detect a phishing text. Check the domain in the email address, which is the part after the @. This will give you a good sense of the email’s sources and therefore its validity. Cybercriminals sometimes change the spelling of a domain to make it seem legal. But proceed with caution! But, since businesses often use special or random domains to reach out to their clients, this is not a foolproof tip. Small businesses, in particular, rely on third-party email providers to deliver emails. As a consequence, the dubious-looking domain could be real!

  1. Spelling Errors Can Serve as a Warning Flag

One thing to keep in mind! Any brand and business invest heavily in their proofreaders and copywriters. This is to ensure that the material they distribute to consumers is error-free, factually correct, and grammatically correct. An error in material, particularly in an email to a prospective or current client, is a major source of embarrassment for an organization. As a consequence, it’s self-evident that an email from a legitimate organization must be well-written. Scam texts, on the other hand, are easily detected by their grammatical and spelling mistakes. Hackers, obviously, are not idiots! They know who they’re after, and these phishing emails are often aimed at people in the lower echelons of the educational ladder.

  1. Be wary of uninvited attachments

If you know what the most often used phishing email bait is? Attachments and connections that are unsolicited and suspicious-looking. Emails with random attachments or connections are never sent from a legitimate entity. They would rather take the user to their own website to retrieve the required documentation or files. Companies that have your contact information, on the other hand, can give you white papers, newsletters, and other materials as attachments. So, though you can be careful of attachments with extensions.exe,.scr, and.zip, this isn’t a completely secure trick. In case of uncertainty, the safest course of action is to contact the sender directly.

  1. It makes no difference if you have the world’s most reliable surveillance system. It only takes one untrained employee to be duped by a phishing attack and hand over the information you have worked so long to safeguard. 

Be sure you and your colleagues are all aware of these particular email phishing scenarios, as well as all of the warning signs of a phishing attempt.

Gaps and Limitations and how to tackle them 

Both consumers and companies must take action to defend themselves from phishing attacks. Vigilance is important for consumers. A spoof message sometimes includes inconsequential errors that reveal its true identity. As seen in the previous URL example, these may involve spelling errors or domain name changes. Users should also consider that they are sending such an email in the first place.

The foregoing phishing email detection tips will undoubtedly raise your tolerance and vigilance of phishing attacks. Phishing attacks, on the other hand, are becoming stealthier and more subtle by the day. And seasoned users can find it difficult to spot a phishing email before it’s too late, thanks to changing techniques.

It’s shocking to hear that almost half of all phishing or bogus websites already have SSL Certification or HTTPS encryption! To escape tracking, they are increasingly using tactics such as web page redirects. Fake fonts and other encoding methods are often used by some fake banking websites to give the impression of a real website. Also, the most vigilant customer is finding it more difficult to detect phishing attempts as a result of these tactics.

Texial’s – Phishing Attack Victims Investigation Services

Texial is a forensics laboratory that focuses on optical and Cyber Forensics. Texial’s Lab delivers investigative and cybersecurity expertise and technologies, supported by a roster of the best-in-class forensic experts. Texial’s Lab also delivers cybercrime detection training and information to corporations and law enforcement authorities.

Sick And Tired Of Doing Artificial Intelligence The Old Way? Read This

What is Artificial Intelligence? 

Artificial intelligence (AI) is a broad field of computer science that focuses on creating intelligent machines that can execute functions that would otherwise require human intelligence. AI is a multidisciplinary discipline with many methods, but advances in machine learning and deep learning are causing a paradigm change in almost every industry.

AI is a field of computer science that seeks to mimic or emulate human intelligence in computers at the most basic level. Artificial intelligence’s large objective has ignited a slew of questions and debates. So much so that there is no widely agreed description of the field.

HOW DOES ARTIFICIAL INTELLIGENCE WORK?

Artificial intelligence can be classified into two categories:

AI with a limited scope: This kind of artificial intelligence, also known as “weak AI,” works in a restricted sense and is a simulation of human intelligence. Although narrow AI is always based on executing a single task exceedingly well, these devices work under much more restrictions and limits than even the most simple human intellect. Artificial General Intelligence (AGI): AGI, also known as “Strong AI,” is the kind of artificial intelligence that we see in movies like Westworld’s robots or Star Trek: The Next Generation’s Data. AGI is a computer that has general intelligence and can use that intelligence to solve any problem, just as a human can.

HISTORY OF ARTIFICIAL INTELLIGENCE

Ancient Greek mythology included intelligent robots and artificial beings for the first time. The development of syllogism and its introduction to deductive logic by Aristotle was a watershed moment in humanity’s attempt to comprehend its own intellect. Despite its long and deep origins, artificial intelligence as we know it today has only been around for a century.

Basics in Artificial Intelligence

Artificial intelligence (AI) refers to systems that can comprehend, read, and function in obtained and generated data. AI today operates in three ways:

Assisted data, which is already freely accessible, enhances what individuals and organisations are already doing.

People and organisations will now do something they couldn’t do before thanks to augmented reality, which is just getting started.

Autonomous intelligence is a form of artificial intelligence that is being designed for the future. It consists of computers that operate independently. Self-driving cars, as they become widely used, would be an example of this.

AI may be said to have certain elements of human intelligence, such as a store of domain-specific knowledge, mechanisms for acquiring new information, and mechanisms for bringing the information to use.

Today’s AI technology includes machine intelligence, expert algorithms, neural networks, and deep learning, to name a few instances or subsets.

Machine learning employs mathematical methods to allow computers to “learn” (e.g., boost output over time) from data rather than being directly programmed. Machine learning performs well when it is focused on a single goal rather than a broad mission.

Expert systems are computer programmes that address problems in specific domains. They solve problems and make decisions using fuzzy rules-based logic and closely selected bodies of information, mimicking the thinking of human experts.

Neural networks are a programming model inspired by biology that allows a machine to learn from observational data. Each node in a neural network assigns a weight to its data, showing how right or incorrect it is in relation to the process at hand. The sum of these weights is then used to calculate the final product.

Deep learning is a form of machine learning that is focused on learning data representations rather than task-specific algorithms. Deep learning-based image processing is now often superior to humans in a range of fields, including autonomous vehicles, scan analyses, and medical diagnosis.

Applying artificial intelligence to cybersecurity

AI is well-suited to solving some of the world’s most challenging challenges, and cybersecurity is surely one of them. Machine learning and AI will be used to “keep up with the bad guys” in today’s ever-evolving cyber-attacks and the explosion of smartphones, automating vulnerability identification and responding more effectively than conventional software-driven approaches. Cybersecurity, on the other hand, poses several special challenges:

A wide assault field.

Thousands or tens of thousands of computers per company

There are hundreds of attack vectors to choose from.

There are significant shortages of trained security personnel.

Massive amounts of data that have developed beyond the reach of a human issue

Many of these issues should be solved by a self-learning, AI-based cybersecurity posture management system. There are technologies available to better train a self-learning machine to collect data from around the business information systems in a continuous and autonomous manner.

Following that, the data is processed and used to conduct pattern correlation across millions to billions of signals specific to the enterprise attack surface. As a result, new levels of intelligence are being fed to human teams in a variety of cybersecurity categories, including:

IT Asset Inventory – compiling a full and comprehensive list of all computers, customers, and programmes with links to information systems. In inventory, categorization and calculation of market criticality are also important.

Threat Exposure – Hackers, like anyone else, track patterns, so what’s trendy for hackers shifts on a daily basis. AI-driven cybersecurity tools can provide up-to-date awareness of global and industry-specific risks, allowing you to prioritise threats based not just on what might be used to target your company, but rather on what is most likely to be used to attack your company.

Controls Effectiveness – To sustain a strong security strategy, it’s critical to consider the effects of the different security tools and processes you’ve implemented. AI will help you find out where the information security software excels and where it falls short.

