flag

English

Eng

  • flag

    Français

  • flag

    Deutsch

  • flag

    Русский

  • flag

    简体中文

Login Sign Up
Receive SMS Reviews

English

  • Français

  • Deutsch

  • Русский

  • 简体中文

Login Sign Up

News

Social engineering in Cyber Security. How to protect yourself? OnlineSim

Jul 15 02:41:12, 2023

164

The Dangers of Social Engineering and How to Avoid Falling Victim: Part 1

According to a report by LookingGlass Cyber and ISACA, social engineering was one of the top types of cyberhacks on people and organizations in 2022. 


Moreover, IBM reports that the damage from data breaches amounts to wooshing $4.1 million. How can individuals and organizations protect themselves? While a good antivirus can save you from malicious action, it can’t keep you from social engineering.

In this article, we'll teach you everything you need to know about the common techniques used by social engineers and how to avoid falling victim. 


What is social engineering?

Social engineering is what it sounds like: instead of relying on purely technical tools, scammers go "social" and use psychological manipulation to influence you into giving up confidential information that will compromise your security. 

Common social engineering tactics are phishing (and its variations), baiting, pretexting, and using scareware:


Phishing

Social engineers may pretend to be legitimate institutions or businesses to ‘fish out” the information that they want. Phishing attacks happen via mail or email. The attackers often exploit the victim’s fears to urge them to perform a needed action without thinking twice. 

This is an example of a phishing email: 

Source: securitymetrics.com



The attackers pose as the bank representatives and request that users update their login information. The email looks a lot like a real one and seems to be sent from the official email address. Since the restriction of a bank account seems serious, many users will open the email and do what is said without questioning it. The email contains an attachment opening which will probably enable the social engineer to infect the computer. 

Phishing emails often request the user to fill in their information manually but not necessarily. Such emails may contain links that trigger the virus to install. This is often used for cryptojacking, an engineering attack that allows hackers to mine cryptocurrency using your computer’s computational power. Sometimes the emails may also contain attachments that will infect the computer upon a click and will give the attacker access to private files.

A specific case of phishing is spear-phishing, when an attacker impersonates someone the victim knows or trusts, such as a friend or colleague. This type of a social engineering attack is targeted at a particular person and is often used in corporate espionage. For example, an attacker may impersonate the boss and send an email to an employee, asking them to send back confidential files.


Baiting

Baiting is a technique that is very similar to phishing. The attacker doesn’t simply pretend to be an authority. They lure the victim to share their personal information for something enticing in return. 

This is how a baiting email looks:

Source: dummies.com



For example, in this email, cybercriminals present as Google representatives and promise users a free iPhone as a thank-you for their loyalty to Google. Like in the previous example, an engineering attack creates an artificial sense of urgency. Many people dream of having an iPhone, so it works as great bait and motivates people to click the link.

Another popular baiting attack is to leave an infected USB drive somewhere, hoping that somebody will pick it up and try to plug in their computer. The USB drive serves as bait because people are naturally curious to learn what’s on it. Installing a USB drive into a computer launches malicious software that makes the computer vulnerable to attackers.


Vhishing 

Vhising is a term coined by combining two words: voice and phishing. 20 years ago, the key to a successful voice phishing attack was to call the victim and to present as an authoritative figure they had never met. However, today, multiple examples of engineering attacks use artificial intelligence to imitate the voices of loved ones and family members.

A Twitter user has shared a story of a vhishing attack on his grandpa:

Source: Robert Schultz


Instead of sending an email, the attacker may call or leave a voice message. Most people are used to spam in their mailboxes, but they tend to lower their guard in real life. For example, an attacker may call someone and use artificial intelligence to imitate the voice of a family member who is abroad and needs $5000 wired to a particular bank account. Such high-tech technology on a daily basis is still exotic, especially for elderly people, which makes people prone to falling victim. 


Smishing

Smishing is SMS phishing. If your real phone number has been compromised, scammers may try to use it to steal your personal data. 

Here is an example of a smishing attack:

Source: secureworld.io

In SMS phishing, criminals use all the same tricks. They may present as officials or legit businesses, promise you a gift, or both. In the example above, attackers pretend to be Walmart wanting to give you a gift. They promise that it’s easy; you just need to complete a form. Taking such messages critically can help you avoid losing money or disclosing private data to people with bad intentions.


Scareware

Scareware masquerades itself as legitimate software, usually antivirus software, bombarding the user with false security or update alerts. Often, users unknowingly install it on their computers from phishing emails or malicious ads. 

The scareware warnings may be accompanied by pop-up windows, flashing lights, or other visual and audio effects designed to catch the user's attention and create a sense of urgency. 

Here is how it looks:

Source: reinforceme.com

The user is prompted to install the software that supposedly eliminates the issues. However, installing the scareware only causes further harm, for example, by enabling the attacker to steal personal files from the computer. This is why you should never open links for suspicious emails.


Pretexting

Pretexting involves the attacker to pretend to be someone else in real life, usually an authoritative figure. This is how they can get unauthorized access to your information. For example, an attacker may pose as a sociologist conducting a survey or a customer who wants more information about your product. 

Pretexting can be used to harm both regular users and corporations. This technique exploits the fact the natural desire to be helpful or comply with authorities. So it’s important for individuals and organizations to be aware of this tactic and take appropriate measures to protect themselves against it.

