In this post, you will learn everything about vulnerabilities in cybersecurity. Including what the most common are, how you can close this unwanted open door without spending too much money, and more. 

Let’s get to it. 

What is a vulnerability in cybersecurity? 

A vulnerability in cybersecurity is like a weakness or a hole in a wall that protects your computer or online information. Cybercriminals can use these exploits to access personal information, steal sensitive company data, take control of a device, or launch massive attacks, such as ransomware. 

An example of a vulnerability is a misconfiguration on a system that someone with malicious intent can exploit for personal gain.

For example, imagine you have a lock on your front door to keep your house safe. But, if someone made a mistake installing the lock or the key is easy to copy, it becomes a vulnerability that a thief can exploit to break into your house. Now imagine you are not aware of these problems. That means that someone that knows can come and go into your home as they please, and you would never have a clue.

In the same way, if a website or software has a vulnerability, a hacker can use it to gain access to sensitive information or take control of the system. Likewise, you would have no clue what is happening, until it’s too late.

Almost all technology has some vulnerability, from smartphones your employees use, to the software that runs your network. Cybercriminals are always finding new vulnerabilities, so it is crucial to stay vigilant and act quickly to protect your information, staying one step ahead of hackers before they can break into your home.

Why are companies’ websites vulnerable? 

Company websites can be vulnerable to cyber attacks for a variety of reasons. Some examples are: 

1. Outdated software: Websites that are not regularly updated may be using outdated software that has known vulnerabilities that can be exploited by hackers.
2. Compromised passwords: Some websites may have weak or easily guessable passwords, making it easy for hackers to gain access. In other cases, the passwords are not stored correctly, being exposed by hackers to find them. And to top it off, data breaches might contain passwords that can still be used to log into a service. 
3. Lack of security measures: Some companies may not have adequate security measures in place to protect their websites from cyber attacks.
4. Third-party vulnerabilities: This is a big one, that even big companies are vulnerable to. Websites that use third-party plug-ins or other software may be vulnerable if those third-party providers have security vulnerabilities.

It all comes down to this: hackers are betting that most companies will not have the time, or the money, to keep up-to-date on their cybersecurity. After all, expert professionals can be quite expensive.

How do hackers exchange information about vulnerabilities?

To make matters worse, not only these vulnerabilities exist, but hackers exchange information about them and even sell this information to other hacker groups. This level of organization and information sharing is unprecedented, highlighting the danger even more. Here are a few methods that hackers use to share intel: 

1. Online forums: Hackers may use online forums and message boards to share information about vulnerabilities and exploit code.
2. Dark web and Deep web: Hackers may use the dark web and deep web to share information about vulnerabilities, exploit code, and other hacking tools.
3. Social media: Hackers may use social media platforms to share information about vulnerabilities and exploit code.
4. Private channels: Hackers may also use private channels, such as encrypted messaging apps, to share information about vulnerabilities with other hackers, making it almost impossible to track.
5. Vulnerability markets: Some hackers may sell information about vulnerabilities to other hackers or to organizations that will pay for the information.

That means that when one vulnerability is discovered, almost instantly, every hacker in the world can have access to that information, conducting attacks on their own. That makes it sound almost impossible to stay on top of these vulnerabilities, right? Not really. 

Fortunately, there are ways to fight them, with minimal effort, and without breaking the bank. 

Let’s get to them. 

What is the CVE? 

The Common Vulnerabilities and Exposures (CVE) is a system for identifying and cataloging known security vulnerabilities in software and other systems. The goal of the CVE is to provide a standard way to describe and identify these vulnerabilities so that they can be easily tracked and managed.

A CVE entry will typically include a description of the vulnerability, the affected software or system, and any known exploit code or attack methods. The entry may also include information on the impact of the vulnerability, such as the potential for data loss or unauthorized access, and the severity of the vulnerability, such as whether it can be used to take control of a system.

The CVE system is maintained by the MITRE Corporation, a non-profit organization, and is sponsored by the US government. The CVE is a widely used system and it is important for software vendors, security researchers, and other stakeholders to use the system to ensure that vulnerabilities are accurately and consistently identified.

When a software vendor or researcher identifies a new vulnerability, they will typically submit a request to MITRE to create a new CVE entry for that vulnerability. This allows other organizations to easily track and manage the vulnerability, and to take appropriate action to protect their systems and data.

To summarize, the CVE acts to counterbalance the hacker information trade machine. While they trade and gather information for attacks, the CVE (and other methods) provide information for defensive purposes. 

10 common vulnerabilities on websites

The CVE has cataloged over 200.000 known vulnerabilities. That is an astounding number, but with the help of an automated tool and a little prioritization, a company can manage without spening much and without a deticated team of cybersecurity experts. 

To get a little more practical, we have a few examples of common vulnerabilities, and what they mean: 

Injection attacks

Injection attacks occur when an attacker can insert malicious code into a web application, allowing them to access or modify sensitive data. This can include SQL injection, where an attacker inserts malicious SQL code into a web application, and command injection, where an attacker inserts malicious commands into a web application.

Cross-site scripting (XSS)

XSS attacks occur when an attacker can inject malicious code into a web page viewed by other users. This allows the attacker to steal user data, such as cookies and session tokens, and perform other malicious actions.

Broken authentication and session management

This occurs when an attacker can gain unauthorized access to a user’s account by exploiting weaknesses in the authentication and session management systems of a web application.

Insecure direct object references

This occurs when a web application references an internal object, such as a file or database record, using user-supplied input without proper validation. This can allow an attacker to access or modify sensitive data.