AI-based programmes can forecast if and when you are most likely to be compromised, taking into account IT asset inventory, vulnerability presence, and controls effectiveness, so you can allocate resources and tools to places of vulnerability. Prescriptive knowledge obtained from AI research will assist you in configuring and optimising controls and processes to produce the best performance.

Incident response – AI-powered applications may have a better background for prioritising and responding to vulnerability threats, for fast incident response, and for surfacing root causes in order to eliminate bugs and prevent potential problems.

Explainability of recommendations and review is key to using AI to complement human information security teams. This is crucial for achieving buy-in from stakeholders around the company, recognising the effect of various information management initiatives, and reporting relevant data to all stakeholders, including end customers, security operations, the CISO, auditors, the CIO, CEO, and the board of directors.

Adversaries’ Use of AI

Instead of actively running after malicious behaviour, IT security practitioners will use AI and machine learning (ML) to implement sound cybersecurity policies and shrink the threat surface. State-sponsored criminals, terrorist cyber-gangs, and ideological hackers, on the other hand, may use the same AI tactics to bypass protections and evade detection.

The “AI/cybersecurity conundrum” exists here. Companies will need to be aware of the possible drawbacks of AI as it matures and expands into the cybersecurity space:

Hackers can defeat security algorithms by targeting the data they train on and the warning flags they search for, so machine learning and artificial intelligence can help protect against cyber-attacks.

Hackers may also use AI to circumvent protections and build mutating malware that alters its configuration in order to prevent detection.

AI systems can provide misleading findings and false negatives if they are not fed large amounts of data and incidents.

Organizations would fail to retrieve the right data that feeds their AI programmes if data theft goes undetected, with potentially catastrophic results.

Conclusion 

AI has emerged as a necessary technology for augmenting the contributions of human information management teams in recent years. Since humans can no longer defend the complex organisational attack surface effectively, AI offers much-needed research and vulnerability detection that can be used by cybersecurity experts to reduce intrusion risk and enhance protection posture. In the field of security, AI can recognise and prioritise danger, detect malware on a network instantly, guide incident response, and detect intrusions before they occur.

AI enables cybersecurity teams to form powerful human-machine collaborations that extend our expertise, enhance our lives, and propel cybersecurity in ways that seem to be greater than the number of their parts.

Ransom in the world of Malware: Understanding Ransomware

Understanding the basics

Ransomware is a type of malware that blocks access to data or systems unless a ransom is paid and threatens to publish it, Some Ransomware has a deadline. If the victim fails to pay up by the deadline then they may lose the data. Most exchanges are done via Bitcoin. 

Ransomware is a rapidly increasing threat to the data files of individuals and companies. On an infected computer, it encrypts data and retains the key to decrypt the files before the user pays a ransom. This malware is responsible for damages of hundreds of millions of dollars each year. Due to the large amounts of money to be made, new versions appear frequently.

Mechanics of Ransomware

There is a very compressed timeline of an attack. From exploitation and poisoning to getting the ransom note, you frequently have 15 minutes.

Step 1: Infection-Ransomware is downloaded and installed on the computer secretly the most common way of sending ransomware is phishing mail.

Step 2: Execution-Ransomware searches and maps locations for targeted types of files, including locally stored files, and network-accessible mapped and unmapped networks. Any ransomware attacks also erase all backup files and directories or encrypt them.

Step 3: Encryption-Ransomware uses the encryption key to share a key with the Command and Control Server to scramble all files located during the execution step. Access to the data is also blocked.

Step 4: User Notification-Ransomware adds instruction files that detail the method of pay for decryption and uses those files to show the user a ransom note.

Step 5: Cleanup – Ransomware normally terminates and destroys itself, leaving behind the instruction files for payment.

Step 6 : Payment: In the payment directions, the victim taps a connection that brings the victim to a web page with extra details about how to make the appropriate payment. To prevent detection by network traffic monitoring, secret TOR services are also used to encapsulate and obfuscate these messages.

Step 7 : Decryption: The victim will obtain the decryption key after the victim pays the ransom, normally from the Bitcoin address of the offender. There’s no assurance, that the key will be delivered as promised.

Types of Ransomware

There are primarily two kinds of ransomware:

  1. Locker Ransomware – Ransomware from Locker denies access to computing services. It is based on blocking access to a computer such that it is difficult to access the GUI. From there, it prompts payment by users to unlock the unit.
  2. Crypto ransomware – Crypto ransomware denies access to files on the computer. It’s possible to access the user interface on the computer, but the files can’t. By encrypting the files and requesting payment for decryption, it does this.

Examples of Ransomware Attacks

CryptoLocker

Cryptolocker was one of 2010’s first global ransomware attacks; it infected more than 500,000 computers at its peak in 2013 and 2014. A botnet, distributed through spam email, was used to encrypt user files. Overall, CryptoLocker harvested around $3 million with its variants taken into account.

Teslacrypt

Gamers were aimed at TeslaCrypt, capitalizing on the importance that devoted users put on files such as saved maps, sports, and material for downloadable video games. For ransom, it encrypted these files. Interestingly enough, the attack developers ended up releasing the encryption key publicly.

Simplelocker

SimpleLocker is one of the first smartphone ransomware attacks on a wide scale. It encrypts mobile files through a Trojan downloader, targeting Android users.

Wannacry

One of 2017’s most notable attacks, WannaCry has raced across the United States and Europe, affecting hospitals in particular. A noted Microsoft vulnerability known as EternalBlue took advantage of the attack. Although the patch was released, many systems were unable to implement updates and were left vulnerable, leading to a high volume of infections.

Is there a way to avoid this? 

Preventive mechanisms 

Proactive approaches are a must when it comes to preventing ransomware attacks. An organization needs to plan to stop a computer infection, similar to immunizing yourself from a physical virus.

Update Security – New variants of ransomware are regularly published. Safety tools and operating systems are continuously modified to prevent becoming the target of the latest upgrade. Upgrade any obsolete and unpatched applications and keep up to date on anti-virus rules and signatures. Do not make the work of cybercriminals easy.

Bolster Firewalls- To distinguish and evaluate different kinds of network traffic, firewalls are used. Data is provided when ransomware attacks are publicized to help filter out the threat. In WannaCry, for example, the call was to directly reject all (TCP) Port 445-SMB, (UDP) 137, (UDP) 138, and (TCP) 139 traffic.

Back up your files regularly and frequently – The harm caused by a ransomware attack can be greatly reduced by getting vigilant data backup processes in place, as encrypted data can be recovered without paying a ransom.

A Complete guide to Fingerprint Analysis

What are Fingerprints?

Impression left by the friction ridges on the finger are known as Fingerprint.A Fingerprint consists of ridges and furrows in patterns,which make them unique.

Origin

  • Edward Richard Henry (1850-1931) –He devised the fingerprint classification formula, recommended the use of mercury based and graphite based powders. 
  • Sir William Hershel,1856 -The first to use fingerprints An English Chief Magistrate in India who used prints on native contracts. 
  • Dr.Henry Faulds,1880 -Notices fingerprints on pre-historic pottery 
  • Sir Francis Galton,1888 -Sir Francis Galton, a British anthropologist and a cousin of Charles Darwin, began his observations of fingerprints as a means of identification in the 1880’s. In 1892, he published his book, “Fingerprints”, establishing the individuality and permanence of fingerprints. The book included the first classification system for fingerprints.

Types of prints

  • Latent print
  • Patent print
  • Plastic print

Latent print

It is invisible to the eye produced due to the deposition of oils and perspiration.

Patent print

It is visible on surface after ridges have been in contact with colored material: blood,paint,ink,.

Plastic print

Impressions left on soft material: putty, wax, soap, or clay,.