What are the consequences of falling victim to social engineering?

Falling victim to social engineering attacks can have devastating consequences. Here are some examples:


They'll steal your money

Social engineers who have managed to exploit your trust to get your private data can monetize it in multiple ways. They can authorize purchases from your card if they access your credit card information and/or phone number. They can also use social media to hack into your account and request to borrow money from your friends. Everything depends on the attackers’ creativity. And if your organization's financial information is disclosed, the damage can reach millions and hundreds of millions. 

In 2013-2015, Google and Facebook lost $100 million due to social engineering attack. Cybercriminals Evaldas Rimasauskas and his accomplices set up a fake company that pretended to work for Google and Facebook. They created bank accounts under the same name and sent phishing emails to employees of the tech giants, invoicing them for legitimate goods and services.


They'll steal your identity

Stealing identity means that other people can pretend to be you. For example, frauds can take a loan in your name or even commit a crime framing you. The consequences might take years for you to resolve. And in the corporate world, this type of attack can compromise whole organizations and put their future at risk.

In early 2022, a highly sophisticated phishing attack was reported by Bleeping Computer. This attack aimed to steal Office 365 credentials by impersonating the US Department of Labor (DoL). The scammers used phishing emails that were expertly written and bore the official branding of the DoL. They invited the recipients to bid on a government project and included detailed instructions in a three-page PDF, complete with a "Bid Now" button. When the button was clicked, targets were redirected to a phishing site that prompted the users to enter their Office 365 credentials. 


They'll ruin your reputation

Information stored on our gadgets is often very private, and a third party accessing it can cause much harm. Cases of hacks into phones and leaking personal pictures, for example, nudes, have become very common. An event like that can easily make you a laughing stock and harm your mental health. Similarly, if an organization falls victim to a data breach due to a social engineering attack, it can lose customer trust and confidence. 

In the summer of 2020, Twitter confirmed that it lost control over 130 accounts, including some of the most well-known individuals on the planet, such as Barack Obama, Joe Biden, and Kanye West. That has caused a significant public scandal and undermined Twitter's reputation for good.


Summing up

Social engineering attacks rely on a lack of digital hygiene and use psychological manipulation to trick individuals into sharing their information without their consent. Social engineers use various and creative attacks to exploit natural feelings of trust, fear, or greed. If you’re not prepared, it might be hard to resist these attacks. In the next article, we will tell you the steps you can take to protect yourself and your loved ones from these attacks. 

Words 1567

Characters excluding spaces 8107

Cyber attacks against companies and protection | OnlineSim

Jul 14 21:31:15, 2023

120

Part 3: Common types of attacks against companies and ways to protect against them

When hackers try to steal money from companies, they use not only phishing, MITM and malware, but also cyberattacks specifically targeted at companies.

In the previous two articles, we talked about the types of cyberattacks that target ordinary users and aim to steal their personal information, banking details and online accounts.

In this article, we describe the types of attacks that hackers launch against companies in order to steal money or sensitive information.


Data breach attacks

These are also called insider attacks. Cyberattacks of this type are only possible through the actions of company employees. It works like this: a company employee gains access to important files and steals them, sells them online as a database or uses them to blackmail the company’s management.

This type of fraud typically occurs in small businesses where employees often have access to several business accounts, so they can easily put their hands on an important file and steal it.

In 2019, a software engineer at Capital One hacked her own employer and stole $150 million from it.The hacker discovered a misconfigured web application firewall and exploited it to access the accounts and credit card applications of more than 100 million Capital One customers.


How to protect against insider attacks

First of all, the company must have a well-developed security system. Secondly, different types or levels of access must be set up for employees depending on their job responsibilities.

Companies should also train employees to recognize insider threats and understand when a hacker is trying to take advantage of them.


DNS attacks

These attacks exploit vulnerabilities in DNS servers and fall into two types:

  • DNS spoofing (aka DNS cache poisoning). In the DNS system, a real website’s address is replaced with one that leads to a fake website, so users visiting the attacked website will instead be directed to a malicious site under the attacker’s control.

  • Information compromise. By redirecting a user to a rogue IP address, an attacker can get hold of that user's personal information, often leaving the user unaware that his/her personal information has been compromised.

The attack works like this: in the DNS system, the hacker replaces the IP address of the real website with a fake one. When a user visits the website, he/she would land on the fake one and won't even notice the difference, because the address of the fake resource will be the same. 

For example, if someone substitutes the DNS record leading to www.site.com with a copy, all links pointing to that site will lead to a rogue website. The hacker would also copy the design of the original site so that the fake one does not reveal itself in any way.

This will naturally have a negative impact on the affected company's income and reputation. After all, it will lose some customers and money. The deceived users may stop using the company's services and publish negative reviews online.

There are other types of DNS fraud, but they are more complicated than the ordinary replacement of IP addresses, and it would take a separate article to explain them. But the point remains the same — the user's server takes a fake DNS record for a real one and directs the user to a rogue website.


DDoS attacks

Distributed Denial-of-Service attacks involve large amounts of traffic and requests directed by hackers to the target website to have its resources and processing capacities exhausted and thus render it inoperable.

Large amounts of traffic are generated by botnets, which are types of computer networks that simultaneously control dozens of computers. The computers in such a network are regular users’ devices infected with specialized malware.