Vulnerabilities in security misconfiguration

This occurs when a web application or the underlying server is not configured securely, leaving it vulnerable to attack. This can include issues such as leaving default accounts and passwords in place, and not properly securing configuration files.

Vulnerabilities in Sensitive data exposure

This occurs when a web application does not properly protect sensitive data, such as credit card numbers and personal information. This can include issues such as storing data in plain text or using weak encryption.

Cross-site request forgery (CSRF)

This occurs when an attacker can trick a user into using a web application without their knowledge or consent. This can include actions such as changing a password or making a purchase.

Using components with known vulnerabilities

This occurs when a web application uses components, such as libraries and frameworks, that have known vulnerabilities. This can include issues such as using an outdated version of a library with known security issues.

Unvalidated inputs

This occurs when a web application does not properly validate user-supplied input, allowing an attacker to inject malicious code or perform other malicious actions.

Failure to restrict URL access

This occurs when a web application does not properly restrict access to sensitive URLs or pages, allowing an attacker to gain unauthorized access to sensitive data or perform other malicious actions.

How can a business find and manage vulnerabilities? 

Even with every tool at their disposal, businesses still have a hard time maintaining their online perimeter secure. That is perfectly understandable, considering how many digital tools a company uses, especially since each one of them might contain multiple exploits. The great news is that it’s possible to know all vulnerabilities without spending much and without a big dedicated cybersecurity team. 

For instance, a small business can find and manage vulnerabilities on its website by using a vulnerability scanner, which is a software tool that automatically checks for known vulnerabilities in web applications and their underlying systems. These scanners can check for a wide range of issues, including SQL injection, cross-site scripting, and insecure file permissions.

Once you have identified all vulnerabilities, the next step is to prioritize them based on their potential impact and ease of exploitation. The business can then develop and implement a plan to address the vulnerabilities, which may include patching or upgrading software, modifying configurations, or implementing additional security controls. 

Overall, regular monitoring and maintenance are key to managing vulnerabilities on a website.

Conclusion

In conclusion, identifying and managing vulnerabilities on a website is an essential part of maintaining the online security of your business. By using vulnerability scanners, prioritizing vulnerabilities based on potential impact, and implementing a plan to address them, you can help protect your website and your business from potential attacks, without spending too much money or overworking your IT team. You also don’t need a big team of cybersecurity experts to keep your company safe. 

It is also important to remember that website security is an ongoing process. Regular monitoring and maintenance are crucial to ensure the business has total visibility on any new vulnerability and that you have dealt with all previously known exploits. With the right tools and approach, you can help keep your website and business safe with less effort than you can imagine.

Want to know more?

Learn more about how leaks and data breaches can be harmful?
Check out this other post we commented on the subject:

Leaks and Breaches: The What, How… and Why You Must Protect Yourself!

The good news is that there are ways to recover lost photos on cell phones. The bad news is that this doesn’t always work, as the more time it takes to recover, the greater the chances that the photo is lost. With that in mind, let’s get to the tips. 

1 – Use Google Photos

Starting with the easiest way, Google Photos is the Android system that helps you control your photos. That can be the default setting, which makes your life much easier. 

Automatic and manual backup in Google Photos

The first step is to activate the automatic synchronization feature. That will sync all photos to the cloud, so even if you delete one from your cell phone, you can recover it on Google Photos. Let’s see how to activate synchronization: 

1. Open the Google Photos app on your smartphone;
2. Log in to your Google account if necessary;
3. Tap your profile picture or the first letter of your name, which is in the upper right corner of the screen;
4. Select the Google Photos Settings and then the Backup option;
5. Tap Backup to enable or disable this functionality. 

With this, every photo you take will automatically go to the cloud. However, you have to be careful as only 15GB of space is available for photo storage for free. Depending on how many photos you take, that may not be enough. 

Another option is to do this manually, backing up each photo individually. The process is similar and also quite simple: 

1. Open the Google Photos app on your smartphone;
2. Log in to your Google account if necessary;
3. Select the photo you want to backup;
4. Choose the Backup option, which is at the top right. 

That gives you more control over your photo backup, even if it takes a little more work. 

Finding items in Google Photos trash

If you already have synchronization active or use Google Photos as a default for photo management, all your deleted photos on Android go to the trash can. That means that recovering them is very simple: 

1. Open the Google Photos app;
2. Select Library and then Trash;
3. Tap and hold the photo you want to restore and click on the Restore option. 

However, there are some Google rules about how long photos stay in the trash. That’s why the more it takes, the greater the difficulty of recovering them. Here are the rules: 

1. More than 60 days in the bin or more than 30 days, in case of phones with Android 11 or newer and without backup;
2. You emptied the trash, or deleted the image permanently; 
3. The picture was deleted directly from the gallery without having been backed up to Google Photos.

2 – Use a photo recovery app

Didn’t find deleted photos on Android by Google Photos? Then you can use a photo recovery app. There are some options, such as DiskDigger or MobiSaver.

These apps work similarly, with a mix of free and paid versions. For example, DiskDigger only allows you to recover photos for free. Check out a very quick step-by-step on how to use DiskDigger: 

1. Download and open the app and start a basic photo scan;
2. After some time, which can take up to a few minutes, the application returns a list of possible recoverable photos;
3. Click on the ones you want to recover and choose a place to save them.

3 – Recover photos via PC with a recovery program

A similar option is to use a recovery program on the PC, such as RecoveryAndroid. In addition to the program, you will also need a USB cable to connect your cell phone to your computer or notebook. 