Collection methods

Latent print

Use alternative light source(UV light),High Definition Photograph,tape lifting method,chemical fuming methods(cyanoacrcylate, ninhydrin, silver nitrate)

Patent print

Use alternative light source(UV light),High Definition Photograph,tape lifting method.

Plastic print

Casting methods

Collection of Fingerprint from the dead

Casting methods-For skin that’s badly deteriorated, it may be possible to use silicone putty to make a casting that captures the detail of the fingerprint ridges. Those impressions can then be photographed and used in identification. Most sensitive to taking an impression, even under only moderate pressure against the mold. 

Thanatopractical  processing– fluid is extracted from other parts of a body’s remains is used to restore tenseness and volume to the fingers in order to plump them for printing.

In case of rigor mortis, straighten the fingers. This can be accomplished by pressing down on the middle joint of the finger. Dust the fingers and palms with fingerprint powder and lift the prints with tape or rubber lifters.

Surfaces

Porous: Absorbent surfaces such as cloth,paper,. 

Non porous: Non absorbent surfaces such as glass,plastic,.

Principles of Fingerprint Analysis

1. A fingerprint is an individual characteristic because no two fingers have yet been found to possess identical ridge characteristics.

2.   A fingerprint will remain unchanged during an individual’s lifetime. 

3.  Fingerprints have general ridge patterns that permit them to be systematically classified.

Fingerprint Analysis

Types of Ridge patterns

Loops

Loop must have one or more ridges entering from one side of the print, recurring and exiting from the same side. 

It should have one core and one delta If loop 

-Opens towards little finger= ulnar loop 

-Opens towards the thumb= radial loop

These patterns are named for their positions related to the radius and ulna bones, i.e. the bone the loop opening is facing towards.

Whorls

  • Plain Whorl
  • Central pocket loop whorl
  • Double loop whorl
  • Accidental whorl

All whorl patterns have type lines and a minimum of two deltas. 

Central pocket loop whorl have at least one ridge that makes a complete circuit. 

Ridge may be spiral, oval or any variant of a circle.

Double loop whorls (Twin loop)are made up of any two loops combined into one print.

Accidental whorls contain two or more patterns which does not clearly fall under any of the other categories.

Arches

  • Plain Arch-Ridges enter on one side and exit on the other side.
  • Tented Arch-Similar to the plain arch, but has a spike in the center.
Arch patterns do not have Type lines,Core and Delta

Ridge Characterstics

Class Characterstics

Type Lines-Pattern area of the loop is surrounded by two diverging ridges known as type-lines.

Core-Core is defined as the innermost turning point where the fingerprint ridges form a loop.

Delta-Delta is defined as the point where these ridges form a triangular shape.

Individual Characterstics

Bifurcation(Fork)- A ridge diverging into two parallel ridges,forming a fork shape.

Spur (Hook)-A ridge diverging from the main ridge to form a hook.

Enclosure(eye)-A ridge divides into two and the two divided ridges immediately converge into a singe ridge,forming an eye shape.

Dot-A very small fragment found inbetween the pattern.

Trifurcation- A ridge dividing into three parallel ridges.

Bridge- Two ridges connected by a bridge.

Ridge Counting

The number of ridges intervening between the delta and the core is known as the Ridge Counting.

  • Ridge counting is performed on loop type pattern. 
  • If there is a bifurcation at the exact point of coincidence, two ridges are counted. 
  • If there is a bifurcation of a ridge exactly at the point where the imaginary line would be drawn, two ridges are counted. 
  • Fragments &dots are counted if they appear as thick as the neighbouring ridges. 
  • Ridges, which run close up to without meeting the line, are not counted. 
  • Where the line crosses an island, both sides are counted.

Ridge Tracing

  • The course of the lower ridge of the delta, is followed and it will be found either to meet or to go inside or to go outside the corresponding ridge of the delta. 
  • If the course of the ridge ends abruptly, the course of the next ridge below it is to be followed. 
  • In case of bifurcating ridge the lower line of bifurcation should be followed. 
  • When the traced ridge meets the corresponding ridge of the right delta or goes inside or outside, with not more than two ridges intervening between them, the Whorl is specialised as Meeting(M). 
  • When the ridge goes inside and there are three or more intervening ridges, it is specialised as Inner(I). 
  • When the ridge goes outside and there are three or more intervening ridges, it is specialised as Outer(O).

Database

Fingerprint Analysis and Criminal Tracing System (FACTS) & Aadhar 

The computer uses an automated scanning device to convert the image of a fingerprint into digital ridge characteristics. (image processing and pattern recognition techniques) 

Holds information of class characteristics, individual characteristics , minutiae location, direction, ridge count, density, type of print,. National crime records bureau and Central finger print bureau hold access to FACTS.

Applications

  • Biometric security 
  • Identity recognition in mass disasters 
  • Conducting background checks 
  • Criminal investigation

Recent Trends

Determining use of illegal drugs: 

Researchers from the University of Surrey in England have developed a method to test the residue left in a fingerprint for cocaine using mass spectrometry. 

Fingerprint Molecular Identification (FMI) technology to identify gender, narcotics and nicotine: 

North Carolina’s ArroGen Group has developed FMI technology, again using mass spectrometry, to identify gender biomarkers, as well as metabolites of nicotine, heroin, methamphetamine, marijuana, temazepam, ecstasy and even some legal medications. 

Developing Technique Bacteria:  

Certain bacteria, for example acinetobacter calciacatieus, can be used to develop prints on valuable oil paintings, without harming the painting in the process.  The bacteria in a nutrient gel are pasted onto the surface of the painting, making the print visible as they multiply.  The gel can then simply be wiped off, leaving the painting unaffected. 

Autoradiography:  Radioactive atoms are incorporated into the fingerprint by placing the piece of fabric into a container containing radioactive gases, such as iodine or sulphur dioxide, at a humidity of less than 50%.  The fabric is then put into contact with photographic film, and the radioactive atoms cause a picture to become clear.

The Identification of Prisoners Act 1920

Section 1: An act to authorize the taking of measurements and photographs of convicts and others. 

Section 2: Definitions “ Measurements” include Finger impressions and foot print impressions 

(a) “Police Officer” means an officer in charge of a Police Station, a Police Officer making an investigation under chapter XIV of the Code of Criminal Procedure, 1898 or any Police Officer not below the rank of Sub – Inspector. 

(b) “Prescribed” means prescribed by rules made under this Act.

Section 3: the SHOs and investigating officers are empowered to take the finger prints of every person who has been convicted of any offence punishable with rigorous imprisonment for a term of one year or upwards or of any offence which render him liable to enhanced punishment on a subsequent conviction.

Section 5: A First Class Magistrate can direct to give the FPs of any person arrested in or for the purposes of any investigation or proceeding.

Collection of Fingerprint for comparison

Under the provisions of 73 IEA and Section 5 & 6 of Identification of Prisoners Act, the law enforcing authorities and courts have been empowered to take finger prints of a person for the purpose of investigation or identification.

On refusal,

Section 6 of Identification of Prisoners Act:If any convict resists to give finger prints necessary measures should be to taken to secure his finger prints.If he still refuses, he can be charged u/s 186 IPC and he is liable for punishment.

Expert Testimony

In 1899 amendment was made to Evidence Act, Section 45 & 73 and evidence of finger Print Expert was given a statutory recognition. 

Section 45 of IEA, when the court has to form an opinion upon a point of foreign law, or of science or art or as to identity of handwriting or finger impressions, the opinion upon that point of persons specially skilled in such foreign law, science or art or in questions as to identity of handwriting or finger impressions, are relevant facts. Such persons are called Experts.

Under Section 293 Cr.P.C.Report submitted by Director, FPB as Expert opinion may be used as evidence.The court may, if it thinks fit, summon and examine any such Expert.If the Director, FPB is summoned by a court and he is unable to attend personally, he may, unless the court has expressly directed him to appear personally, depute another Expert who is conversant with the facts of the case.