Let's look at an example. Imagine a three-lane highway with hundreds of cars passing through it without creating any traffic jams. The road was built with an expectation of how many cars would use it during the day.

Now imagine that instead of a hundred cars, a traffic controller will direct thousands of cars on the road at the same time. The highway will be completely jammed with cars, and only a few will be able to get to their offramp and reach their destination on time. This is an analogy of what a DDoS attack looks like — a hacker sends millions of requests to the victim server and it fails to handle all of them at the same time.


A traffic jam is an analog of a distributed denial-of-service attack


There is much more to say about the types of DDoS attacks, but that would require a separate article. Here, we will give you just a general explanation.

There are several main types of DDoS attacks:

  • A traffic overflow attack is a type of an attack where hackers attempt to overwhelm a web server’s resources and use up all of its capacities. When many requests come to a website at the same time, the processing resources quickly get overloaded, for example due to frequent page updates. As a result, it generates errors because it can no longer handle the workload.

  • A volumetric attack is a type of an attack when bots send requests to a web page and wait for a response. If they generate a lot of such traffic, the responses will take longer, and at some point the server will crash. 

  • A protocol attack as a type of DDoS attack involves sending requests from different IP addresses targeting the weak points of the web server. For this attack, hackers send invalid requests to the resource, causing it to crash while trying to process them. This type of attack does not require a large botnet.

In 2020, a large-scale DDoS attack was launched against Amazon. At its peak, there was an incoming traffic rate of 2.3 terabits per second (Tbps). However, the servers still handled the load and continued to serve customers. Amazon never disclosed the actual target of the attack.


How to protect against DNS and DDoS attacks

Create backups. Back up your data at regular times and store copies in encrypted storage. The important thing is to always have copies on hand for quick deployment.

Establish a corporate response team. Train employees on how to handle DDoS attacks and how to prevent them.

Make a plan for emergency alerts. Prepare emergency notifications for customers, service providers and employees in the event of a DDoS attack.

And a few more security principles:

  • Use SSL certificates;

  • Use a reliable web hosting service;

  • activate the anti-DDoS protection from your hosting provider.


URL manipulations

Sometimes, hackers take the URLs of real websites and try to gain access to restricted pages of a resource. For example, they might go to "www.mysitename.com/admin" to log into the administration panel or type "www.yoursitename.com/.bak" to access backup files.


How to protect against URL manipulations 

Keep your administration panel protected. For this, you need to keep track of who has access to your website’s administration panel. Besides, you need to keep the administration panel hidden from cybercriminals by moving it from “mysite.com/admin” to another, less predictable location. Also, use complex passwords for your administration accounts and set up IP address filtering.

Take some steps, as follows, to ensure protection of your administration panel:

  • Make sure all requests go through the access control system

  • Deny access by default, i.e. reject all requests except those specifically allowed 

  • Follow the principle of least privilege, i.e. configure the minimum possible rights and privileges for all users, programs or processes.


Zero-day attacks

A zero-day attack is a type of fraud in which hackers find vulnerabilities in a resource's security and use them to steal information. It is so called to denote that the resource owner has only just learned about the vulnerability and has "zero days" to fix it.

Usually no one knows about the vulnerability before hackers attack, so before it is fixed, the attackers try to write malicious code and inject it into the software. Such code is also called exploit code.

In 2020, hackers launched a zero-day attack against the video communication platform Zoom. The attackers found vulnerabilities in the Zoom client for older versions of Windows and used them to remotely access users' computers. This allowed them to gain access to victim computers and control the files stored on them. 


How to protect against zero-day attacks

To protect against zero-day attacks, regular users and companies must:

Keep software and operating systems up to date. Software manufacturers always collect information about security problems and release new versions with security patches addressing those problems.

Use only the minimum required set of software. The more applications are installed on your computer(s), the greater the chance that some of them contain a vulnerability that can be exploited by hackers.

Always use a firewall. A firewall is a filter between your device and the Internet. It blocks suspicious and phishing resources that are in the security service's database. Essentially, it is a filter that lets safe traffic through and blocks suspicious traffic.

Train your employees. Sometimes, a zero-day attack occurs due to employee negligence. For example, they may install a vulnerable  application due to ignorance and thus put the company at risk. Employees’ knowledge of the basic rules of online security will help to improve the security of corporate data.

Always use an antivirus. Such software will identify possible threats and block them.


SQL injections

An SQL injection is a type of security breach where hackers gain access to a website's databases. They can change the user information contained in the databases or steal it. To know more about how hackers use JavaScript to spy on the internet and steal information, please read our dedicated article on this topic.

In 2019, a hacker stole hundreds of thousands of bank card details using SQL injections. He stole payment card information from website databases and then sold it on illegal online platforms.


XSS attacks

Cross-site scripting (XSS) is a type of security breach when Hackers inject malicious JavaScript, ActiveX, Java, VBScript, Flash or even HTML code into websites. When a user visits a site containing such malicious code, the latter runs special commands to process and copy confidential user information.

For example, malicious code of such type when it is planted on an online banking site can remember users’ login credentials for banking accounts or other confidential information.

In 2018, fraudsters attacked British Airways and stole some 380,000 bank card details.The attackers modified a script to send customer data to a malicious server with a domain name similar to that of British Airways. The fake server had an SSL certificate, so customers thought they were buying tickets on a secure site. Hackers eventually gained access to 380,000 bank card details.


