The Central Texas IT Guy

Web Development Austin, SEO Austin, Austin Search Engine Marketing, Internet Marketing Austin, Web Design Austin, Roundrock Web Design, IT Support Central Texas, Social Media Central Texas

Tag: Hacking

Why Students Are Easy Targets For Cyberattacks

By

On January 28, 2023

In Security

The Internet has given rise to diverse learning opportunities for students. It has taken down the location barriers and has made it easier for students to connect with their peers, consult subject experts, and use online study material on a global stage. While this has increased their exposure to a wide range of opportunities, it has also piqued the interest of cybercriminals.

Why Are Hackers Interested in Students?

A major misconception in reference to cyber security is that hackers are motivated by financial gains alone and thus target large organizations only. While direct financial gains are the major motivating force behind cyber-attacks, the attackers may target individuals for other motives, such as identity theft, personality maligning, stalking, etc. These motives may or may not end in financial gains.

These are some of the reasons why hackers target students are:

  1. Easy Target: Students pose as easy targets for hackers. They are not highly aware of the latest cyber threats, making them easy prey. Additionally, school networks are protected by IT professionals. However, it is not practically possible for school IT professionals to protect the student-owned device. With inadequate security measures, student devices are at a high risk of cyber-attacks.
  2. Multiple Devices: Students generally use multiple internet-accessing devices such as smartphones, laptops, tablets, desktops, and smartwatches. As the number and types of devices increases, it enlarges the attack surface for hackers. This increases the probability of becoming a victim to a cyber-attack.
  3. Social Media: Students share pictures, routine activity, and life updates on social media. This offers hackers an opportunity to track their activity and steal personal information. This information can be used to build fake profiles and launch attacks such as identity theft, stalking, cyber-bullying, etc.
  4. Clean Credit History: Students have a clean credit history. Hackers target students’ credit history and use it to get credit approvals, take out loans, etc.

How Do Hackers Target Students?

Hackers use diverse types of cyber-attacks to target students. Common cyber-attacks targeting students are:

  1. Data Theft: Students enter their details when logging in to online learning portals, shopping sites, etc. Hackers target such portals to get information and further use for malicious activities.
  2. Phishing: Phishing attacks are launched by sending an authentic-looking email or message containing a malicious link. Once students click the link, they are directed to a malicious website where their information is collected or malware is downloaded on their system.
  3. Scholarship Scams: Hackers design fake websites or pages that promise students a scholarship in exchange for a fee. This type of attack is used to steal both financial and personal details entered by the students.
  4. Filesharing Risks: Hackers trick users into using free Peer-to-Peer filesharing services that expose the device to viruses or malware.
  5. Webcam Hacking: This is a spyware or stalking attack. Also known as Camfecting, hackers encourage students to download malicious links containing spyware. Once installed, hackers gain access to the webcam of the infected device.
  6. Social Engineering: Social engineering attacks are performed by monitoring social media activity or hacking social media accounts. This type of attack is aimed at tarnishing reputation or blackmailing.

Contact Centex Technologies at Killeen (254) 213 – 4740, Dallas (972) 375 – 9654, Atlanta (404) 994 – 5074, and Austin (512) 956 – 5454 for information on how to safeguard personal devices and online accounts from cyberattacks.

How Does Fileless Malware Work?

By

On December 22, 2020

In Security

Fileless malware is defined as a type of malicious software that does not rely on virus-laden files to infect a host or victim. In contrast, it makes use of applications that are commonly used to perform legitimate and justified activity for executing malicious code in resident memory of the host. As the software doesn’t create any files, it doesn’t leave any footprints making it difficult to detect and remove.

