If one day you receive an email from your bank confirming your transaction that you never did, it is possibly after someone has happily spying on you. They read every texts you type.
There are some ways that I can remember on how these bad programs end up on your PC:
1. You have install some programs called freeware or shareware or any other wares that doing something in the background.
2. You have visited some websites that asked you to install something and you just click “Yes”.
3. You have downloaded an evaluation copy of a good software and later find the unlock key from bad sites and run the patch program.
4. You have received some cool games in emails and immediately install all of them.
5. You have followed a link in an email and do some installations.
6. You are looking here and there for a spyware remover and found a web claiming to be able to remove all kind of spywares and install the remover happily.
7. You have visited some sexy websites and install the free screen savers.
Bla bla… there are a lot more ways to get you infected. The best way to get rid of these (if you get confused now) is reformatting the PC and use only that PC for online bankings or tradings. Be sure not to share it with anyone else.
Hold CTRL+SHIFT+ALT+F7 until a text input box appears and then enter the cheat you want.
Cheat Code Effect
/big big people
/bridge the bridges raise and lower quickly
/damage turns damage back on
/dizzy makes the sky wacky
/fuzz turns on the police radar
/grav drive with half gravity
/nodamage turns off car damage
/nosmoke turns off wheel & damage smoke
/postal when pressing horn vehicle fires post boxes
/smoke turns on wheel & damage smoke
/swap the train turns into planes
/tiny tiny people
/ufo planes turn into ufos
..
According to Methods of Hacking: Social Engineering, a paper by Rick Nelson, the three parts of reverse social engineering attacks are sabotage, advertising, and assisting. The hacker sabotages a network, causing a problem arise. That hacker then advertises that he is the appropriate contact to fix the problem, and then, when he comes to fix the network problem, he requests certain bits of information from the employees and gets what he really came for. They never know it was a hacker, because their network problem goes away and everyone is happy.
References
Ameritech Consumer Information “Social Engineering Fraud,”
http://www.ameritech.com/content/0,3086,92,00.html
Anonymous “Social engineering: examples and countermeasures from the real-world,” Computer Security Institute
http://www.gocsi.com/soceng.htm
Arthurs, Wendy: “A Proactive Defence to Social Engineering,” SANS Institute, August 2, 2001.
http://www.sans.org/infosecFAQ/social/defence.htm
Berg, Al: “Al Berg Cracking a Social Engineer,” by, LAN Times Nov. 6, 1995.
http://packetstorm.decepticons.org/docs/social-engineering/soc_eng2.html
Bernz 1: “Bernz’s Social Engineering Intro Page”
http://packetstorm.decepticons.org/docs/social-engineering/socintro.html
Bernz 2: “The complete Social Engineering FAQ!”
http://packetstorm.decepticons.org/docs/social-engineering/socialen.txt
The most prevalent type of social engineering attack is conducted by phone. A hacker will call up and imitate someone in a position of authority or relevance and gradually pull information out of the user. Help desks are particularly prone to this type of attack. Hackers are able to pretend they are calling from inside the corporation by playing tricks on the PBX or the company operator, so caller-ID is not always the best defense. Here’s a classic PBX trick, care of the Computer Security Institute: “’Hi, I’m your AT&T rep, I’m stuck on a pole. I need you to punch a bunch of buttons for me.’”
And here’s an even better one: “They’ll call you in the middle of the night: ‘Have you been calling Egypt for the last six hours?’ ‘No.’ And they’ll say, ‘well, we have a call that’s actually active right now, it’s on your calling card and it’s to Egypt and as a matter of fact, you’ve got about $2,000 worth of charges from somebody using your card. You’re responsible for the $2,000, you have to pay that...’ They’ll say, ‘I’m putting my job on the line by getting rid of this $2,000 charge for you. But you need to read off that AT&T card number and PIN and then I’ll get rid of the charge for you.’ People fall for it.” (Computer Security Institute).
Help desks are particularly vulnerable because they are in place specifically to help, a fact that may be exploited by people who are trying to gain illicit information. Help desk employees are trained to be friendly and give out information, so this is a gold mine for social engineering. Most help desk employees are minimally educated in the area of security and get paid peanuts, so they tend to just answer questions and go on to the next phone call. This can create a huge security hole.
The facilitator of a live Computer Security Institute demonstration, neatly illustrated the vulnerability of help desks when he “dialed up a phone company, got transferred around, and reached the help desk. ‘Who’s the supervisor on duty tonight?’ ‘Oh, it’s Betty.’ ‘Let me talk to Betty.’ [He’s transferred.] ‘Hi Betty, having a bad day?’ ‘No, why?...Your systems are down.’ She said, ‘my systems aren’t down, we’re running fine.’ He said, ‘you better sign off.’ She signed off. He said, ‘now sign on again.’ She signed on again. He said, ‘we didn’t even show a blip, we show no change.’ He said, ‘sign off again.’ She did. ‘Betty, I’m going to have to sign on as you here to figure out what’s happening with your ID. Let me have your user ID and password.’ So this senior supervisor at the Help Desk tells him her user ID and password.” Brilliant.
A variation on the phone theme is the pay phone or ATM. Hackers really do shoulder surf and obtain credit card numbers and PINs this way. (It happened to a friend of mine in a large US airport.) People always stand around phone booths at airports, so this is a place to be extra cautious.
...I'm Praveen Kumar
From Hyderabad, AP, India
My profile
----------------------------------
Posts
----------------------------------
----------------------------------
Labels
----------------------------------
Etc
----------------------------------
Archive
December 2006
March 2007
----------------------------------
Links
Network Tricks
Fun on Internet
Credit Card Processing
Domain Name Register
Make Money Online