Palm prints comes within the section of 45 IEA and opinion of Experts as to identity or non-identity of palmer impressions are admissible in court.

Section 60 of IEA, if oral evidence refers to an opinion or to the grounds on which that opinion is held, it must be the evidence of the persons who holds that opinion on those grounds (i.e. Expert need not be present in the court).

Under section 20 (b) of Cr.P.C. any document produced before the Magistrate on which prosecution to rely, provided that Magistrate is satisfied that any such document is voluminous, he shall, instead of furnishing the accused with a copy thereof, direct that he will only be allowed to inspect it either personally or though pleader in the court.

Everything about Cryptocurrency you should know

Let us first understand what Cryptocurrency means

Cryptocurrency is a digital or virtual currency that is protected by cryptography, rendering it virtually difficult to clone or replicate. Many cryptocurrencies are decentralized networks focused on blockchain technology—a global database reinforced by a disparate network of computers. The distinguishing characteristic of cryptocurrencies is that they are usually not distributed by any central entity, making them potentially immune to political intervention or exploitation. Cryptocurrencies are mechanisms that enable encrypted online payments that are denominated in terms of virtual “tokens,” which are defined by the system’s internal leads. “Crypto” refers to the various encryption algorithms and cryptographic methods that secure certain entries, such as elliptical curve encryption, public-private key pairs, and hashing functions. Any of the cryptography used in today’s blockchain was initially designed for military purposes. At one time, the government tried to impose cryptography regulations equivalent to the legal constraints on weapons, but the right of people to use cryptography was protected on grounds of freedom of expression.

History

The cryptocurrencies story began in 2008 when a paper titled “Bitcoin: A Peer-to-Peer Electronic Cash System” was written by a single or group of pseudonymous developers called Satoshi Nakamoto. The real network took some time to start the first transfers in January 2009 alone. The first real selling of an item using Bitcoin took place a year later with a customer trading 10,000 Bitcoin for two pizzas in 2010, which for the first time added a cash value to the blockchain. By 2011, other cryptocurrencies started to appear, including Litecoin, Namecoin, and Swiftcoin making their appearance. Meanwhile, the cryptocurrency bitcoin that began it all started getting criticized after reports appeared that it was being used on the so-called “dark web,” especially on sites such as Silk Road as a means of payment for illicit transactions. Over the next five years cryptocurrencies slowly gained momentum with a spike in the number of transactions and the price of Bitcoin, the most common cryptocurrency in the world rose from about $5 at the beginning of 2012 to about $1,000 at the end of 2017.

Let us now dive into the types of Cryptocurrencies

The first blockchain-based cryptocurrency was Bitcoin, which is the most common and valuable. Today, there are thousands of alternative cryptocurrencies with diverse features and requirements. Some of these are Bitcoin clones or forks, and others are new currencies that have been developed from scratch. Bitcoin was introduced in 2009 by a person or collective known as “Satoshi Nakamoto.”1 As of Nov. 2019, there were over 18 million bitcoins in circulation with a combined market cap of around $146 billion. Some of the competing crypto currencies created by Bitcoin’s popularity, known as “altcoins,” include Litecoin, Peercoin, and Namecoin, as well as Ethereum, Cardano, and EOS. Today, the combined valuation of all existing cryptocurrencies is about $214 billion—Bitcoin accounts for more than 68% of the overall value of the cryptocurrencies.

How does it all work?

Cryptocurrencies use decentralized technologies to enable people to make encrypted purchases and store money without using their identity or going through a branch. They operate on a global public ledger called blockchain, which is a database of all transactions that have been updated and kept by currency holders. Cryptocurrency units are generated by a method called mining, which requires the use of computer power to solve complicated math problems that produce coins. Users can also acquire currencies from brokers, then store and invest them using cryptographic wallets. Cryptocurrencies and implementations of blockchain technologies are now evolving in financial terms and further use is anticipated. Transactions, including bonds, securities, and other financial assets, may potentially be exchanged using technology.

How to safely use bitcoin?

Prospective Bitcoin investors need to know a few things before they take the plunge.

First, there is usually little security under the Financial Sector Compensation Program. If a Bitcoin trader is compromised and coins deposited in his site are stolen, so there is no government reward like there will be for a bank. The easiest way to defend against this is for customers to move their Bitcoin to a different wallet. Bitcoin.org has a list of recommended items.

Second, scams are very popular. The City watchdog, the Financial Conduct Regulator, released a new warning this year. Action Scam, the government’s fraud contact center, told consumers never to respond to cold calls or tailored adverts. Buyers should stick to the main exchanges, including eToro, Coinbase, and CoinCorner.

Advantages and Disadvantages of Cryptocurrency

Advantages

Cryptocurrencies are committed to making it possible to pass money directly between two parties without the need for a trustworthy third party, such as a bank or a credit card provider. Instead, these transactions are secured with the use of public keys and private keys and various types of reward mechanisms, such as Proof of Work or Proof of Stake. In current cryptocurrency schemes, the “wallet,” or account address of the recipient has a public key, whereas the private key is revealed only to the owner and is used to sign transactions. Fund transactions are completed with reduced transaction costs, allowing customers to bypass heavy fees paid by banks and financial institutions for wire transfers.

Disadvantages

The semi-anonymous nature of cryptocurrency transfers makes them well suited to a variety of illicit practices, such as money laundering and tax evasion. Cryptocurrency proponents, though, also respect their anonymity, claiming privacy advantages such as protection for whistle-blowers or dissidents living under oppressive regimes. Any cryptocurrencies are more private than others. Bitcoin, for example, is a comparatively bad option for doing illicit online business, since the forensic examination of the Bitcoin database has helped the police arrest and convict offenders. More privacy-oriented coins still exist, however, such as Dash, Monero, or ZCash, which are far more difficult to locate.

Future Directions

Cryptocurrency’s potential vision is still very much a problem. Proponents see an infinite opportunity, while opponents see nothing but danger.

Stable cryptocurrencies have risen in popularity as a way to back up bitcoin with assets that hold real value. Money used to be in the gold standard.

Those properties could be other currencies or commodities—nearly something, really. Or, one, simply recreates a structure that already exists. The other problem is that it could make it possible for individuals to commit fraud because it is not as easy to track and control as conventional currencies. There are a variety of better uses for cryptocurrencies. For example, people living in countries with poor economies could be better off investing in Bitcoin than buying local stocks and bonds.

 

 

Top 5 Cyber-Attack Predictions for 2022 and Prevention Strategies

Top 5 Cyber-Attack Predictions for 2022 and Prevention Strategies-texial

Let us understand what cyber-attacks are

In the simplest terms, Cyber-Attacks is an attack conducted against single or more computers or networks by cybercriminals using one or more computers. A Cyber-Attack will disable computers maliciously, steal data or use a damaged computer as a starting point for other attacks. Cybercriminals use a range of tools, including malware, phishing, ransomware, denial of service, among other methods, to launch a cyber-attack. 

Why should you be concerned about a Cyber-Attack? What damage can it cause you?

A total of at least 57 different ways in which cyber-attacks can have a detrimental impact on society, people, and corporations, and even nations have been described by cybersecurity analysts, varying from threats to life, triggering depression, regulatory penalties, or disturbing everyday operations. Cyber miscreants are a big deal. Electrical blackouts, failure of military equipment, and violations of national security secrets can be caused by cyber-attacks. They will allow important, confidential documents such as medical records to be compromised. They can disrupt the networks of phones and computers or paralyze systems, rendering data unavailable. 

What impact do Cyber-Attacks have on us?

The effects of a single, successful cyber-attack can have far-reaching consequences, including financial losses, intellectual property theft, and loss of confidence and trust among consumers. 