CSRF attacks

Cross-site request forgery (CSRF) is a type of attack against a website launched with the help of a fraudulent site or script. It causes the user's browser to perform an unwanted action on a resource where the user is logged in. For the attack to work, the user must click on a specially crafted malicious link.

Let’s say a person has logged in to an online banking service and accidentally clicked on a fraudulent link with a request to transfer money to the attacker’s account. The bank will process the transaction without asking the customer twice, since the customer has logged in his/her bank account.


How to protect against SQL injections, XSS and CSRF attacks

Keep your websites’ code clean and secure and follow a few other rules (to protect against SQL injections). For detailed information on what should and should not be there in your website’s code and how to handle placeholders and variables, it’s better to check out what programmers have to say, so we recommend checking out specialized programming websites like StackOverflow or CodeProject.


Also, take some advice from us:

  • Disable error output. Having error output enabled on your websites is handy at the stage of site development as you have to correct mistakes. Once the site has been published online and is up and running, it’s better to have error output disabled, otherwise an attacker may be able to see what types of problems your site has and take advantage of them for his/her purposes.

  • Never publish your website code online. If you need help with your site, never show its code online, even on specialized forums like StackOverflow.

In your request for help, don't disclose your site's theme, address or hosting details. The more information about your site the attacker learns, the higher the risk of being hacked.


  • Always install the latest language versions. In the older language versions, there are more errors that cybercriminals know about. They can exploit known vulnerabilities to gain control over your website and plant malicious code in it.

In newer language versions, such vulnerabilities are always fixed, so one is unlikely to hack anything with them.

Use XSS sanitizer tools (to protect against XSS). Sanitization is cleaning your website’s code from malicious and suspicious elements. Basically, a special sanitizing type of library, such as DOM Purify, gets embedded in your site’s site code. It can remove the code that it considers insecure.

Require confirmation for user actions (to protect against CSRF attacks). For any changes to take place on the resource, such as processing a user payment, you can request additional confirmation actions. For example, you can ask the user to enter a captcha. The script won't be able to bypass such protection.  


A few more rules to protect your company against hackers

This includes:

  • Web application firewall (WAF)

  • Firewall

  • DLP

  • Email security.


Use a WAF

A web application firewall (WAF) detects and blocks website attacks. A WAF package helps to detect malicious traffic and identify attacks targeting business critical systems. Thus, a WAF package will help your company to protect from attacks against your web applications’ business logic.

Firewall

Essentially, a firewall is a barrier around your company's IT infrastructure that protects the network and prevents unauthorized access to it. Firewalls filter incoming and outgoing traffic, eliminating unwanted network connections without blocking secure requests.

DLP system

DLP systems are used in corporate networks to monitor and protect all traffic in the company. A DLP system detects unauthorized access to information, blocks attempts to transfer sensitive corporate data and enforces privacy policies.

Email security

A dedicated gateway must be configured on email servers that will filter all messages and block malicious ones, e.g. those containing malicious links or attachments.

Cyber attacks against private users and ways to protect against them OnlineSim

Jul 14 21:19:52, 2023

113

Common types of cyber attacks against private users and ways to protect against them. Part 2

In the previous article, we talked about phishing, cryptojacking and man-in-the-middle (MITM) cyber attacks.

In this article, we will discuss different types of malware and how hackers use them to steal information and money.


Before you start reading, have a look at which industries undergo the most frequent cyber attacks.

https://www.statista.com/statistics/223517/malware-infection-weekly-industries/ 


Malware

Hackers launch cyber attacks by spreading malware through email or messengers. They would typically add an accompanying text to the email telling the victim about a big win, a surprise inheritance or something else that would entice them to download and open the attached file or follow the provided link.

The attached file in most cases contains a malicious program. Even if the file appears secure and does not look like a suspicious RAR archive, it may still contain a virus. For example, a Word document may contain a malicious script written in Visual Basic, a programming language in Microsoft Office. 

When the user opens such a document, Microsoft Office would prompt him/her to run some scripts. If the user agrees, malware will be downloaded from the attackers’ website and installed on the victim computer. The malicious program will launch, scan the network and the local memory for stored files and steal, compromise or encrypt different files.

Another scenario is infection through LNK files which are commonly known as file shortcuts. In Windows, they are used as links to original files. This file type has information about the file name, location and the software with which the file can be opened.

LNK files crafted by attackers execute malicious VBScript or Powershell scripts that are embedded in them.This method helps to bypass Windows security systems and infect PCs.

PowerShell is a special Windows engine that helps to:
  • Change settings of the operating system 
  • Control services and processes 
  • Configure server roles and components 
  • Install software.
Diagram of malware propagation



Malware propagation via LNK files occurs as follows:

  • The victim user receives a phishing email with an attached ZIP archive. The archive contains a malicious LNK shortcut.

  • The user opens the archive and clicks on the shortcut, which, in turn, runs a Powershell script which downloads a malicious DLL with a malicious loader. 

  • The loader allocates an area of memory where the DLL is loaded and a specific resource is decrypted. 

There are several kinds of malware, as described below.


Rootkits

A rootkit is malware that attacks a victim computer and enables remote control over it, most often without being detected by the user or an antivirus. 