1. Install RecoveryAndroid or another similar program;
2. Connect the cell phone to the PC or notebook with the USB cable;
3. The program automatically recognizes the cell phone and maps files and photos found. 
4. Choose the items you want to recover to finish the process. 

4 – Avoid deleting photos on Android to have more space [extra tip]

Finally, if you have the habit of deleting photos on Android to have more space on your cell phone, dfndr security can help you. Much more than an antivirus, the app has several features that help with performance, such as more battery, more space, more memory and several others. 

Two features in particular help a lot to optimize the space in the photo gallery. The first is the duplicate photos feature, which recognizes duplicate photos and helps you delete them, preventing you from accidentally deleting more important ones. In addition, you can activate the gallery assistant, which will make recommendations for you to always have space on your cell phone for new photos. 

Do you want to know more about this and other dfndr security features? So go to the Google Play Store and check it out! 

According to our virus dictionary, a worm is one of the most common forms of malware. They exploit network flaws to spread larger threats and build on an operating system that spreads malicious code to other computers.

Worms can also damage connections, slowing down the internet and computer. Worse still, they can delete files from your hard drive and be difficult to defeat once they have penetrated your system (as they can usually get through most firewalls).

In this post, you will learn more about worms — and how to protect yourself from this threat.

What makes a worm?

A worm is a type of malware that, unlike common viruses , can self-replicate without the need to infect legitimate files, thus creating working copies of themselves. This capability enables worms to easily spread across computer networks and USB drives.

Some worms also spread through email messages, creating malicious attachments and sending them to the hacked account’s contact lists, often in the form of phishing.

How Worms Work

After spreading and gaining access to systems, some worms look for patches and security updates to close the holes they use. This prevents other malware from infecting the system using the same flaw – ensuring the worm’s exclusive control of its domain within the system.

These worms can also delete and modify files. Sometimes the point is just to make copies of itself over and over again – using up system resources (like hard drive space or bandwidth, hogging a shared network). In addition to wreaking havoc on a computer’s resources, worms can also steal data, install a backdoor, and allow a hacker to gain control over a computer and all of its system settings.

Worms are back to being used in SPAM

Popular around 2003 with the Bagle family, worms sent via SPAM to email accounts are once again being used by cybercriminals. The technique often uses zipped, password-protected files to distribute malware.

Because it is password protected, many antivirus programs are not able to scan files, and many security suites do not scan zip files, so they easily pass through the email security gateway.

A recent reappearance of this method for stealing data took place in Italy and was aimed at customers of Grupo Bancario Iccrea. The e-mail contained a password-protected HTML file, but with the access code included in the body of the e-mail.

When clicking, the user was invited to enter the code in the email to access the page. By informing the e-mail password, the user was directed to another page where he or she would enter credit card information, giving a false sense of security.

The reuse of this malware can represent a major threat world-wide, as more and more people have access to computers and are spending time in the virtual world, but are unaware of past threats and ways to protect themselves.

How to know if your computer has worms

If you suspect that your devices are infected with a worm, run a threat scan using your security solution immediately. Even if the verification is negative, follow the steps below.

1. Keep an eye on your hard drive space. Remember: when worms replicate themselves over and over again, they start taking up free space on your computer.

2. Monitor your machine’s speed and performance. Is your device slower lately? Are some of your programs crashing or not working like they used to? This could be a sign that a worm is consuming your processing power.

3. Be on the lookout for new or missing files. A common function of worms is to delete and replace files on a computer.

Main types of worms

The list below presents some of the most popular types of worms:

• Sobig: emerged in 2003 and was reactivated in 2013, Microsoft offered a reward to discover its creator.
• Conficker: It is most common on personal computers, blocking access to information security sites and spreading quickly over the network or USB devices. The pest is still active, but it can now be more easily removed by advanced security solutions.
• Mydoom: appeared in 2004 with rapid propagation and was generated by infected computers and through e-mail messages.
• Doomjuice: Uses a loophole created by Mydoom to infect computers.

How to protect yourself from worms

Worms are just one example of malicious software. To help protect your computer from them and other online threats, read and heed below!

• As software vulnerabilities are the main infection vectors, make sure your computer’s operating system and applications are updated to the latest versions. Install these updates as soon as they become available, as updates often include patches for security flaws.
• Phishing is another popular way for hackers to spread worms (and other malware). Always be extremely cautious when opening unsolicited emails, especially those from unknown senders that contain attachments or links. Don’t forget to activate your email service’s SPAM filters.
• Make sure you invest in a strong security solution that can help block these threats. A good product should have anti-phishing technology as well as include defenses against viruses, spyware , ransomware and other online threats. dfndr enterprise is an excellent choice for you or your company, as it uses advances in artificial intelligence to simulate and predict all types of attacks (including all the latest worms).

In practice, spoofing is used by hackers to achieve numerous goals, such as getting sensitive information from their targets, or gaining access to restricted digital environments from which they can launch additional attacks (such as ransomware) — and much more.

How does spoofing work?

It is possible to commit a wide variety of crimes by using information obtained through spoofing activities. Just imagine what a hacker or cybercriminal might do if they’re able to convincingly impersonate a company or another person.

A well-engineered spoof can take over the domain of an email or website to approach a possible victim, or gain access to internet protocols or IP addresses (which act as an identifier for computers connected to the network). Thus, it’s possible to have access to a person’s applications, get hold of their confidential data (whether personal or banking), and a spoofer can even send messages on their behalf.

This type of scam is not new, but its methods and purposes vary and increase every day.

What are the dangers of a spoofing attack?