  1. Monetary impact– There could be immense overall monetary damages from cybercrime. Every day, more than 1.5 million people fell victim to some form of cyber fraud, ranging from basic login theft to extensive monetary scams, according to a 2012 study by Symantec. This adds up to more than $110 billion dollars lost to cyber fraud globally last year, with an estimated loss of $197 per victim.
  2. Emotional impact– Nearly 65% of global internet users and 73% of US web surfers are victims of cybercriminals, including computer viruses, online credit card fraud, and identity theft. America ranks eighth, behind China (83%) and Brazil and India, as the most abused nations (76 percent). A study conducted co-related emotional well-being to the effect of cybercrime reveals that the greatest responses of victims are felt furious (58 percent), frustrated (51 percent), and deceived (40 percent), and they are blamed for being assaulted in certain instances. Just 3% do not believe that would happen to them, and almost 80% do not expect cybercriminals to be taken to justice, resulting in an ironic hesitation and a feeling of helplessness to act.

    The cybercrime of piracy has had a significant influence on the fields of film, music, and applications. Victim reports are difficult to quantify and much more difficult to validate, with figures varying from hundreds of millions to hundreds of billions of dollars annually.

    3. Social Impact– Cyber predators take full advantage of the Internet’s anonymity, transparency, and interconnectedness, thereby attacking the very roots of our current knowledge system. Bots, computer viruses, cyberbullying, cyber harassment, cyber warfare, cyber pornography, denial of service assaults, hacktivism, stealing of identity, ransomware, and spam may be part of cybercrime. Law enforcement agencies have failed to keep pace with cybercriminals, who cost billions each year to the global economy. 

Let us see some examples of cyber-attacks in the past to comprehend the threat of cyber-attacks better

Defense Hack Department-

 Those who yearn for a Department of Defence security position will have their job cut out for them. Want-to-be hackers attempt to attack his security system on a regular basis, and back in 1999, a Florida teenager managed to compromise the computer system of the military. Jonathan James was able to intercept highly classified emails by installing backdoor software within the computer system of the Defence Threat Reduction Agency. These included information on the International Space Station life support code and many other important matters. 

Virus Melissa

Perhaps Melissa was created in 1999 by a New Jersey programmer with too much idle time on his hands, the first major computer virus that made the world’s population realize that their computers were not always safe. As a simple Microsoft Word program, David L. Smith disguised his virus, and he sent it to innumerable unsuspecting recipients. It then resends itself from the address book of each infected computer to the first 50 individuals. Melissa had compromised a full 20% of the world’s computers a long time ago, and big businesses such as Intel and Microsoft were forced to shut down all outgoing mail programs until the problem could be resolved.

The 1988 Robert Tappan Morris and the Morris Worm

Morris, a student at Cornell University in the USA, maker of the first digital worm distributed via the Internet, believed that his progeny was not meant to hurt but was created with the harmless intent to determine the vastness of cyberspace. When a worm encountered a critical error, things went pear-shaped and morphed into a virus that replicated rapidly and began infecting other computers, resulting in a denial of service. The harm? 6000 computers were reportedly affected, causing repair bills of an estimated $10-$100 million dollars. While this incident may be called an unfortunate tragedy, it played a role in inspiring the calamitous style of distributed denial-of-service (DDoS) attacks that we see today.

Predictions of cyber-attacks for 2022

One of the major concerns of the upcoming threats to society regarding Cyberattacks must prevail along the lines of Invasive Technology.

  1. Invasive Technology- With sensors, cameras, and other devices that are embedded in homes, offices, factories, and public spaces, new technologies will further invade every element of daily life. Between the digital and physical worlds, a constant stream of data will flow, with attacks on the digital world directly affecting the physical world and creating dire consequences for privacy, well-being, and personal safety. With little knowledge about cyber threats, people may not understand the importance of cybersecurity, hence leaving a weakling in the infrastructure of their core business set-up. While big companies will not face much of the heat from attackers as they invest big in cybersecurity, it is the little business owners that will perhaps take the hit.
  2. Neglected Infrastructure– Threats from an increasing number of sources will face the technical infrastructure upon which organizations rely on man-made, natural, accidental, and malicious. Even short periods of downtime will have serious consequences in a world where constant connectivity and real-time processing are vital for doing business. Opportunistic attackers will find new ways to exploit vulnerable infrastructure, steal or manipulate critical data and cripple operations. It is not only the availability of information and services that will be compromised. Opportunistic attackers will discover new ways to target fragile networks, intercept or control sensitive data and cripple operations. It is not just the provision of information and resources that will be affected.
  3. The undermining of the business digital landscape- As new technology and the next generation of workers tarnish corporate reputations, undermine the credibility of knowledge, and inflict financial loss, bonds of confidence will break down. There will be a public criticism of those who lack accountability, put trust in the wrong people and controls, and use technologies in immoral ways. This morale crisis between companies, staff, customers, and clients would threaten the capacity of organizations to perform digital business.
  4. The threat to healthcare companies- Health care companies are under threat as they are the most targeted victims of phishing.
  5. Cloud under attack- The growing popularity of public cloud systems has resulted in a spike in cyber-attacks targeting infrastructure inside these networks and confidential data. As a result, a wide array of attacks has been perpetrated by cloud assets. Misconfiguring cloud environments this year was one of the key triggers of many cases of data misuse and assaults faced by organizations around the world. With updated techniques capable of evading simple cloud security products, cloud crypto-mining campaigns have increased. Docker hosts have been exposed and the crypto-mining campaigns of rivals operating in the cloud have been shut down. Researchers from Check Point have also seen a spike in the number of exploits against public cloud infrastructures that could stretch to and past 2022.
  6. Mobile devices under attack- Malware capable of stealing payment records, passwords, and funds from victims’ bank accounts has been driven out of the general threat environment in combination with the rising use of banks’ mobile apps and has also become a very widespread mobile threat.

  Prevention Strategies

Despite the prevalence of cyber threats, 99 percent of companies are not adequately covered, Check Point report states so. A cyber-attack, however, is preventable. An end-to-end cybersecurity infrastructure that is multi-layered and covers all networks, endpoints, mobile devices, and the cloud is the secret to cyber protection. You can consolidate monitoring of several security levels with the right design and control policies into a single glass pane. This helps you to correlate incidents through all network environments, mobile infrastructures, and cloud providers.

Main Cyber Attack Protection measures:

  1. Maintaining ventilation for protection.
  2. Choose avoidance over-identification.
  3. Protect all vectors for attack.
  4. Implement the most sophisticated innovations.
  5. Maintain up-to-date threat information.

The Secrets of the Dark Web

top ethical hackers of india

THE DEEP WEB

The internet in the present days is been compared to many things: A fighter jet; A Nuclear Weapon; and most famously a series of tubes. As it is compared to an iceberg which takes down the whole yacht in minutes. The 10% of the network we call the internet is available in a normal search to the general public. Hidden below the virtual waterlines a surprising and secretive network Known as Deep web.

The Dark web can be only accessed with a special browser such as The Onion Router (TOR). the deep web is built on the basis of peer-to-peer connections, which allows to safely share files directly.

The Deep web has strong support to appeal to privacy advocates, who have taken huge advantage of the lack of tracing or identifying to the shield their anonymity from advertisers and officials alike. A former CIA agent Whistleblower Edward Snowden used the Deep web to collect much of the information that carried him into a worldwide discussion, and columnists around the world are coming to rely on it as a secure alternative to the public web searching for sensitive, confidential and dangerous information.

But the tight-lipped nature of the network has also made its own criminals of various stripes, Human organ trade, trafficking from illegal drugs to a stolen credit card to the child pornography. An online marketplace named as “THE SILK ROAD” driven by the internet currency Bitcoin. The subjected headlines in 2013 when the expertise succeeded in shutting it down. The site had its own prominence as the internet’s go-to destination for illegal sales of drugs, and its death spawned both a crowd-sourced documentary.

