A Guide to How Hackers Hack

You have surely heard of hackers, but do you really know how they work? Hackers are well known for being bad guys, though there are certainly good hackers out there too. Here’s a brief guide to help you understand how a hacker can hack:

Directions for Hacking are Easy to Come By

Hackers don’t have to look far for help, especially if they don’t know much about hacking. First is a well-known website known as Kali Linux. It has a ton of tools available for hackers, and the site features many links to other hacking resources. Of course, people who want to hack often go to YouTube, and there are more than 300,000 videos there that teach people how to hack. There are also thousands of other websites out there with easy to follow hacking instructions, and you can find them in about a minute.

Software is Easy to Find, too

Directions for hacking is one part of it, but there is also software available that makes the job of hacking quite easy. Here are some of the options available:

  • Cain & Able – This tool helps a hacker intercept traffic on a network, and then can use that information to get passwords, which helps them get into accounts. More than 400,000 people have downloaded this software.
  • Burp Suite – Hackers use this tool to map out the structure and pages of a website, and then they use the information to attack the site.
  • John the Ripper – People use this tool for dictionary attacks. Basically, it takes text strings, encrypts them, and then uses the information for an attack.
  • Angry IP Scanner – This is a free tool that allows the user to scan a network for open ports. Once they find one, they can easily gain access.

Hackers Also Use Hardware

In addition to downloading software for hacking, it’s also possible for hackers to use hardware. One is called Wi-Fi Pineapple, which is a small, portable object that the hacker can use with any hotspot. They use it to find a laptop that is searching for an access point. Once the Pineapple sees an open connection, the hacker can read texts, emails, and see what websites you are viewing.

Protect Yourself from Hacks

There are many things that you can do to protect yourself from hackers. First, make sure you are using an encrypted website, one with HTTPS instead of HTTP in the address. Also, consider using a VPN when browsing. This encrypts your data so a hacker cannot read it. There’s a ton more to do. Go here: https://safr.me/blog/

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

SIM Swapping: What You Need to Know

Have you heard of SIM swapping? It’s a new trick that hackers are using to get money and mess up your life.

What is SIM Swapping?

So, what is SIM swapping? It’s when a hacker tricks your cell phone company into thinking that you have activated your SIM card on another phone. In other words, the hackers are taking your phone number and then associating it with a different SIM card. If the switch is a success, your device will be deactivated, and all of your phones, texts, data, and more will come to the hacker. This means, of course, that the hacker could get access to any account, including your bank account, and could even totally lock you out of your accounts.

How the SIM Swap Scam is Identified

A hacker doesn’t need your device to do a SIM swap. It can all be done remotely, as long as they can convince your service provider to do it. How do they convince your service provider? They give them information about you, such as your birthday, Social Security number, or account number. They can easily get this information from your mail, email, or account.

So, how do you know if you have been the target of a SIM swap? Generally, it’s when you see weird behavior from your phone, like the inability to send texts or make calls for no reason.

Preventing a SIM Swap

There are a number of things that you can do to prevent a SIM swap. Here are some tips:

  • Start with your online mobile account –Bad guys accessing your online mobile account can own you easily. Set up two factor and use a hard to crack
  • Watch for Phishing – Most scammers get the information they need to SIM swap by using phishing emails. These are fake emails that are sent to potential victims, and might have weird links, fake login screens, or other methods for tricking people into giving up their info.
  • Don’t Share Your Info Online – Another thing to do is to watch what you share online. Scammers can also get information from what people share with others on social media, etc.
  • Protect Your Accounts – Check all of your accounts for security and consider doing things like setting up two-factor authentication, hard to guess passwords, and think about unlinking your phone from your accounts.

Are You a Victim of a SIM Swap?

If you are a victim of a SIM swap, there are certain things you can do:

  • Contact law enforcement, your bank, the three credit bureaus, and your cell phone provider.
  • Change all of your passwords, especially Venmo, PayPal, and any account that is tied to your phone number. Make sure that confirmations are NOT sent to your phone number.
  • If, for any reason, you cannot log into your account, you should contact customer service of the company ASAP and give them a heads up about what happened.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

Louisiana Woman Tries to Buy a Million Dollar Home with False Documents

Have you ever seen a house and thought…I wish I could afford that? Some people actually try it, but let this story be a lesson learned: if you can’t afford the cost of a house, you probably shouldn’t try to buy it.