With the possession of sensitive data, criminals can carry out a series of financial transactions using the spoofing victim’s name. Sometimes this transaction can be done with the leaked credit card details, and sometimes they can impersonate the victim in order to get credit, money from people they know, or make debts on their behalf.

A spoofer can also monitor your activities, gain access to messages sent from your device, and even sell the data they obtain to other companies.

What are the types of spoofing?

Now that you know what spoofing is, it is important to understand that this type of attack can take many forms, from the simple to the complex. Here are a few of the main forms spoofing can take:

email spoofing

Probably the most typical model occurs when an attacker uses an email to trick the recipient into thinking the message came from a trusted source. Typically, this is done in one of two ways: by removing the sender field (so that it is not possible to know who sent it), or by disguising known addresses from unknown senders.

For example, a lowercase “l” and an uppercase “I” are practically impossible to identify in a sender’s address. This type of message can also be sent via SMS (known as “smishing”), or through social media messages and other channels.

spoofing website

Website spoofing occurs when an attacker uses elements of a known page to create a similar or virtually identical copy, often displayed within a context that makes sense.

The idea is for the victim to put their information into the impostor website so that it is intercepted by the attacker.

IP Spoofing

IP spoofing is one of the more sophisticated attacks, looking to mimic a more technical point. It’s probably a type of attack that the user’s rarely even see, as the goal is to trick the system itself.

For example, a network can be configured to authenticate users according to their IP address. If the attacker manages to disguise the IP and trick you, their access is easily granted.

DNS Spoofing

The idea of ​​DNS spoofing is similar to the previous one. As you may well know, DNS (Domain Name Server) is a system that helps you translate website addresses into IPs. With DNS spoofing, attackers are able to trick the system and redirect traffic to an IP they control.

A simple metaphor can make this example clearer: just imagine that DNS are the signs on the streets, which indicate where a driver needs to go. With spoofing, a criminal “swaps” the street signs, with the aim of taking drivers wherever they want.

Facial Spoofing

This is a different strand of spoofing, with a similar principle. More and more, facial recognition models are becoming popular (to unlock smartphones, for example). For this approach, it’s common for hackers to use photos or videos of the person, with the aim of tricking the system and pretending that they are indeed there.

Good artificial intelligence may offer protection here, because it will be able to identify whether a person is trying to access that system or not.

Spoofing on social networks

Telegram, WhatsApp, Instagram and any other online service of the same category can also be used as a vehicle for spoofing.

In these cases, the victim has their account hacked, and cybercriminals use their profile or account to contact friends or family. Generally, these people simulate some emergency situation to ask for money, or they’ll announce products for sale (at extremely low prices) — but the products don’t even exist.

Telephone spoofing

Telephone spoofing calls can happen when someone impersonates a company or an institution over the phone. This usually happens through a service called Voice over Internet Protocol (VoIP), which is used to transmit online calls and spoof the number or name to be displayed on the caller ID.

So be suspicious when your cell phone shows a call with a certain name, but from some number or locale you don’t recognize

How can you detect spoofing?

Detecting spoofing yourself is possible, but as we’ve noted, it’s not necessarily easy. 

However, there are some signs that can help identify this type of attack.

Look for English and grammar errors in messages. These can be more serious grammatical errors, such as wrong words, or more subtle, such as certain inconsistencies or strange structures. 

Make it a habit to always check the links you are clicking or the email address of senders. Look for any unusual changes, however small. Look closely and compare the domain if you can. 

On smartphones, you can place your finger on links for a few seconds, so that a preview window of the content opens, as well as the link;

Note if your browser does not automatically fill in your information (if it usually does) Especially on a site you visit frequently, this may be an indication that you are on a spoof site instead.

Confidential information such as credit card numbers, passwords should only be shared on secure and encrypted sites using HTTPS at the beginning of the URL.

If an email looks sketchy, do a Google search for the content of the email itself. If it’s a known scam, it will likely turn up. 

Use the dfndr lab link checker. This is a free tool that tells you in a few seconds if a link is trustworthy or not.

How to protect yourself from spoofing?

Even if you follow all the tips above, protecting yourself can be hard to do. The big problem is that most folks won’t be able to closely observe all these details and stay aware on a daily basis.  And this is exactly what hackers count on.

Imagine someone who is going through an extremely busy day, doing a thousand things at once, who receives an email with these subtle changes. The chance of the person stopping to look and detect these errors is small. Hackers know that it is virtually impossible to be alert 100% of the time.

Of course, it’s best not to click on unfamiliar links or attachments coming from emails you’re not sure where they came from. However, as we mentioned throughout the post, the purpose of spoofing is precisely to disguise these attacks as something familiar and reliable.

Another big problem with modern companies is underestimating hackers. Attacks are no longer made by a single person wearing a hood, in a dark basement. There’s a lot of strategy and sometimes large organizations behind these hacks, resulting in attacks that are extremely sophisticated and very difficult to identify, as we have discussed in the examples above.

One option is to avoid clicking on direct links. For example, if you receive an email, an SMS (Short Message Service) or a call from your bank notifying you of a problem, avoid clicking on the link. Access the direct website or the app to confirm the information.

In cases involving social media intrusions or phone line cloning, it is important to be cautious when opting for two-step verification. Several applications already provide this option in their menu to enhance your security.

By creating extra phases for your login in communication apps, a spoofer will not have access to your message history (even if they have access to the confirmation code needed to login) and will certainly find it more difficult to hack your account.

Finally, it’s important to use some security solution (like dfndr enterprise) on your computer to make sure that the pages you access really are trustworthy. A software based on artificial intelligence will have more resources available to assess the security of your network, block potential threats, and protect your device before it becomes the target of an attack.