An organization such as AT&T, eager to examine, control activity and track within the misty borders, are working restlessly to bring light to the far end of the Deep Web. Government and law enforcement agencies, illegal trafficking, leaks, and concerned about privacy, are the unfamiliar positions striving to police the same wild and wooly neither world rely on for their own hidden operations. But secrets, scandals, and skulls will always find their path to the darkest parts of the web, and while destiny of the Deep Web may be as dark as its twisted triangles, it’s certain to remain a portion of internet wisdom for years to come.

Originate Of Deep Web

The term, “Deep web,” was stamped in 2001 by BrightPlanet, an Internet search Technology corporation that practices in searching deep web content.

Military sources of Deep Web – Like other sectors of the internet, the Deep Web began to build with the help of the U.S. military, which inquired a way to communicate with intelligence assets and Americans commissions abroad without being exposed. David Goldschlag, Michael Reed, and Paul Syverson mathematician at the Naval Research Laboratory started working on the idea of “ONION ROUTING” in 1995. Their research shortly developed into the Onion Router project, famously known as TOR, in 1997.

The U.S. Navy published the TOR code for the use of the public in 2004 and 2006 a group of developers built the TOR project and published the service currently in use.

Download TOR From Here https://www.torproject.org/download/download

Why Google Won’t Find Everything?

Present’s biggest search engines are much more capable than they were 20 years ago. They can foretell your search, perform multi-word queries, and serve billions and trillions of webpages.

Nevertheless, despite Google’s web intrepidity, it and other search engines have a very cramped view of what’s out there.

Search engines operate by “crawling” links on a website. If a site owner doesn’t want their page to be disclosed or to be found, it won’t introduce a direct link to that page. If there is no link on a web page, it can’t be crawled or indexed in Google’s extensive search library. As the search engine won’t display the result.

 

The Good, Bad, And Downright Ugly Of The Dark Web

Because the TOR network permits allow users to window-shop

anonymously, it’s used by secret services, activists, law enforcement, whistleblowers, researchers, and users who are forbidden from Internet access.

WikiLeaks is an ill-famed Dark Web site that permits whistleblowers to anonymously upload detailed information is an Assange.

Even the most famous site Facebook has a Dark Web site. Last October, the social media monster began TOR private services so users could avoid bypass monitoring or censorship.

Anonymity, however, tends to have a dark side. The TOR network can also be used to shield the sensitive information of users involved in criminal activity.

 

Types Of Illegal Operations You Could Find On The TOR Network

  • Unlicensed Weapons
  • Illegal Hacking Guides and Pirated Software
  • Pornography
  • Drugs
  • Sales of stolen Credit cards and their information
  • The illegal practice of trading on the stock exchange
  • Hiring trained Killers
  • Gambling
  • Money laundering
  • Sale of fake currency

 

The Silk Road

One of the Popular-known origins of treacherous activity on the Dark Web is “THE SILK ROAD”, also known as the “Amazon of Drugs”. The site marketed high-grade, illegal drugs. Until it was completely shut down by the FBI. Growth, Agora Marketplace, and Nucleus Marketplace are three added examples of famous black market sites.

ethical hacking course in bangalore

October 2013, FBI arrested Ross Ulbricht under the commands of being the sites pseudonymous originator “Dread Pirate Roberts”. On 6 November 2013, Silk Road 2.0 has been introduced, managed by the former administrator of Silk Road. This too was shut down and the operator was arrested on 6 November 2014 as a portion of the so-called “Operation Onymous”. Ross Ulbricht was adjudged of eight charges related to Silk Road in the U.S. Federal court in Manhattan and was convicted to life prison without the possibility of parole

A Site Similar To The Silk Road

The Farmer’s Market was a Tor Similar to Silk Road, but they never used their mood of payments using bitcoins, rather they used PayPal and The Western Union allowed permitted the law enforcement to track the route of their payments and it was consequently shut down by FBI in 2012. Many other sites already existed when silk road was locked down and it was predicted that these would take down the market that Silk Road earlier overlooked. Sites like “Atlantis”, shut down in September 2013, and Project Black Flag, concluding in October 2013, each robbed their user’s bitcoins. October 2013, site named Black Market Reloaded and was shut down temporarily due to the site’s source code was being leaked. The market of many Silk Road followers was reported by the Economist in May 2015.

Kinds Of Web

The Surface Web: Web pages that are shown up on any normal search engines outcomes. And the given search result can be found in Google search, then its 100% sure that it belongs to Surface Web The Deep Web: Any search or content which cannot be displayed in a normal search engine can’t access. Deep Web pages include all sensitive information protected by a login, a page that doesn’t have a link or a website database.

ethical hacking course in bangalore

The Dark Web: A small, unknown corner of the Deep Web that is hidden willfully from normal search. And it can be accessed by a special Web browser for users to access it.

 

Do’s And Dont’s In A Dark Web.

Do’s

  • Make sure Tor is kept up to date
  • Create a new identity when necessary
  • Use a VPN alongside Tor
  • Consider running a Tor relay
  • Use Tor for anonymous email

Dont’s

  • Go overboard with browser add-ons
  • Share your real email address
  • Search the web using Google
  • Maximize the Tor window
  • Use Tor for torrenting

 

Few Links To Access Dark Web

Name              Link                     Description
1. Dream Market            http://6khhxwj7viwe5xjm.onion/                   Drugs, Digital  Goods 
2.Silk Road                http://silkroad7rn2puhj.onion/                   Drugs, Weapons 
3.Valhalla                 http://valhallaxmn3fydu.onion/register/DpXB      Drugs 
4.WallStreet Market        http://wallstyizjhkrvmj.onion/signup             Drugs 

 

Finally, As The Wording Says

The Deeper You’ll go, The Darker it’ll get

Into one’s secret

Into the Space

Into the Web (Internet): One Universe One Rule ……

Phishing Attack | Every Thing you need to know about Phishing

ethical hacking course

What Is Phishing?

phishing is a social engineering attack to trick you into revealing your personal and confidential information. It is also a common type of cyber attack. The term phishing is commonly used to describe this artifice. There is also a good reason for the use of ph instead of f. The earliest hackers were known as phreaks. Phreaking refers to the exploration or experimenting and study of telecommunication. Phreaks and hackers have always been closely related. The ph spelling was used to link phishing frauds with these underground communities.

 

History Of Phishing And Case Studies.

A phishing technique was first ever described in detail in a paper presentation delivered to 1987
international HP user group. the first ever known phishing direct attack was attempted against a
payment system affected E-gold in June 2001 which was followed up by a “post-9/11 id check” shortly after the attack on the World Trade Center on September 11 which made a huge noise. And followed by several attacks.
The term phishing can be traced in the early 1990s via American online or AOL. where a group of hackers banded together called themselves as “The Warez Community” are considered as the first hackers. In early fraudulence, they developed an algorithm which allowed them to generate fake credit card numbers. which they would later use to attempt to make phony AOL accounts.

Case Study 1

wanna cry shuts downs business in 180 countries. it is remembered as one of the worst cyber attacks in history. This ransomware attack is suspected of having impacted more than 2,30,000 around 150

countries. The debate is still on the top whether the attack was from a suspected e-mail id or the
other phishing method used.

Case Study 2

Google docs hacked over 3 million people stopped working worldwide on May 2017 where phisher was
caught sending fraudulent emails inviting to edit Google Docs. on opening the invitations they were
brought to a tricky third-party app, where the phishers were able to access peoples Gmail accounts.