If a user installs a rootkit, the attackers can remotely launch files, steal user’s files, install other malware and control the infected computer as part of a botnet. It can also modify the software installed on the victim computer, including the software that can detect the rootkit.

Back in 2012, experts reported on the rootkit Flame which was used by hackers for carrying cyber espionage in the Middle East.Flame connected to the victim PC and launched various processes, including explorer.exe — the Windows Explorer process that can be used to open folders, copy and delete files.Besides, Flame ran other processes through which it monitored network traffic, captured screenshots and logged keystrokes. There is no exact information about how much damage the hackers have caused. It is known, however, that 80 servers on three continents were used to access the infected computers. 


Spyware

Spyware attacks victim machines and stealthily monitors user actions. Such malicious programs can collect data about the user's cyber activity, log the keystrokes, collect information about accounts, logins, passwords and financial data.

Spyware, just like rootkits, in most cases changes the security settings of PCs or browsers. It is commonly spread in combination with Trojans, using social engineering or phishing techniques.

Social engineering is a cyber security threat and method of acquiring the victim user's confidential information through psychological manipulation. The acquired information is used to withdraw money from the victim’s bank card, gain control over the victim's accounts or pressure him/her to do something.

In November 2021, Zimperium zLabs released a report in which they described a piece of spyware from South Korea that was named PhoneSpy. The malicious program infected Android devices and masqueraded as regular software, such as a yoga or messaging app. It spread with the help of phishing.When the user installed the malicious app, the spyware enabled remote control and stole information from the infected devices. Here is what the attackers did with phones using PhoneSpy:
  • Steal account credentials, photos, contact lists, call logs and messages
  • Take photos and capture videos with the devices’ front and rear cameras.
  • Download files and documents from the command-and-control (C&C) server under hackers’ control
  • View device information: IMEI, model name, device name and Android version.
It is estimated that PhoSpy infected more than 1,000 Android devices.
Permissions requested by PhoneSpy



Trojans

Trojans are a type of malware that infiltrates computers under the guise of a regular and safe application. Trojans act surreptitiously and lull the users into a false sense of security, just like the Trojan horse that was given as a present to the inhabitants of Troy in ancient Greece.

Unlike viruses and worms which spread spontaneously, a Trojan can capture information only after a user has installed it. Once downloaded and installed, Trojans can give the attackers remote access to the victim computers, steal information, such as credentials, financial data and even electronic money, or install other malicious applications. 

In 2017, the Astaroth Trojan emerged. It spread via emails containing .zip or .ini attachments and some text prompting the user to open them.The Trojan watched the victim user’s cyber activities and could steal information from the clipboard, capture keystrokes and system messages. It could also retrieve credentials for various services and financial accounts.

For a detailed technical description of how the Trojan operated, which codes and system commands it used, please see the Microsoft security writeup. Provided below is a diagram of how it worked.


Viruses

A virus is another kind of malware that can replicate itself and propagate between computers. Viruses can spread via documents, web scripts or applications. They are used for stealing information or money, creating botnets, hidden mining etc.

Melissa is an amusing example of a virus. In 1999, the virus infected thousands of computers around the world. It spread via emails with a malicious .doc attachment.The emails had the subject line “Important Message from [the sender’s username]”, and the body text read "Here is that document you asked for ... don't show anyone else ;-)". The attached .doc file contained a list of passwords for various porn websites that required memberships. The virus automatically emailed the same infected document to the first fifty people in the user's contact list and disabled several security features in Microsoft Word and Microsoft Outlook.The virus did not cause any damage to ordinary users, but it slowed down e-mail systems by overloading Microsoft Outlook and Microsoft Exchange servers. 


Worms

Worms are among the most common types of malware. They replicate by spreading their own copies across a cyber network through exploitation of operating system vulnerabilities. They are usually used to launch cyber attacks against and damage host networks through congestion of bandwidth and overloading of servers.  Sometimes, worms contain code to help steal data from computers, delete files or create botnets.

Worms propagate across networks using two mechanisms:

  • Exploitation of security vulnerabilities and administration errors in installed software. Such worms can propagate automatically by launching attacks against computers on their own.

  • Social engineering, when the attackers trick a person into running a malicious program. Such worms are most often distributed through spam mailings, social networks etc.

There is another classification of worms according to their mechanism of propagation:

  • Email worms propagate via emails

  • IM worms propagate via Facebook, Skype or WhatsApp

  • IRC worms propagate via IRC (Internet relay chat) channels. Internet relay chat is a cyber protocol that allows users to connect to the server using a dedicated client, access channels or chats and exchange messages in real time by typing them on the keyboard. 

  • Net worms or network worms propagate across networks and do not rely on the user as a link in their distribution chain.

  •  P2P worms propagate via any peer-to-peer file sharing network, such as Kazaa, Grokster, EDonkey, FastTrack or Gnutella.

2007 statistics on growth rates for different types of worms 



A prominent example is the ILOVEYOU worm that masqueraded as a love letter and propagated via email. The malicious email contained an attachment with a text file and a Visual Basic script (VBS). If the user opened the email, the script ran and stole user passwords for various services.ILOVEYOU is considered one of the first cases of social engineering used in cyber attacks. Once launched, it could automatically email itself to the victim's contacts.he worm infected more than 45 million users and caused more than $15 billion in damages.