Did you learn something from this post? Now that you know what spoofing is and how to protect yourself from it, take the opportunity to subscribe to our newsletter. 

Then you’ll have access to more first-hand safety tips, right in your email!

Caution Flags 

The radical simplicity and irresistible pull of the Coinbase spot was the talk of the post-game ad reviews. But out of the din of this discussion came another message — this one from the Federal Bureau of Investigation (FBI). Inc Magazine’s Jason Aten pointed to a warning they had issued a month prior to the big game – the first lines lay out the situation quite clearly:

The FBI is issuing this announcement to raise awareness of malicious Quick Response (QR) codes. Cybercriminals are tampering with QR codes to redirect victims to malicious sites that steal login and financial information.

QR Codes Are Back, And Bigger Than Ever

Once again, it seems that bad actors have seized on a popular trend to help them do their dirty work. A simple technology dating back to the 90’s, QR Codes are on the rise lately – as they’ve become a very effective digital tool for marketers who want to quickly convert mobile phone readers into shoppers and buyers. The Wikipedia entry on QR codes gives you a quick grasp of just how powerful they can be when scanned on a mobile phone:

QR codes may be used to display text to the user, to open a webpage on the user’s device, to add a Card contact to the user’s device, to open a Uniform Resource Identifier (URI), to connect to a wireless network, or to compose an email or text message.

All you have to do is think about how hackers might use that kind of power, and you can quickly see that indiscriminate scanning of QR codes could lead you into some serious trouble. 

Two Primary Sources of QR Code Danger

The first danger with malicious QR codes is the fact that they can transport you seamlessly to a fake website. As with most hacks, the first layer of the transaction seems to be legitimate: the QR code works! The user arrives at a site that has the offer or information they were seeking. 

And this is when many users will let their guard down, and fail to notice telltale signs that the site isn’t legitimate. Super-sweetened offers can also play a role in softening up otherwise careful users. The bad website can be a collection point for private information and financial data, and the path to financial losses and ID Theft is paved.

The second danger is QR codes that include malware themselves. Once again, let’s turn to the FBI for — “just the facts”:

Malicious QR codes may also contain embedded malware, allowing a criminal to gain access to the victim’s mobile device and steal the victim’s location as well as personal and financial information. The cybercriminal can leverage the stolen financial information to withdraw funds from victim accounts.

That’s about as bad as it can get. So, short of forsaking the use of all QR codes — how do you defend yourself?

What Can You Do?

Here are the five steps you can take – we discuss each below in more detail:

1. Get informed about what QR codes are and what they can do.
2. Make sure your device has good security software.
3. Use that security software regularly!
4. Before scanning any QR code, scan “the situation.” 
5. Make sure you land where you expected to!

You’ll be glad to know that you’re well on your way to completing the first step. We hope this article has helped in this regard, and if you want to get even more up-to-date on potential threats to you and your mobile device, we highly recommend these two companion articles:

Six Ways That Cybercriminals Try To Take Over Your Device – QR codes are covered here along with several other traps, like WiFi Honeypots, Fake Apps, and even Subtitles in Streaming Apps. Do give it a careful read – lots to learn here.

Can a QR Code Be Used In A Phishing Attack? – If you’ve followed us so far, you know the answer to this question is YES! But hit the link to get more information on how QR codes can bait the hook for hackers’ big Phishing expeditions.

Security Help

If you’re using dfndr security, make sure you activate the anti-hacking feature to protect you from scams and malware. dfndr security PRO plan also has a dedicated Safe App function to help sniff out apps that contain malware, and also provides complete Identity Theft reports should you suspect trouble.

Eyes Up!

But your awareness is always going to be your first line of defense. Remember that QR codes primary benefit is to help you connect to a specific spot on the web without your having to type in a URL. The “fun” of seeing this work is no doubt a major part of the success of that Coinbase ad. 

If you decide you do want to scan a QR code – make sure you can verify it’s from a trusted source, and take a good close look at the surroundings: the copy and design, the context of use. Is the code stuck on a wall outside a club? Or did it come to you via a traceable source like a mass mailing? If you can verify that the code is from a trustworthy source – make sure the landing spot is what you expected it to be.  

Just remember what your friends in the FBI told you: a QR code isn’t a game to be taken lightly — or a Pokemon type game where you have to capture and collect. They serve a very specific function, and they’re more powerful than they look. Treat QR codes with the same caution you’d give to any unknown app or web address.

The ph prefix means that both are…well…phake.

But despite the cute names, the damage that can be wrought with either method is considerable. Identity Theft is the end game for many of these swindles, and as you may know, the long tail effects of ID theft can be personally devastating (and if you’ve never really experienced or read-about just how hard ID Theft can be for individuals, we highly recommend reading through that linked article. Not fun, but essential information).

While phishing attacks are made through phishy emails, pharming is the term applied when the hacker sets a trap in the form of a malevolent website: frequently, an impostor-site posing as a well-known and trusted company site. 

Pharming: Individual User Attacks

Phishing and pharming often go together – and the phishy email lures a single user to a malicious website, where the user enters their private information and the pharmer makes off with it, using it later to sow havoc by deploying it on the real site.  

Sometimes these sites are simply set up like traps on the web – you may have encountered one or more of these by simply misspelling the name of a popular site. The result may be a jarringly different site than what you expected. 

In truth these situations are relatively easy to avoid.  But sometimes the site you’re delivered to can be very close to what you expected, and that’s where real pharming trouble can begin.