Key Targets Of Fileless Malware:

The attackers who employ fileless malware tend to gather large amount of information in short span of time. So, they tend to focus the attack on a few key targets. Two systems that form common target are:

  • PowerShell
  • Windows Management Instrumentations

The reasons why attackers choose these systems are:

  • Security technologies trust these utilities
  • Analysts tend to assume that actions of these systems are legitimate
  • These utilities provide complete control over an endpoint
  • Most organizations refrain from shutting down these systems as it will hinder business It or DevOps work

Working Of Fileless Malware:

Following are few scenarios in which fileless malware can use a system’s software, applications and protocols to install and execute malicious activity:

  • Phishing emails, malicious downloads, and links that look legitimate are used as points of entry. Once a user clicks on these links, they load to system’s memory. This enables the hackers to remotely load codes to steal confidential data.
  • Malicious code can be injected into applications that are already installed on the system and trusted by the user. After injecting the code, these applications are hijacked and executed by hackers to carry out malicious activity.
  • Attackers create fake websites that mimic legitimate business pages. When user visits these pages, the websites search for vulnerabilities in Flash plugin. These vulnerabilities are exploited to run malicious code in the browser memory.

Fileless malware is written directly to RAM of the infected system and no changes are made on the hard disk. The malware works in memory and the operations end when the system reboots.

Defending Against Fileless Malware Attacks:

The effective way to defend against fileless malware attacks is to adopt an integrated approach that addresses the entire threat lifecycle. Employing a multi-layer defense protocol enables the user to investigate every phase before, during and after the attack.

For more information on fileless malware and tips on preventing cyber-attacks on computer networks, contact Centex Technologies at (254) 213 – 4740.

Tech Support Scams: Everything You Need To Know

By

On February 29, 2020

In Security

Tech Support Scams is a million-dollar industry that is known to be existing since 2008 and is at its all-time peak. It targets innocent people into spending hundreds of dollars by tricking them with non-existent computer problems. In order to secure yourself from ever-rising Tech Support Scams, it is important to understand what these scams are and how do they operate.

What Are Tech Support Scams?

Tech support scams trick people by making them believe that their computers have encountered a technical problem. The scammers motivate the victims to make a payment in order to get rid of the problem.

How Do Tech Support Scams Operate?

The tech scammers implement a variety of tricks to target the victim. Following are some of the common ways used by the scammers:

  • Cold Calls From Fake Agents: The scammers operate from discrete locations and call random numbers from a phone directory. The scammers use VoIP technology to hide their actual number and location. They pose as technical agents from software companies such as Microsoft, Windows, etc. They take control of the victim’s computer and send fake error reports. Once the victim is convinced, they collect money for mending the error. The best way to secure yourself against these scams is to ignore such fake calls.
  • Toll-Free Numbers From Fraudulent Tech Support Companies: These companies advertize heavily on popular search engines or heavy traffic websites to build trust and attract customers. Once a customer calls these technicians for a minor service such as software activation, these technicians introduce fake pop-ups on the customer’s computer stating that the system is infected. Thus, the customer ends up paying hundreds of dollars for ‘Windows Support’. In order to protect yourself from such scammers, it is imperative to be careful while choosing a technician or tech support company.
  • Screenlockers: This method has gained popularity recently. The scammers spread malware with the purpose of locking the user out of his own system. The malware poses as an installer for legitimate software. Once installed it may either result in a ‘Blue Screen Of Death’ or show a message that you are using an expired software. In the case of BSOD, the screen will show a few numbers for seeking help. If the message indicates an expired software, it will ask for a license key. The message may include a number and some links for popular remote assistance sites/software such as TeamViewer. The scammers ask the user to install the software and share the access id in lieu of gaining access to rectify your computer’s problem. The underlying motive is to sell you overpriced solutions and ‘service contracts’.

What To Do If You Have Given Access To The Scammers?

In case you have already granted remote access to the scammers, follow these steps to reduce the impact of the scam:

  • Revoke the access or restart your system to expire the session and remove the scammers from your system.
  • Run a malware scan as the scammers may have installed malicious software like password stealers in your system.
  • Change all your passwords and update your security protocol.
  • Run a ‘System Restore’ to restore any missing files or software from your system.

For more information on new Tech Support Scams, call Centex Technologies at (254) 213 – 4740.

© Copyright 2022 The Centex IT Guy. Developed by Centex Technologies
Entries (RSS) and Comments (RSS)