Ransomware attacks

Ransomware is a type of malware that attacks the victim computer, blocks access to it or encrypts data on it. In order to get the computer back to its previous working state, victims are demanded to pay a ransom. 

Several hundred millions of such attacks occur per year, according to analysis by Statista.



Most of such attacks are launched via an email containing malicious links to the attackers' website. When users follow the link, they download the malware. Alternatively, the email may contain an attachment with a malicious file that will download the ransomware as soon as the user opens it.

There are two types of ransomware. A description of each type follows.


Non-encrypting ransomware

This type of malware attacks the victim computer and blocks its most basic functions, for example it can partially disable the mouse and keyboard and/or restrict access to the desktop. The computer will remain in this state until the victim user pays the ransom to the hackers' account.

Non-encrypting ransomware is not always dangerous as such malicious programs usually do not have the goal of stealing important files. Their goal is simply to block the victim device and wait for the ransom.


Encrypting ransomware

Such a malicious program attacks the victim computer and encrypts important data on it, such as personal information or photos, without affecting the computer’s operation. In this case, the hackers play on the victim's fear, as the user sees the files are physically on the computer, but cannot use them.

Files are typically encrypted using the AES algorithm with a key size of 128/196/256 bits. Such a key is practically impossible to break by direct search. Some ransomware programs use cryptographic systems with a public/private key, such as RSA.

To learn more about encryption and how it works, read the article "What is VPN and how it works".

When the files are encrypted, a window will be displayed to the victim with a text, such as "Pay the ransom within an hour, or all encrypted files will be deleted". Thus, the user will have to pay the ransom to have his/her files decrypted.

However, even when the victim has paid the ransom, there are no guarantees he/she will receive the decryption key from the attackers. So, there is a risk that the files can remain encrypted forever.

In 2017, an attackers’ group called Shadow Brokers distributed the WannaCry ransomware in more than 150 countries. When WannaCry ran on the victim computer, it exploited a vulnerability in the operating system and blocked the computer. The attackers demanded a ransom in bitcoins. About 230,000 devices around the world were affected, and the hackers managed to extract some $4 billion in ransom.
WannaCry ransom screen. Source: GDataSoftware



How to protect against malware and ransomware

Keep your software up to date. Software manufacturers always collect information about security problems and release new versions with patches addressing those problems.

Install an antivirus and have it running at all times — it will protect you against the most types of attacks, such as installing malware and following dangerous links. If someone sends you a malicious application, the antivirus will block the malware. The same goes for a malicious link — the antivirus will detect it and prevent you from following it. 

Better yet, don't download or run any suspicious files at all. Your antivirus may not detect some malicious programs until they run. Thus, they can damage some important file of the operating system and affect your computer’s operation.

Check who sends you links. Don't click on links sent by strangers or your friends without any accompanying text. If you receive a link in the name of someone you know, contact them personally and ask them what they sent. Their account may have been hacked, and spam may be sent in their name.

Also, you can check links on dedicated services like AVG Threatlabs or Kaspersky VirusDesk.

Some antiviruses block websites containing malicious code. When the user tries to visit such a resource, the antivirus will automatically prevent access to it.

Make regular backups of your system and all important files. You can copy files to physical media or in the cloud. Cloud is preferable than physical media, as it is protected from malware, breaking and similar problems.

As an option, you can set up automatic backups using third-party services, such as Redo Backup and Recovery, EASEUS Todo Backup Free or Cobian Backup. Remember, though, that cloud storage is not completely secure either — data leaks can occur there, too.

In 2014, for example, attackers distributed links to phishing sites, which users visited and gave away their passwords to various services, including iCloud.

As a result, naked photos of Jennifer Lawrence, Rihanna, and dozens of other celebrities were leaked. According to some estimates, the attackers hijacked 300 accounts in Apple iCloud and Gmail over the period from November 2013 to August 2014.

It should be also remembered that cloud services sometimes can go down, so your information in the cloud can become unavailable for some time.

5 reasons to receive SMS online | Onlinesim.io

Feb 12 15:11:40, 2021

2 308

The tech landscape changes rapidly. The number of people getting access to the internet accounts for around 60% of the planet's population. And desktop computers are no longer a primary way to get access to the internet.

Researches show that mobile usage outperformed the usage of desktop computers in terms of surfing the internet. As of 2018 showed that mobile browsing was roughly at 52% globally, while desktop was at 44%. Data for individual countries may vary.

People all around get their mobile devices with them. Everywhere in public spaces, you can hear a typical beep of new messages.

During the last decade, the numb of websites people accessed on their mobile devices has tripled.

Mobile browsing has been on the rise since 2009. On the other hand, the desktop traffic has been steadily decreasing since then.

So, if it's ok for people to receive SMS via mobile phones, why would they need to use SMS online? And SMS marketing is the first thought that comes to mind. SMS marketing is the reason for receiving SMS online rather than through cellular networks.

Online services that allow you to receive SMS online virtual number have numerous advantages. Some of them are as follows:

  • There's no need for a smartphone, and a number replaces it in terms of receiving SMS;
  • Bulk management of your SMS;
  • Getting an unlimited number of text messages;
  • There's no need to use a cellular network;
  • You can assign access to the SMS management account for others;
  • Creating accounts on social media and email services without using your personal phone numb.