Malware can drive pharming too – redirecting you to the substitute site without your awareness or permission. It’s important to remember that hackers are increasingly fond of using techniques of misdirection. You may inherit malware through a new app you download, but the consequences arrive later, when you first log on to your bank-site or try to pay your credit card bill, and the malware takes you to an impostor site to steal that information from you.

DNS Switching  

DNS switching takes the whole pharming idea to a more dangerous height. Whereas the malware or phishing-driven pharming operates at an individual user level, DNS Switching redirects all traffic to a given website to a pharmed-out impostor. 

The malware works within the DNS server and redirects requests to reach the authentic site to the pharming site. These more sophisticated attacks often involve more sophisticated fakery, and the pharming sites can be very convincing.

How To Protect Yourself, Down on The Pharm

As always, there are a few different layers of protection you can enlist to keep yourself from pharming — and the more of them you employ, the safer you’ll be:

Mindset: Your mindset as a user is one of the best defenses you have against hackers. Remember that hackers are fond of using social engineering – which some might refer to as “good old psychology” — to lure users into interactions with iffy emails, sketchy sites, and strange-people on well-known platforms. Keep your guard up, and if somebody, something, or some site asks you for information that your bank or health club or grocery-delivery (etc.) already should have, let that alarm bell go off loudly in your head. Then take three giant steps away from your keyboard. 

If your spider-sense has even an inkling that an email from a friend or a site isn’t the real deal: slow down and check it out. In general: try not to confer the trust you have in a person or company onto any representation made for them on the web. The web is…the web. And it should always be treated with caution.

Unprotected?: Public, unsecured wifi networks really are the devil’s playground.

The upshot is that public networks have chinks in their armour, and hackers use those chinks to “eavesdrop” on your conversations. Information they steal through this technical kind of listening can lead to direct attacks, or…down the road, a phishing or pharming attack tailored just for you. 

S matters: There’s a big difference between http:// and https:// — the difference is that “s,” which stands for secure. When you see the full https://, it means that information on both ends of the website transaction is encrypted and secure. When you don’t – that may not be the case. This is such a widely accepted standard now that the absence of that s should put you on high alert.  

Phishy?: If it looks or sounds phishy, it probably is. It might also be pharmy. Here’s an example of what we mean: in one of the biggest pharming attacks ever launched, a DNS Switching attack on more than 50 financial institutions, the affected users were presented with an error screen that asked them to switch off their anti-malware and any firewall protection they might be running. Many users simply complied, and provided access to the pharming malware to do the rest of the work. 

This obviously relates to our mindset discussion as well, but we wanted to emphasize that even very sophisticated pharming attacks will sometimes rely on users turning off systems of defense: whether it be their own mindset, or settings in place on their computer designed to protect them!

Speaking of Defense…  

Of course one of the essential bits of protective equipment is a good security software solution. dfndr Pro provides several excellent tools to help you protect not only your private information but your physical phone as well. Having that combination of protections is important. 

Pro also offers a Safe App function that enables you to screen any app you might want to try before downloading it, and that can be an excellent first line of protection from malware of all types – including those that are designed expressly to uh, ”take you down on the pharm.” 

With your mindset on high-alert, and your phone protected with a well-designed, and multi-layered security capability, you can move about confidently. Just be careful out there, and try not to get any mud on your shoes!

The film tells the story of a conman who uses the Tinder app to insinuate himself into the lives of three female victims. In the film, Simon Leviev sets up elaborate romantic cons to appear as a wealthy diamond heir, then uses the trust he has gained to steal information, then money – only to use that money to fund the con for his next victim.

It’s a taut and dramatically told story, but without a clear moral or ending. (The New York Post has reported that Leviev has signed with a Hollywood agent, and “wants his own dating show.”)   

How To Stay Safe: Five Scammer Prevention Keys

But the moral for users of Tinder — and social media in general — are still the same: proceed with caution!  Below are a Five Keys to help you stay safe as you navigate dating apps like Tinder — they’re also useful guidelines for people you might meet on any other social app like Facebook:

• Do some research — and take your time. Before meeting in real life with anyone you’ve met online, take the time to do a little background research and find out if the person you’re speaking to is who they say they are. 

• Consider bringing a friend for the first date(s), and meet in public. Yes, this will keep you safer, and it might also help provide a more casual atmosphere where you can learn a little bit more about your new friend.

• Be sensitive about peculiar information requests. Spoiler alert: The Tinder Swindler orchestrated reasons to get Passport information, and then quickly put it to nefarious use. Whatever the reason given, a quick pivot to requests for detailed personal data is always a sure warning sign, especially in a new relationship.

• Keep your purse, phone, and ID’s close. Don’t overlook simple physical sources of data like these. Don’t leave them unattended. 
• If you have any suspicions, check in to things. If anything seems odd in terms of your interactions, don’t bury your head in the sand. A good security solution like dfndr security can help you track where your data is going and also protect your physical phone from theft. Stay on top of your bank and credit card accounts.

Remember: Most Scammers Don’t Do A Lot of Romancing

The Tinder Swindler is also a healthy reminder that most scams are not quite as elaborate as those cooked up by Simon Leviev.  But most scams operate on the same human emotions of romance and self-interest. 

Set some clear rules for yourself in the dating world – and also for when you’re answering emails and text messages — or when you’re looking for work on a job site.  If it looks too good to be true – it probably is! 

But the sense of ease and security we have when dealing with the teller at our local bank, or flying on our favorite airline, may not serve us well when we use an app provided by a company we know well “IRL” (in real life). 

