Cybersecurity Challenges in Social Media Erdal Ozkaya
Yüklə 1,17 Mb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- 4.6.3 Strong passwords
- 4.6.4 Not clicking on suspicious links
| 4.6.2
Do not overshare sensitive details As mentioned earlier, a burglar might know which house to break into by conveniently reading a post by a user that he or she will be traveling to some other place from a certain date. There is an urge on social media of users wanting to announce to the public some details that might just make them targets. If one has huge amounts of cash in their 73 house, why flaunt on social media? Users ought to be cautious about the posts they make on social media lest they put a mark on their heads to be attacked. 4.6.3 Strong passwords The most popular password in 2015 was 123456. The others that came close were password and QWERTY. This shows a huge problem on computer systems and social media; users are reluctant to use complex passwords. This is despite them knowing the risks they put themselves into when they use such passwords. The laxity of users to use complex and non- easily guessable passwords is alarming. Therefore, it is best if they installed password managers to help them create and store passwords. 4.6.4 Not clicking on suspicious links It was highlighted that attackers use URL shorteners in order to obfuscate links that lead to malicious websites. There are also tricks to make a URL appear as if they are of legit companies. For example, let’s say that an attacker has a clone of the PayPal login page. He can use this page to get social media users to enter their actual PayPal logins. A trick to get them to this site is by giving an irresistible prize such as $100 for completing a survey. This will get a number of clicks. The hacker can tell the targets to first login into Paypal in order to be able to claim this prize and give them the link to the cloned site. Since the cloned website will look entirely similar to the official PayPal website, very few will have doubts on whether the site is legit. There is laxity in users to verify the URLs of the sites they visit, especially when these are provided through shortened URLs. It is also easy to host a website with a fake but similar URL. There are also some tricks that can be used when hosting a fake site to make a domain name appear more legit. For example, the hacker, in this scenario, could host the domain name com_password.net. 74 He can then subdomain it with a name such as PayPal so that he gets an end URL that looks like this: Paypal.com_password.net To a novice user, this looks like a legit URL from PayPal because it has the Paypal.com part. The hacker uses this URL together with a cloned PayPal login page to get a user to give his or her login credentials. The scenario just explains one type of the many attacks that are done with the help of links. Therefore, users ought to be cautious when clicking on links sent to them via social media messages or social media posts. When a deal sounds too good, it is highly likely to be a scam. No one is going to offer $100 to have a simple survey completed. There are very many other tactics that are used to get people to click on links. Users need to be aware of all this and avoid clicking these links at all costs. Yüklə 1,17 Mb. Dostları ilə paylaş:
|