Receive SMS without a phone

When you have a virtual phone number, you won't even need a physical phone. It's a sort of a fake phone numb without a physical SIM-card. You'll have to buy a virtual phone number from your online SMS provider like OnlineSIM. Using such a service is the same as using regular SMS on your mobile. But in this case, you will need neither a device nor a physical SIM-card.

You need the internet and fake numbers for SMS verification from providers of these services. No other software or hardware is required.

For instance, when you need to register another Facebook account, you won't have to buy a second SIM card and swap it all the time for your first SIM. There's no expensive service plan involved as when you purchase SIM-cards from mobile carriers.

When you buy a virtual numb, you won't have to pay for every SMS you receive, and you'll get an unlimited SMS numb for some time. In some cases, phone numbers completely replace mobile phones for business needs.

Organizations using numbers don't have to tie themselves to mobile carriers that impose expensive contracts upon their customers for using service plans. It means that multiple users can receive account verification SMS for websites using the same phone numb.

Manage several SMS messages at the same time

With the help of OnlineSIM, you can see all the text messages you received in one place. The account on the OnlineSIM website is a sort of email client for text messages. Delete or save them for further usage.

As a rule, marketing companies allow multiple employees to access text messages. So, it's essential to make it possible for various people to access the account that contains text messages.

Using OnlineSIM virtual numbers, you can allow your employees to access the text messages.

But when only one person receives text messages on his or her mobile phone, it could be a real problem when that person is not at his desk.

Online phone numb providers have their clients in the advertising and marketing industries. Customers can use such fake numbers to build up their presence on social media platforms for running ad campaigns and do other business-related tasks.

Using the services, you can:

  • Select a personal phone numb from a long list to receive SMS messages;
  • Repeat SMS messages on previously used numbers;
  • Call forwarding set up on a numb.

Virtual phone numbers have been used for quite a while, but many users still don't know how it all works. Let's fair things up a bit.

Those numbers are of a different format:

  • Urban numbers are used for communication purposes, mobile communication to be exact, and call forwarding.
  • Mobile numbers are used for receiving SMS and forwarding.
  • And the most important thing, they can be used to register on social media platforms.

Don't worry about a weak connection

Even though cellular connection strength is quite muscular in most places, it can be weaker in remote areas. It might be a challenge to receive SMS at construction sites, on the subway, or when you're traveling abroad, for instance. But in all of these situations, you might need to get your text message as soon as possible.

But with online SMS services, all you need to have is just Wi-Fi. OnlineSIM offers you an opportunity to get SMS online via a virtual numb. It allows you to access all your text messages, which you can use for registration on some websites without a cellular connection.

So, when you travel abroad and need to change a password to your Facebook, Gmail, or Twitter account, it won't be difficult with OnlineSIM.

There's another advantage of numbers. You don't have to use the phone numb of the country you're in. There are foreign country phones available as well.

Privacy

When people register on an online platform, be it social media, email, gaming service, or an e-commerce platform, they tell these services their personal phone numbers. And these companies can send you any annoying information offering their new products, service plans and the like.

But with a virtual phone numb, you can forget about receiving such ads in SMS since it's all in your online account, which you can visit when you need to.

There're solid reasons for not sharing your private phone numbers with any company on the internet, given the recent data mistreatment cases. For example, WhatsApp is an encrypted messaging app that pitches itself as a privacy-focused instant messaging service. Nevertheless, it started to force its users to share their personal data with WhatsApp's parent company. In its statement, people who manage WhatsApp said that users have to agree to share their unique phone numbers, contacts, and locations with Facebook, a WhatsApp parent company. For not doing so, users won't be able to use the service.

Such an event resulted in calls to users to change from WhatsApp to other messaging apps like Telegram.

In recent years, Facebook had numerous data breaches. In 2019 about 50 million Instagram users and more than 400 million Facebook users were exposed by hackers, their contact details were stored in online databases. Anyone on the internet could have accessed those databases online without a password needed. Perpetrators could have used those phone numbers for spam or phishing purposes.

The Facebook-Cambridge Analytica scandal happened because the personal information of millions of Facebook users was sent by the Cambridge Analytica company allegedly for political advertising campaigns.

OnlineSIM company allows you to bypass SMS verification online.

Why do you have to choose OnlineSIM?

OnlineSIM allows its users to receive text messages when registering on various online services, like social media platforms. To create an account on OnlineSIM, you won't even have to confirm your email address.

This is the service to privately register on various services and mobile apps.

To be clear, when you need to create an additional Facebook profile, log in to Online SIM, select Facebook, copy a given virtual numb and paste it to the registration form on Facebook.

After that, you'll receive a verification code text message in your account. You will then have to copy your code and paste it to the Facebook page to complete your account activation.

You can choose any country, including Russia, Ukraine, Philippines, Britain, Finland, Latvia, Netherlands, Sweden, or Poland. You can even get a fake US mobile number for SMS verification purposes.

In your account on the OnlineSIM website, go to the SMS Message Receiving section. Then, select the type of service you're going to use. There are two types of service – Rent phone numb and Free virtual numb. The latter option allows you to use your number from 10 minutes to an hour. The exact time depends on the particular country.

Freephone numbers allow its users to get an unlimited numb of messages but only from one selected website or app. When you rent a virtual number, you get phone capabilities with a specified renting time – from one day to as long as you wish to pay for. Renting your virtual numb allows you to receive unlimited text messages from any website or app.