“The widespread development of apps by businesses is not only good for marketing and sales,” remarks Emilio Simoni, Director of Research at PSafe’s dfndr lab, “but it also feeds a billion dollar business in re-use of your data.”

Data Means Dollars

Modern day operating systems for both iOs and Android provide some mechanisms for you to limit the way apps can track your behavior across the web, but these only offer limited protection. “The data you use in everyday interactions with these apps is of tremendous interest to hackers,” Simoni observes,  “and data breaches for some of the world’s biggest and most respected companies have become almost commonplace.” 

Leaked data is commonly resold or accessed on the dark web, and once procured, it can be used in a variety of ways. It’s fairly common for leaked data to be used to fuel scams that entice users to expose even more information, or, to provide direct access to financial levers.

“What users need,” Simoni explains, “is the means to see the whole picture for their apps and the data they use.  This is what we provide with dfndr security Pro: a Privacy Scan, which gives users the ability to see, in one place, a complete picture of how apps are using and sharing your data – whether voluntarily, or through leaks.”  

Here’s what that complete picture shows:

• The data and access permissions you have granted for each app
• Where each app sends the data it collects
• A data breach history for each app (more than one breach is not unusual).
• Apps you have installed that may be malicious or known to pose risks 

Obviously the first thing you can do with this information is to make judgments about which apps you want to keep – but it may also help guide you to further steps, like changing passwords, or changing settings on the app. It can also give you important information for staying aware of likely hacks or doing further research to determine precisely what sort of personal data may have been compromised.

“Getting this comprehensive picture is really the best way to see context and to stay alert and ahead of the game,” Simoni says.

Before You Load Apps

PSafe’s dfndr security Pro also includes a feature called Safe App, which enables you to evaluate apps before you load them on your phone. Safe App tells you if an app is known to be malicious, or if it has previously been breached. 

Try PSafe dfndr security for Free

The easiest way to see how both Safe App and Privacy Scans work is to try dfndr security for yourself. You can start with the Free Version of the app, which will help you manage your phone’s memory, storage, and battery power – and also give you some good basic security capabilities like a URL checker and an Antivirus App scan.

Add dfndr security Pro. and you’ll be able to do a quick Privacy Scan and see where you stand, and you can check any new apps you want to install with Safe App. You’ll also get Anti Theft functionality to locate your phone (and protect your data) if it’s stolen. 

Use this link to learn more and try out the free version of PSafe’s dfndr security.

Stay Alert

“The capabilities a good security app can provide offers essential protection,” Emilio Simoni emphasizes, “but staying alert ourselves is another key element of our overall defense.”

In addition to procuring and using a proven security solution like dfndr security Pro, Simoni suggests the following “data hygiene” habits for users:

Strong Passwords: Use a password manager and make sure you never use the same password for more than one account. 

Take Care With Social Media: Many social media accounts these days, asking questions and offering quizzes, are simply storing and selling clues to hackers. 

Beware of Phishing: Hackers are certainly not above using news about data leaks as an occasion for reaching out to defraud users. For any communications you receive about data, passwords, accounts, or any transactions you’ve made (or pines you haven’t!) — always double check the source.  

“With a good security app and the conscientious use of privacy ‘best practices,’ your use of apps can provide the convenience and ease you’ve come to expect from them,’ Simoni concludes. “We’ll continue to research viruses and hackers methods to make sure we’re doing our part to maintain our interesting-leading solutions.”

During the past few months, Joker has become one of the most active Android malware infections. Joker rides on the coat-tails of seemingly legitimate apps, then covertly signs up users for pricey subscription services. It can also steal SMS messages, contact lists, and device information. 

Joker variations seem to arrive in batches, with a fresh batch leeching onto dozens of apps as recently as September. 

Joker Infiltrates The App Store

“One of the best ways to avoid malware and trojan apps is to use Google’s sanctioned app store,” says Emilio Simoni, PSafe’s dfndr lab Research Director, “but unfortunately, Joker has managed to disguise itself and mutate so profusely, that it has found its way on to several apps within the official Google Play marketplace. Of course third party app stores are also offering Joker-tainted apps — so the best protection is going to be a strong security app that sniffs out malware-tainted apps immediately, like our dfndr security Pro.”

Google removes the offending apps as soon as they’re reported — but the high rate of variation and concealment with this particular trojan keeps bringing new specimens on board.

Delay Tactics

“Part of what makes Joker so effective is that it waits to take effect,” Simoni remarks. “After the trojan-app is downloaded (many of these are knockoffs of better-known apps) it waits to drop a very small packet of code, it then reaches out to the server that loads the malware that does all the dirty work.” 

What Can You Do To Stay Safe?

Good hygiene with your digital devices includes:

• Installing only the apps that you need and use. Loading up your device with as many apps as you can imagine using is a hazardous path. 
• Being wary. Look for apps from developers you know and trust.  Do a little background checking and make sure that cool new app is coming from a known and trusted provider.
• Cleaning house periodically. To keep the number of apps you use to a minimum, do a periodic review of the apps on your phone and delete the ones you’re not using. 

“Good security habits are always the first step,” Simoni observes, “but we can see that with truly devious malware like Joker, personal vigilance may not be enough.  When a piece of malware is mutating on a monthly basis, you need a dedicated security solution to help keep you safe.” 

The Best Defense Begins BEFORE Dangerous Apps Are Downloaded

An excellent way to protect yourself is to use a security application like dfndr security Pro, which has a dedicated Safe App Installer that can tell you if the app you’re about to install has been identified as malware.  This is exactly what the Safe App Installer does: it AUTOMATICALLY protects you from malware and apps known to compromise your data — before you even install them.

