Log in
Log in

The Evolution of the Cyberattacks. New platforms, new methods

By Sara DoradoIn Articles, Cyber Insider News, Cyberpsychology, Employee Cyber RiskPosted
La Evolución de los Ataques en Internet 1
Image by Gerd Altmann on Pixabay

If we are walking down the street and someone approaches us with a supposed winning lottery coupon saying that they cannot cash it and that they are looking for someone to buy it from them, so they can at least recover some of the prize money, we are likely to completely doubt the person’s intentions. This scam is not the only deception attempt that society has become accustomed to over time.

There are a lot of other examples and, although different variants have been developed, the operation of all of them is essentially always the same. Even though knowing them does not completely eliminate the fraudsters’ chances of success, it does greatly limit the effectiveness of these techniques.

Something similar happens with certain fraudulent messages that circulate through the Internet. Nowadays it is very rare not to have heard of the Nigerian Scam, in which a supposed prince of that region contacts us by email to, in one way or another, share his wealth with us; or not to have seen the announcement of the million euros that we have just won for having been the one millionth visitor in a web site we have just accessed.

When we receive messages of this type, although it does not happen in all cases, the normal thing is that all our alarms go off and we doubt their legitimacy. However, cyberspace presents a great difference compared to the physical environment: its dynamism and constant innovation. New applications or platforms are launched every day and, although the most successful ones can stay afloat for years, such as is the case of Twitter, Instagram, WhatsApp or LinkedIn, the truth is that others are not so lucky. Moreover, the normal thing for an application is to be deleted only a few days after it has been downloaded.

Since each of these spaces involves a different means with a specific type of interaction, the scams or types of deception in each of them will also be different. This gives rise to a wide range of possibilities to which society is no longer so accustomed. In addition, the fact that new platforms, applications or functionalities emerge every little while means a source of threats that can go completely unnoticed, increasing the chances of falling into them.

All these attacks are part of Social Engineering techniques, the aim of which is to hack people or, more simply, to deceive them in order to obtain economic benefit or certain, often sensitive, information. The following are examples of how these attacks are carried out on the most used platforms currently.

WHATSAPP

There are many ways by which attacks are executed through this social network. Two main methods can be distinguished: message chains and targeted attacks. This difference can be seen as a reflection of phishing and spear phishing attacks that occur in email.

La Evolución de los Ataques en Internet 2
Photo by Anton on Pexels

The attackers behind WhatsApp message chains, as in the case of phishing, do not have a defined target, they do not want to deceive a specific person. What they are looking for is for their message to spread to as many individuals as possible so that, statistically, someone will end up falling into the trap.

Messages advertising discount vouchers for restaurants or fast food establishments; coupons worth a certain amount to buy in supermarkets; or the announcement that, because of the confinement due to the Coronavirus, Netflix is giving away free passes for one year. These are just a few examples and, since they take advantage of new situations at the social level to adapt their messages, we should never let our guard down.

On the other hand, the goal of targeted attacks, as in spear phishing, is to get a specific person to take the bait. The objective is to take control of their WhatsApp account. To enable the sessions of this application on a device, it is necessary to enter a numerical code that is sent via text message to the phone in question.

The attackers will contact the victim under the pretext that they have mistakenly sent a code to that phone number and will ask if they can resend it to them. They may even pose as WhatsApp technical support saying they need the numbers to verify the account.

INSTAGRAM

The main use of this platform is to share our experiences with others. To do so, we upload photos or videos that may contain background music, which we do not have the rights to. Taking advantage of this, one of the main attacks that takes place through this social network is the sending of an email warning that the account will be closed due to the violation of the intellectual property law.
La Evolución de los Ataques en Internet 3
Photo by energepic.com on Pexels

However, they leave the option for the user to show disagreement with this action through a questionnaire in which, among other things, they must enter their login data. This is where the scam lies. If the user accesses and falls victim to this message, their account will be compromised. Moreover, if they used the same password for other accounts (something unfortunately very frequent) the amount of information at risk is even greater.

A second type of attack is related to typical events carrierd out in this social network, such as the countless raffles that take place. In these, users can get products such as game consoles, smartphones, exclusive merchandising and even a luxury motorhome.

The attackers’ modus operandi is to create an account identical to the one conducting the raffles and to follow a large number of users, many of whom are also part of the legitimate account’s network of contacts. On the day of the draw they send a message to the users who participated telling them that they are the winners. From here, the rest is history: links to fraudulent websites, infected executables, data requests… Victims will encounter any of these scenarios and, if they do not have an adequate level of alertness, they will end up falling into them.

LINKEDIN

Even in the professional social network, where we only expect to find serious profiles and job opportunities, there is a gap for incidents of this type. In this network you can find memes, commercial videos and invitations to events, but above all it highlights the transmission of documents, studies and articles of interest, being scientific in the best cases. Therefore, hoaxes related to prizes and big discounts would be too suspicious and would not be effective.

La Evolución de los Ataques en Internet 4
Photo by natanaelginting on Freepik

Threats aiming at LinkedIn users target another type of curiosity: the intellectual one. Since August 2019, social engineers have been known to pose as researchers from prestigious groups or universities (such as Cambridge) who urged to download an innovative and high-interest scientific study. As we can already imagine, it was actually an infected file.

These examples demonstrate that users must remain alert at all time during their contact with social networks. Attackers adapt quickly to new functionalities and platforms, they have the ability to create messages that go completely unnoticed in order to get as many victims as possible. This makes it impossible to keep up with all modalities.

To achieve a good level of security on the networks, the first step is not to spread or viralize chain messages of which may be suspected of their legitimacy. Secondly, it is very useful to be clear about the following:

  • What data should not be shared and that, therefore, we will never be asked from official entities.
  • Any executable file can actually be a malware that infects our device.
  • Links do not always have to lead to legitimate web pages. Almost identical replicas can be made to obtain certain data or include infected elements. We should always try to access the website in question from the browser, avoiding clicking on the links that may have been provided to us.

Last but not least, it is vitally important to take into account the human factor. As mentioned at the beginning of this article, even if everyone knows how the Nigerian Scam works, this method is still in force today and that is because there are still people who fall into them. This is not to say that these people are careless or less clever, far from it; the reason is that these are very powerful techniques that directly attack certain human vulnerabilities.

The best way to protect yourself is to understand these vulnerabilities and get to know yourself in order to know which of them you need to strengthen as a priority. Kymatio has the necessary technology to carry out this identification and trains each user in a personalized way, thus maintaining an adequate level of alertness.

How to protect employees from Social Engineering attacks?

Related information:

New Kymatio module prepares employees for social engineering techniques

Social Engineering Module
Sara Dorado

Sara Dorado

Related Posts

Kymatio® qualified by the CCN (National Cryptologic Centre) for inclusion in the CPSTIC catalogue of products and services.
Redeia and Kymatio reinforce their commitment to protecting and raising awareness
The Essential Role of People in Cybersecurity: Balancing Awareness and Comprehensive Risk Management
Cyberattacks: Impact on various sectors