Sometimes when you've ordered a phone number, your SMS might never appear. Such situations happen because of several reasons. For instance, the website that was to send you a message could have had some tech issue. In such cases, your money will be returned, and you could order another phone number.

What is SMS in 2021? | Onlinesim.io

Feb 12 14:51:19, 2021

2 110

The first SMS was sent in 1992, and it didn't change much since then, though. The basics of text messages remain the same.

SMS is still relevant as a communication tool these days, and we'll tell you why it is. A marketing paradox has come to the force: the more means become available to reach people, the harder it gets to do so.

SMS returns as a reliable marketing channel

We run more and more ad campaigns on social media, sending emails creating more ad copies to reach out. For instance, Twitter users post hundreds of millions of tweets daily.

Customer acquisition costs money since there hasn't been a useful marketing tool created lately. Digital marketers use the same old techniques to reach people they had used a decade ago.

What about SMS? It's an old-school marketing channel. Companies have been sending ads via SMS since the early noughties. But it is becoming more and more popular these days. Companies search for some new ways of reaching their customers and eventually get back to text messages. The research shows that receiving a message or letter from a brand is something people expect for.

Let's figure out why it happens.

The use cases for SMS

SMS marketing. SMS is a sort of a versatile tool. Fintech companies use SMS to show their customers tips on saving money. There are millions of clients of such companies, hence millions of text messages.

So SMS can become a primary communication channel for some brands and generate big money for them. The reports show that more than half of companies will be heavily investing in their text marketing this year.

A large majority of companies will shell out on SMS marketing in 2021. So text messages don't look outdated now. It's like a recurring trend.

There are good chances that your customers have a mobile phone. Even though most people use their devices for calls and social media, some of them send and receive text messages from fake number.

Users don't ignore text messages. People get hundreds of marketing messages every day – be it Facebook or TV commercials. The ad fatigue grows, and it gets difficult for marketers to get their message across. But SMS messages are guaranteed to be read. An average SMS burner campaign gets a 45% of conversion rate. An average open rate tends to 100% to draw a comparison. CTR is about 20%.

But the drawback of email marketing is that SMS messages are short and only contain 136 characters per message. And you cannot pack a lot of information into it.

Text messages are used for account verification

Online companies, from Google and Facebook to Amazon, send text messages to confirm user registration via SMS verification messages.

They also use SMS for password recovery purposes. When people add their phone numbers to their accounts, online service then can send an SMS, should they forget their passwords.

It's a part of a two-step verification method along with a password. The codes users receive in SMS act like an additional layer of security. So, it makes your social media and email accounts more secure.

Some online platforms might use it to avoid bot activity. When you register an account on Google, the service sends you a code to make sure you're not a bot of a sort.

They also send confirmation codes to verify the identity, not allow a perpetrator to use your account. And avoid in this way stealing your identity and other data.

Text messages for transaction confirmation

Text messages are used for authorization of individual transactions. Payment services like Visa and Mastercard send customers messages when purchasing or paying for using some services. So, in this way, SMS is used as a way of protection. Financial services also use SMS for financial alerts.

1. There is a lot of evidence why SMS is still important

So, we've listed the factors that contribute to the importance of SMS. In terms of marketing, traditional marketing channels continue to decline. People are bombarded by ads on social media and other online places. That's why brands get back to basics: return to the tried and tested method of sending SMS newsletters to their customers. As already mentioned, another factor is security. Online services cannot do without SMS to confirm users. In turn, it's convenient for users to get back access to their accounts using text messages since their phones are always at hand.

2. Use virtual phone numbers for registration

You don't have to use your personal phone number to register another email on Google or a second user profile on Facebook. There are online services that allow you to register accounts using virtual numbers, sending and receiving text messages from fake numbers. One of the best services to do it is OnlineSIM. You can use this company's virtual numbers to receive an SMS for free for your second social media account, for instance. Use a free phone number receive text message.

Just copy a number you received in your account on OnlineSIM and paste it to the registration page on a social media app or another online service like Steam. Then you'll get SMS messages in your OnlineSIM account. Copy it to the registration page. And that's it. You are done. Now you can use your other account. There's no need to buy another SIM-card and pay a monthly fee.

OnlineSIM company has proprietary software with SIM cards, which allows its users to see confirmation codes in their accounts on the website. In this way, you can register on Facebook, Instagram, WhatsApp, WeChat, Viber, Yahoo, Gmail, Uber, Tinder, and the likes.

What about security?

When you select a country and a phone number, you can use it for some time, from 10 minutes to an hour; the exact time depends on the chosen country. This short-term phone number rent allows you to get an unlimited number of text messages and only from the selected online service. So, if somebody has registered on Facebook using a number in question before, you won't be able to register on the service using the same number again. You can get some other phone numbers.

There's also a long term number rent option, which allows you to use your virtual number for one day and more. You can buy a longer-term period. Using this option, you can get an unlimited SMS from any online service during a given time.

Conclusion

SMS is still relevant as a communication tool nowadays. It's an old-school marketing channel. Companies have been sending ads via SMS for many years. SMS returns as a reliable marketing channel, and text messages more popular for transaction confirmation. All your SMS can be protected if you choose an OnlineSim service. Find out why in our material.