More Protection for Your Digital Life

Safe App Installer is only one of the key features dfndr security Pro offers.  It also comes with a full suite of security capabilities that can protect you not only from digital threats, but from thieves “IRL” as well.

Beyond Safe App, there are four additional features dfndr security Pro offers to protect you and make your digital life easier:

Anti-theft protection: Protects against physical loss that leads to data loss: in case of theft or loss of your device, you can lock  it down remotely, find the phone on a map; or, activate a loud alarm to find it nearby. You can also get a picture of the thief, and wipe the phone of your personal data.

Privacy Protection: You can locate on a map where your app data is going and how it might be used by third-parties.

Unlimited Identity Theft Reports: These reports provide “perimeter defense,”looking out for privacy vulnerabilities beyond your own device. These reports reveal if any of your information has been leaked, with a one-click check of a database with over 10 billion compromised credentials. 

Ad-Free: As an extra bonus, Pro is totally ad-free.

Get The Protection You Need Today

Click here to download dfndr security and free trial dfndr security Pro to put all of these features to work securing your phone, your data, and your digital life. dfndr security Pro offers a full suite of protection, constantly updated, to make sure “you’re safe out there.”

Data breaches — even among major platforms and providers — are becoming an almost daily occurrence. With so much of our life and business being carried out online, and the multitude of devices and platforms we use to work, shop, and play, the “attack surface” for hackers grows (much) larger every minute. Even the biggest and best-run companies and platforms have become favorite targets for hackers. So much so, that attacks on well-known companies and platforms have become almost commonplace. 

“There’s a double danger in data leaks becoming so common,” says Emilio Simonis, Research Director at PSafe’s dfndr lab. “First, of course, are the attacks themselves — but as they become more ubiquitous, many people start to take them for granted, and assume they pose only modest personal danger.” Significant lag time between the breach-event itself, and subsequent criminal action on the part of hackers, also contributes to the lack of decisive response. “Hackers are very patient — they know many victims won’t take immediate action to protect themselves,” Simoni remarks, “and they use that aspect of human nature to their advantage.”

Try dfndr security today, it will help you secure your phone and protect your data from hackers and malware of all kinds.

How do breaches happen?

Just as hackers use their knowledge of human nature to design their scams, they also rely on human error to create openings they need to get at private data. Poor passwords and weak credentialing processes are probably the most common source of breaches, and lost or stolen (and unprotected) laptops and drives also contribute. 

Phishing scams, enticing recipients to give up data voluntarily, have never flagged in popularity. Malware is also a common method, and is often combined with phishing techniques to get at personal and financial data stores. “Increasingly, these attacks are targeted at corporate assets, so employees must remain vigilant,” Simoni warns, “especially now, as so many people are using devices from their home to connect to work.” 

Malware and ransomware have become a more favored method as many users have become used to “shopping by downloading” — trying out free versions of new software solutions before deciding if they want to keep a new app or game. Malware often asks for extensive permissions, then quietly works behind the scenes with the permissions it has accrued, logging data and  building up significant data-leverage, before shipping that information payload off, or using it to launch further attacks on the user.

External, code-driven attacks are also growing more common than ever. Often called “brute force attacks,” these are now guided by increasingly sophisticated artificial intelligence, and very powerful computers, to crack weaker protections.

What information do they target?

Hackers have a wide-open market for the information they steal, and generally they’re after Personal Identification Information that most individuals and companies (and laws) seek to protect. Of course they also seek information like bank and credit card account information that gives them immediate financial leverage. The worst nightmare for individuals is when a hacker is able to transact business as their victim through identity theft. Identity theft can be very complicated to undo, and the process of undoing the damage wrought by an identity theft can be protracted and painful. “Hackers are keenly aware of the leverage that personal identifying information gives them,” Simoni cautions, “they know how to make the most of it, and rarely show any restraint once they have the upper hand.” 

What can you do?

Major breaches are on the rise and show no signs of tailing off. That’s the bad news.  “The good news,” Simoni observes, “is that protecting yourself is still something that you have a lot of control over individually.. It’s something you can do well with some simple habits and tools.“

“We recommend taking three fundamental precautions to all of our customers,” says Simoni. “Make sure you adopt best-practices for your passwords, use two-factor-authentication whenever you can, and use a solution like dfndr security Pro for immediate notice if your personal data has been accessed outside of your control. Our Pro solution also scans new apps to prevent malware attacks.”

“Your phone itself can also be a target,” Simoni advises, “which is why dfndr security Pro has the capability to shut your phone down for use, and show you its location, in case of theft. ”

Best practices for passwords include the following: 

• Never use the same password for more than one site. 
• Make sure that your passwords are kept up to date on every site, and change them immediately whenever you’ve been notified of a breach. 

The Big Benefits of Two-Factor Authentication 

Most financial and major social sites now offer two-factor authentication (usually with an option to send a code via-text to your phone).  Use these protocols whenever they’re available, as they greatly reduce the capability of hackers to break through.

Breaches are occurring with disturbing frequency, so the best way to stay ahead of the hackers is to have immediate notification of leaks with your personal data at any time. dfndr security Pro offers free unlimited ID theft checks, which can give you the flexibility and insight you need.

As noted, dfndr security Pro also has other important safety features, like a Safe App Scanner to protect you from malicious (data stealing) apps, and Anti-Theft features that help you locate and control your mobile device if it gets lost or stolen. 

With dfndr security installed on your phone, you will have more protection, so you can test it now if you like. Click here if you want dfndr security for free.