Hacked; The technologically unrelated users, is the favorite target of hackers, according to the data concerning the actions of the crime with targeted corporate espionage attacks.
As we have seen in many recent high-profile goals, hackers have penetrated and are starting to pull data for long enough times, sometimes because a person clicked wrong at the right time.
Many times, the fatal points of entry into a system are created by people who have no idea what is going on, unrelated technology employees (or even executives) who serve because they are unsuspecting and open the door to malicious users.
Of course, every employee can not be fully technically trained, and this is worrying at a time when attacks are continuous, and business security goes home, with the growing BYOD trend.
What you can do if you have a company, or if you do not want to be an easy victim, is to learn the top ways that malicious attackers use.
Banking and corporate burglaries
We've heard of targets like JP Morgan Chase, Verizon, Home Depot… the list goes on. The summary of the report Identity Theft Research Center's 2014 (PDF) outlines a worrying picture of 2014. To date, there have been 606 known (reported) major violations and 77.577.208 entries have been stolen.
Banking, and the financial sector has seen 24 violations so far, with 1.172.320 records being leaked. Businesses have 211 violations with 64.407.359 records being stolen. Medical / Health sectors have also been hit hard this year with 259 successful hacking and 7.151.542 records have been intercepted.
Her report RAND about the black market of hackers, it states that the archives these are used in many ways. Identity theft, and records are collected in databases used for spear-phishing and other targeted attacks … and the cycle begins again.
Hacking in third party applications
Access to online content for mobile users is primarily through two companies. Through apps from Apple AppStore and via Google Chrome Store.
Ask most Android users what malware they have on their device, and they will likely look at you with a questioning look - despite the fact that 97% of the mobile malware and trojans on the market are made for Android. THE F-Secure Mobile Threat Report Q1 2014 (PDF) was a coolness in terms of how vulnerable the attacks are to typical users, and how it can be spread through applications to businesses.
Repeated reports of Snapchat hacking are not surprising. The growing evidence shows that the decision makers have not put the user's safety first. How many other such apps exist in Stores of Big Companies?
Even if there are apps well made (as much as possible) as the Facebook app, there will always be apps that will be easy to drop, especially if they are used by unrelated users.
Phishing, phishing and phishing
Phishing is an incredibly popular attack - because it simply works. Today's typical phishing attack comes with an emailed or hidden text message to look innocent. Its purpose is to trick users into making a wrong click on a link or downloading an attachment or image.
Οι διευθύνσεις URL του μηνύματος μπορεί να φαίνονται σωστές, ή σχεδόν-σωστές, ή να είναι σωστές, αλλά ανακατευθύνουν σε μολυσμένες ιστοσελίδες και περιεχόμενο. Μερικές φορές οι σελίδες φιλοξενούνται στον κεντρικό υπολογιστή της realς ιστοσελίδας, αλλά έχουν ήδη παραβιαστεί για να διανέμουν μολυσμένο περιεχόμενο.
These attacks usually use popular trends by sending news headlines. Another technique is an email that seems to come from a friend or colleague, and it contains a malicious link, or a malicious attachment.
Remember that you will NEVER receive an email from a bank asking you to change your sensitive information online. If you want to do it go directly to the website or to the Bank itself: Do not click on links that come in emails.
Social engineering or Social engineering
Social engineering or social engineering is not uncommonly technical, and in the last few months it has been revealed to the general public that social engineering attacks are much more than previously believed.
Too many technically irrelevant users expose their personal information easily, and they do not know it - nor can they link to how hackers can exploit that information.
Many people do not know that information such as home address, phone number and their family names are available for purchase on the so-called People Finder websites, which is a gold mine for Social Engineering.
Bad password practices
Breaking passwords is still one of the top ways hackers use to tamper with systems, or websites.
Most people:
They leave someone next to them when they enter a password
They use the same code everywhere, or they do codeof access that is easy to guess
They can be deceived and tell their password to an "expert"
They do not use passwords on mobile phones, tablets and computers
They don't use one Password manager
The recent Dropbox name and password leak was a wake-up reminder that databases containing passwords can be hacked at any time.
Malvertisements
2014 started with an attack on ads. In January, it was discovered that hundreds of thousands of Yahoo! they came in contact with malware that had infected the ads.
Dutch security company IT Fox said, “Customers visiting yahoo.com received ads served by ads.yahoo.com. "Some of the ads are malicious." After the analysis, Fox said that the malicious payload went to about 300.000 visitors per hour.
Attacks on unsuspecting users and internet users through infected ads have risen sharply.
It's no coincidence that Facebook has just doubled bug bounty to find bugs in ads.
Posted by Violet Blue at ZDNet