Robert Siciliano Marriott Breach

Pamela Chandler was arrested and now faces forgery charges after she tried to purchase a home with a million-dollar price tag. How did she do it? She used false documents. Chandler, who also goes as Pamela Goldwyn, was arrested by a special Financial Crimes Task Force in Bossier City, LA. She also has several warrants out for her in Texas with crimes including fraud and the exploitation of certain groups of people including children, the elderly or the disabled. She was booked in jail and was not given a bond, as she is a flight risk.

According to court records, Chandler, who lists her age as 47, has a permanent address in Athens, Texas, but also has addresses in Maryland and Louisiana. A local Bossier City realtor reported her to local law officials after she tried to use illegitimate paperwork to buy the home. She claimed to have a trust fund, but the paperwork just didn’t add up. As the task force began to investigate the situation, it was found that she had also altered a letter from a layer to try to convince the realtor that she had enough in this fake trust fund to buy the home. It was also discovered that she had used a number of aliases over the years. It is believed that she uses an alias in a specific area until law enforcement catches on to her scams, and then changes her name and moves to a new area.

Much of the problem here can be blamed on easily obtained fake IDs. The fact is, our existing identification systems are insufficiently secure, and our identifying documents are easily copied. Anyone with a computer, scanner and printer can recreate an ID. Outdated systems exasperate the problem by making it too easy to obtain a real ID at the DMV, with either legitimate or falsified information.

Some of the department of multivehicle new requirements of improving facial recognition include not smiling for your picture or smile as long as you keep your lips together. Other requirements meant to aid the facial recognition software include keeping your head upright (not tilted), not wearing eyeglasses in the photo, not wearing head coverings, and keeping your hair from obscuring your forehead, eyebrows, eyes, or ears.

The fact is, identity theft is a big problem due to a systematic lack of effective identification and is going to continue to be a problem until further notice. In the meantime it is up to you to protect yourself. The best defense from new account fraud is identity theft protection.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

Fake Emails are Becoming a Major Issue for Businesses

You might be surprised to know that more than 3.4 billion fake emails are sent around the globe each day. What does this mean? It means that almost every company out there is vulnerable to cybercrimes in the form of “spoofing” and “phishing.” On top of this, most companies out there have not protected themselves from this type of cyber attack. What’s even more interesting is that the vast majority of these emails are not coming from some foreign land, but they are coming from sources based in the US.

This all sounds pretty dreary, but it’s not all bad. Research is showing that many industries in the US are making strides against these fake emails, though some are working harder than others.

To get the data for this research, companies like Valimail is using data from internal analysis of billions of different email authentication requests. The company also used almost 20 million public records about email to publish its report.

This report shows that email impersonation, which made up 1.2 percent of all emails sent during the first quarter of 2019, is the favorite weapon of cyber criminals to get access to a network. They also try to get access to sensitive information and intellectual property.

Fake emails are a problem, and they are not blocked by cybersecurity defenses that are traditionally used.

These fake emails are one of the biggest sources of cyberattacks. As more businesses recognize email vulnerabilities, organizations should start using authentication technology to protect against fraudulent and untrustworthy senders.

The fact is this: too many cybercriminals are using fake emails to get through these defenses, and better methods to identify senders is needed to make sure that email is more trustworthy both now and in the future.

Protect Yourself

  • The e-mails usually contain at least one link they want you to click. Hover your mouse to see what the URL is. It may appear legit, but note the “http” part.
  • Reputable sites for giant businesses, such as Microsoft and PayPal, will have an “https” in their URL. The phishing link’s URL will usually not have the “s.”
  • A big red flag is if there are typos or poorly constructed sentences, but a phishing e-mail may also have flawless text.
  • Don’t be fooled by company logos, stock imagery, privacy policies, phone numbers and other formalities in the message field. It’s so easy for a hacker to put these elements in there.
  • Be leery of warnings or alerts that don’t sound right. Gee, why would your account be “in danger of being suspended”?

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.