Case Study3

Facebook and Google took for $100 million after the month of this incident U.S. Department of Justice (DOJ) arrested Lithuanian man for allegedly stealing of $100 million from the two top know companies of U.S. the phishers targeted attack successfully by using phishing email by inducing employees into wiring the money to overseas bank accounts under his control.

 

Types Of Phishing   

  • Deceptive Phishing
  • Spear phishing
  • Whaling
  • Pharming

Deceptive Phishing:

Deceptive phishing is one of the most used phishing methods. In this method, the attackers attempt to gather all the confidential information from the victims. These attackers use the gathered information to steal or to launch other attacks. A fake email is been generated from a bank asking you to click a link and verify your account details.

Spear Phishing:

Spear phishing basically targets individuals instead of a large group. Attackers usually

a victim on social media and other websites so that they can customize their communication and appear more realistic Spear phishing is one of the most commonly used or the first step used to penetrate a company’s defenses and carry out an attack research their

Whaling:

whaling is a method used to attack directly senior or important individuals at an organization or a company. These attackers often spend a huge amount of time on target by gathering information. once an opportune moment is gained they launch an attack or steal login credentials. whaling attack is
only targeted on high-level executives who are able to access the confidential part of the company’s
information. This method is also known as CEO fraud.

Pharming:

pharming is as similar as a phishing attack. here the victims are directed to bogus sites through fictitious emails and to reveal their sensitive information. But in pharming, the victim does not even have to click on the link in the email. the attacker can easily infect the user’s computer or the web server and redirect it to a fake site even if the correct URL is entered.                                       

Prevention Of Phishing

  • Keep informed of phishing technique
  • Think before you click
  • Install an anti-phishing toolbar
  • Verify sites security
  • Check online account regularly
  • Keep your browser up to date

Keep Informed Of Phishing Technique:

modern phishing technique is being developed in the upcoming days. without the knowledge, you can easily fall for a phishers trap. to avoid it get regularly updated on the phishing scams as early as possible. By all these awareness u will be at a much lower risk of becoming a prey to an animal. for IT users ongoing security awareness training and simulated phishing is highly recommended for the safety of a top organization.

Think Before You Click:

It’s fine to click on a link that is on trusted sites. but clicking in a link that appears in a random email with a grammatical error and with different links is not a smart move. A phishing email may claim to be from atop institutions, company, organization etc. it may look same as the original website. but the email may ask u to fill the information through which they can access all your personal details. So think before you click.

Install An Anti-Phishing Toolbar:

Most of the internet browser can be customized with anti-phishing toolbars. This helps with a quick check of the phishing threats that you are visiting and compare them with the list of the phishing websites. if the enter or click on a phishing site or link it alerts us about it. this is one the protective layer of anti-phishing scams.

Verify Sites Security:

It’s natural to share a little sensitive financial information online. as long as we make sure that the website is secured. however to be on a safer side check the site’s URL begins with “https” and a closed lock icon near the address bar. If you are alerted by an anti-phishing tool that the site contains any malicious files, do not enter the site and never download any files from malicious websites or emails. By using a cracked software it may lead u to a phishing website which offers low-cost products. by purchasing at these websites the user financial details like debit card details etc can be accessed by cybercriminals

Check Online Account Regularly:

if you don’t visit your online account frequently or for a while, there are chances of a phishers field day with it. so it is advisable to check your online account every now and then and to have a strong password. to prevent bank phishing and credit card phishing scams, you need to personally ensure that there is no fraudulent transaction happening without your knowledge.

Keep Your Browser Up To Date:

security updates are released frequently for all popular browsers. they are released to fix the security loopholes and to face the upcoming threats. regular updates can keep you safe from phishing and other kinds of cyber attacks.

These are the few important steps to be followed to prevent yourself from phishing attacks

Social Engineering Attacks: A Complete Step by Step Guide

ethical hacking course in bangalore

SOCIAL ENGINEERING ATTACKS

What Is Social Engineering?

Social Engineering is techniques used by cybercriminals to gain your confidence to trick you giving them your personal details such as your account credentials so they can gain complete access to your accounts, device or network. these attacks can be performed anywhere where human interaction is involved. In addition, many individuals don’t easily realize the value of personal details and maybe not sure of how to protect that information from such attacks.

How Social Engineering Works?

Social Engineering Attacks are considered as the first approach in most of the attacks as its easier to exploit by your trust in someone help in discovering different ways to hack into your account, system or network.
For Example, its always considered to trick someone into giving you their password than actually  hacking  into servers and retrieve the password

Almost Every Cyber Attacks usually consist of social engineering attacks such as Phishing Email which is used to convince someone they are from a legitimate source like [email protected] or from someone trusted contacts which are usually containing an attachment with a virus which can infect your system and gain complete access to your system or network.

What Are Different Types Of Social Engineering Attacks?

Different types of Social engineering attacks that can be performed anywhere where human interaction is involved. The following below are the most popular social engineering attacks.

Phishing Attack

Phishing Attack is one of the most popular social engineering attacks types used by attackers, an attacker usually send phishing scams such as a text message or email which makes a person curious to click on malicious links or mail attachments that contain malware which give an attacker complete access to system or network of the victim.
Most Phishing attack has these characteristics such as

  • Hacker usually embedded links or Shorten links that redirect the users to the malicious link which appear legitimate.
  • Makes the user curious, fear or sense of urgency to click on the link.
  • Most Attacks Seek information Such as name, date of birth, address, phone number, bank details, OTP (One Time Password).
  • Makes the URL of website look similar to legitimate

Pretexting

Pretexting is a form of social engineering attacks where hacker mainly focuses on questions that appear to be required to confirm identity and steal personal information of the victim. Most of the scam is often pretend to be the person that they need certain bits of information from their target in order to confirm their identity.

The Hacker usually starts by establishing trust with their victim by impersonating like a Police officer, Bank authorized person or someone who have the right to know. They ask questions that are generally required to confirm the victim identity, through which they gather information about the victim for the attack.

More advanced attacks of pre-texting will target to exploit the structural weaknesses of an organization

All sorts of Information is gathered using this technique such as name, date of birth, address, phone number, bank details, OTP (One Time Password).

Unlike phishing attacks which makes the user curious, fear and sense of urgency. Here pretexting attacks depends on establishing a completely false sense of trust with the victim. This requires the hacker to build a great story that leaves no doubt to the victim about the hacker.

Baiting

Baiting is considered as much similar to phishing attacks in many ways, we can define Baiting attacks that are used for a fake promise to irritated curious victims. they tempt the user to fall for the trap so they can steal their personal information which is not just restricted to online but also Attackers can also focus on exploiting human curiosity with use of physical media.

Baiters most of the time offer an individual with free software or document files to downloads so can infect their system or network to gain complete access and steal the information required by them.

Baiting scams don’t necessarily have to be carried out in the physical world. Online forms of baiting consist of ads to a malicious website or download a file which is infected by malware.

Unusual Social Engineering Attacks

Unusual Social Engineering Attacks method is more complex methods used by an attacker to hack into system or network of the victim and gain the complete access.

  • Many different users receive a fake email that claimed to be from the Apple – asking the user to confirm their identity so they can refund amount – the email received seems from legitimate and many users got infected from this.
  • The attacker used CD to attack the victim which was trojan spyware infected. The CD disk is infected and given to victim which help to get access into different individuals and companies system or network.

 

How To Prevent Social Engineering Attacks?

