Study Opportunities' Blog
We all take a lot of time and effort to teach our learners about Phishing - and about the more specialised, targeted "Spear Phishing" version of this type of attack. Well, it's time we added "Whaling" to that repertoire.
The term 'Whale' is often used in IT - and in business in general. A 'Whale' is generally a big spending customer - for example in all those 'free' games that you find available on mobile devices you are able to buy 'coins' or 'stars' or 'points' or something that will make it easier to progress through the game faster. Most people do not spend real money on these in game currencies - but there is a select group of users that do buy them - and they buy large. They are usually called 'Whales' - and they are where these companies make their money. Before science was sufficiently advanced whales were simply regarded as another type of fish - the biggest fish in the sea. So they are the biggest Phish for Phishers to focus their attention on as well. In the world of cybercrime a whale is typically a high level business person (CEO, COO, CFO, CTO = 'C' level executive, someone with 'Chief' in their title), politicians or celebrities.
The Whale phisher typically sends an urgent e-mail from a trusted colleague / business partner requesting urgent payment for some critical aspect of the business. The CEO then gives the order that payment be made, short-circuiting the usual paperwork... The phisher scores big. In May this year an Austrian aircraft company lost nearly € 41 Million (more than R 645 000 000) to a Whaling attack. The CEO and CFO lost their jobs. Read about it here.
MyBroadband.co.za has a story on Whaling and some tips from the FBI about how to avoid such attacks, whilst Social-Engineer.com asks 'Why go after minnows when you can catch a Big Phish?'. Finally CSOonline.com has got some examples of scams that CEOs could fall for (especially the spoofed 'from' addresses that rely on similar looking mis-spellings to seem as if they are from a valid source) - if you can stand their irritating multi-page slideshow format.
Fighting back against RansomWare
A great resource for learning about, identifying and fighting Ransomware is nomoreransom.org. They even have tools that will decrypt certain types of Ransomware attacks. A great resource for teaching about this type of malware.
Watch out for that cheap wireless keyboard
You better watch out, you better beware, Keysniffer is already in town.
Armed with a bit of smarts and a wireless dongle that costs less than R200 a hacker can not only intercept whatever you type on your keyboard (without even having to install key logging malware on your computer) from up to 70 m away, but they can also insert their own keystrokes to change whatever you are typing.
How is this possible? Well, makers of cheap wireless keyboards (those that use their own wi-fi dongle instead of Bluetooth) let the communication between the keyboard and the computer take place without encryption (or with poor encryption). Why? Because its cheaper and cheaper = lower price or more profits or both. Wired magazine has the lowdown on this new hacking exploit.
There is no such thing as anonymity or privacy on the web
Keep on telling your learners this fact. Repeat it until they think you are a stuck record. For those that say that they are savvy and have the skillz and the toolz to keep private - point out to them that the TOR browser and account they are using is probably compromised. Researchers recently found over 100 TOR nodes that were spying on their users... Tell them to read the article at The Hacker News. Then point out that the web is a large, wild, ungoverned place which is about as tough and secure as a bag made of wet toilet paper. They need to always assume that most of what you do, create, store, collect, download electronically is traceable and watchable and has probably been intercepted by someone somewhere.
A general Resource for all
The World Digital Library is a resource created by the US Library of Congress with support from UNESCO. It contains many digitised images, texts and maps that are interesting to browse through but could also be valuable resources for the History / Geography teachers at your school.
Building at 225 bricks per hour
3DPrint.com has an article about an Australian company which has created a robot that can lay 225 bricks in an hour - as much as a human does in half a day. Basically a truck loaded with bricks arrives at the building site, extends a robotic arm and starts laying the bricks according to the design programmed into it from a CAD model. There's a time lapse video of the robot at work near the end of the article.
That's it for this week.
086 293 2702
012 565 6469
Copyright Study Opportunities 2016 - 2021. All rights reserved.