To overcome the familiarity exploit, the user must be trained to not compromise familiarity with security measures. Even the people in and around familiar should prove that they have the authorization to access certain areas and information

  • To defend from intimidating circumstances attack, users must be highly trained to identify social engineering techniques that fish for the sensitive information and reject by saying no.
  • To counter any phishing techniques, many sites such as Yahoo use secured connections and encrypt data prove that what they are trained for. checking the URL may help you find fake sites. avoid responding to emails that request you for personal information
  • To tackle tailgating attacks, users must not allow others to use their security clearance to gain access to restricted areas. each user must use their own access clearance
  • To counter human curiosities, it’s better to pick up flash disks to a system admin who needs to scan for viruses or other malware on an isolated machine.
  • To tackle techniques that exploit human greed, employees must be trained not to fall to that trap.
  • Never open any emails from an untrusted source.
  • Never offers from strangers the benefit of the doubt. if they seem to be very good, they probably are phishers.
  • Lock your laptops whenever you are not at the workstation.
  • Purchase anti-virus and update it on a regular basis. No ant-virus solution can defend you 100%. It will just help you in protecting against the cyber threat.
  • Read the company’s policies terms and conditions to understand what circumstances you can let any stranger into the building.

How Can I Educate My Employees To Prevent Social Engineering?

Protection against social engineering starts with educating yourself– users must be properly trained to never click on suspicious links and always take care of their log-in credentials, even at office or home. In the events where the social tactics are successful, they are likely to result in a malware injection. To combat trojans, rootkits, and many more, It’s difficult to employ high-quality Internet security that can both eliminate infectiously and help track their source

Get your team trained on Ethical Hacking and Cyber Security by our Cyber Security Professional, Contact us for more details regarding Course Curriculum.

 

Everything You want Know About Man in The Middle Attack

What Is Man In The Middle Attack?

Man in the middle attack most importantly requires three players. First comes the victim, second comes the entity with which the victim trying to communicate, and the man in the middle. And the worst part of Man in the middle attack is that the victim has no idea of the interception.

How Precisely Does A Man-In-The-Middle Attack Work?

Let us assume you have received an email that appeared to be from your bank, asking you to log in to your account to verify your account information. As soon as you click on the link in the email and you are taken to a fraudster website where its just the replica of your original bank website, where you log in and perform the requested task by the middle man.
Man-in-middle-attack is a type of eavesdropping attack when a phisher inserts himself as a proxy into a communication session between people or system. A MITM attack exploits the conversation, transfer of other data or real-time processing. MITM attack allows a phisher to intercept, send or receive data without even the notice of the owner.

MITM Attacks: Close To You Or With Malware

Man-in-the-middle attacks come in two forms, one that involves physical proximity to the intended target, and another that involves malicious software, or malware. This second form, like our fake bank example above, is also called a man-in-the-browser attack. Attackers execute a man-in-the-middle attack in two phases — interception and decryption.

With a traditional MITM attack, attackers need access to an unsecured or poorly secured Wi-Fi router. These types of connections are generally found in public areas with free Wi-Fi hotspots, and even in some people’s homes, if they haven’t protected their network. Attackers will scan the router looking for specific vulnerabilities such as a weak password. Once attackers find a vulnerability, they’ll use tools to intercept and read the victim’s transmitted data. They then insert their tools between the victim’s computer and the websites the user visits. A successful man-in-the-middle attack does not stop at the interception. The victim’s encrypted data has to be decrypted so that the attacker can read and act upon it.

The Man-In-The-Middle Attack Is Of  Two Forms

  1. Physical proximity to the intended target
  2. Malicious software or malware (main in browser attack)

phishers execute man-in-the-middle attack in two phases interception and decryption. With a traditional MITIM attack, phishers need access to a wi-fi network, so they firstly hack into a wi-fi network. these types of network or connections are available in public areas, or even in some people’s home. If the wi-fi is not protected with strong security. Phishers will scan the router looking for a specific vulnerability such as a weak password. Once the vulnerabilities are found, phishers will use tools to intercept and read the victim’s personal data, transferred data and much more. Then a tool is inserted between the victim’s computer and the website the user visits. Any successful man-in-middle attack does not stop an interception. The victim’s encrypted data is later decrypted so that the reader can read and act accordingly to it.

Types of Man-in-the-Middle Attacks

  • Rogue Access Point
  • ARP Spoofing
  • mDNS Spoofing
  • DNS Spoofing

Rogue Access Point

Devices that are equipped with wireless cards will often try to auto connect to the network emitting the strongest signal. Attackers can set up their own wireless network and trick nearby devices to join its domain. All of the victim’s network traffic can be manipulated by the attacker. This method is so dangerous because the attacker does not even have to be on a trusted

ARP Spoofing

ARP is the Adress Resolution Protocol. It is used to project IP address to physical MAC addresses in a local network. When a host needs to communicate to a host with a given IP address, it references the ARP cache to project the IP address to a MAC address. If the address is not found, a request is made asking for the Mac address of the device with the IP address. An attacker wishing to pose as another host can respond to the request it should not be responding to its own MAC address. With some precisely placed packets, a hacker can identify the private traffic between two hosts. And extract all the confidential information, such as yielding full access to application accounts that are not accessible by everyone or exchange of session tokens.

MDNS Spoofing

Multicast DNS is similar to DNS, it’s done on a local area network (LAN) using broadcast like ARP. The local name resolution system makes the configuration of network devices extremely simple. Users don’t have to know exactly which addresses their devices is communicating. Devices such as printers, Tv’s, and other entertainment systems make use of this kind of protocol since they are connected to a trusted network. When an app needs to know the address of a device or any entertainment system. An attacker can easily slide into these kinds of the system by a fake data request instructing the system to resolve the address and here by taking control over the system. So to avoid these kinds of attacks devices keep a local cache of addresses. Which protects the devices from the attack.

DNS Spoofing

DNS Spoofing is similar ARO resolves IP address MAC addresses on a Local Area Network, DNS projects the domain name to IP address. When using a DNS spoofing attack, the attacker tries to introduce corrupt DNS cache information to a host in an attempt to access another host using their domain names, such as www.onlineshopping.com. This will lead to the victim sending sensitive information to a fraudulent host, with the trust and confidence they are sending the information to a trusted source. Attackers who have already spoofed the IP address could have will have an easier time spoofing DNS easily by resolving the address of a DNS server to the attacker address

Case Studies

A huge bust on a multinational company nabbing 49 suspects throughout Europe.
They were arrested on suspicion of using Man-in-the-Middle attack. The main motive of the attack was to intercept payment request from emails.

As Europol detailed in a statement, the raid was coordinated by Europol’s European cybercrime center (EC3), led by the Spanish National Police, Italian Polizia di Stato, the Spanish National Police and the Polish Police central Bureau of Investigation supported by Uk law enforcement bodies.
The suspects were arrested at multiple places in Italy, Poland, Spain, The UK, Georgia, and Belgium.
Police seized external hard disks, laptops, telephones, tablets, credit cards, SIM Cards, cash, memory sticks etc.

Further investigation uncovered international fraud totaling $ 68,57,730 that was recovered in a short period of time.

The team’s main targets were medium and large European company via Man-in-The-Middle attacks.
The suspects used social engineering and management and were able to insert malware or spyware onto the network of the target. Once the communication is established with the target’s device they access to the required data like emails, banking info, and many more.
The fraudsters then set up a similar transaction with the targets real site.$6.8 million

Prevention Of Man-In-The-Middle Attack.

With the arena of tools readily available to carry out attacks like Man-in-The-Middle attacks, it takes many steps to help protect yourself, your data, and your connections.

Make sure the “https” is always there on the website you visit to ensure your safety.
Be aware of tricky phishing emails from attackers asking you to update your bank info or any other login credentials.
Instead of clicking on the link provided in the emails, manually type the web addresses in the browser.
Never connect to public wi-fi without activating a VPN ( Virtual Private Network ) like Turbo VPN, Norton Secure VPN, etc. A VPN encrypts your private IP addresses provided from the local internet provider which helps in protecting your private data.
Be sure that the wi-fi you connect is completely secure.

In our rapidly growing connected world, it’s important to know the type of threats and how to be protected from those kinds of threats. So protect your devices and network with proper protection to stay safe and secure