If you need assistance, please call 914-290-5258

Professional Hacker Tricks: how they get in to your computer.

Thursday, July 11, 2019   /   by Vanessa Saunders

Professional Hacker Tricks: how they get in to your computer.

Burglar2Pic.jpg
(This isn't just about real estate but it's damn fine information for anyone, REALTOR®, buyer, seller or anyone with access to social media and the Internet.)

Why do hackers do it? Why do they spend hours trying to break into corporate and government computers? Because breaking into a computer system is like getting the keys to the corporate kingdom, gaining trust and access.

These are not nice people.They are not just some teenager sitting in his bedroom in his pajamas, clicking around on a lap-top. More likely, they are foreign nationals in a concrete office building, surrounded by other hackers pounding away at your security system to plant malware, get passwords and banking information and encrypting entire systems to sell for ransom. Their targets range from small businesses and individuals, to the computer systems of entire cities, which happened to Baltimore and Philadelphia recently. 
So how in the heck do hackers get your company info to target an attack? Sadly, your employees give it to them.
In an expose on FastCompany.com, a paid corporate hacker/security specialist for IBM revealed the tricks of the trade in getting employees to reveal passwords, security information, and clues that help hackers target a company for an attack.  Companies like IBM hire such specialists to find gaps in their security systems before the real bad guys do. The article shows how they scour the internet for information, tricking employees into revealing secrets over the phone, and even using disguises to break their way through the office security system.
That's right. No convoluted hacker algorithms, no secret "Black Web" tricks. Your biggest security problems are your own trusted staff. It's not that they WANT to give away the store. It's that they just don't realize how simple, innocent behavior can reveal so much on our socially connected platforms.
Most vulnerable are new hires and interns, often given computer passwords and essential information like security badges before they even have time to get security training. People with new jobs, especially younger generations used to sharing their life events on social media often post pictures of themselves at work: selfies with their "team," their office space, even shots of their new security badge, and put them online. Don't believe it? Take a look for your company on your favorite social apps for posts tagged with #firstday, #newjob, or #intern along with your #companyname. 
Security Badges.
New hires love publishing their new security badges because they are the first real undeniable evidence that they are on their way to a new career and a new life. Hackers love security badges because they can easily re-create an identical badge with their own photo planted on it to gain access to secured buildings. 
The Office Snap-shot.
Hackers love office photos for what background images can reveal about a company. White boards, posters and other background images can provide inside information for entry using "Phishing" emails. A sign-up poster for the company softball team can help hackers generate a virus-imbedded phishing email that will be innocently opened by someone receiving it, unleashing whatever malware or nasty code a hacker wants to plant in the company's computer system. Even better are easily visible Post-It notes on computers in the background with access codes and passwords.
The "Day In The Life" video.
When an employee records an entire day at work and puts it on Facebook, YouTube or Instagram, it's like open season for hackers. They have an invitation to see building layouts, security areas and company plans on whiteboard displays. Hackers don't have to break in to the building - they're already there! Plus close examination of laptop and computer screens reveals the types of security tools and software a company uses, allowing hackers to tailor an attack with custom malware disguised as a fake software update.
Online complaint forums
Whether through Glassdoor, job boards, or social media sites, learning what issues are currently making employees tick can help hackers craft a phishing email that plays to their complaints and desires. A fake (malicious) email appearing to come from the company addressing employee problems will get a lot of clicks, again welcoming malware into the system.
From shared credentials on whiteboards to Wi-Fi passwords posted in plain sight, "getting in" breaks down the walls that divide hackers from company data and secrets. Social media posts can reveal enough that hackers don’t even need to personally visit a company or government office to get information or plant malware. It's like they're already there.
For access to the entire story on corporate hacking, CLICK HERE.
If you dare!

  hudson valley real estate, hudson valley property, hudson valley home sellers, orange county ny, rockland county, westchester county, ulster county, sullivan county, selling your home, manhattan, dutchess, sales strategies, hudson valley house, hudson valley living, delaware county, scam alert

Global Property Systems
Vanessa Saunders MBA MIMC CIPS - NYS RE Principal Broker
56 Lafayette Avenue Suite 320
White Plains, NY 10603
914-290-5258

image001.png The data relating to real estate for sale or lease on this web site comes in part from HGMLS. Real estate listings held by brokerage firms other than are marked with the HGMLS logo or an abbreviated logo and detailed information about them includes the name of the listing broker.

The information appearing herein has not been verified by the Hudson Gateway Multiple Listing Service, Inc. or the Hudson Gateway Association of Realtors, Inc. or by any individual(s) who may be affiliated with said entities, all of whom hereby collectively and severally disclaim any and all responsibility for the accuracy of the information appearing at this web site, at any time or from time to time. All such information should be independently verified by the recipient of such data. This data is not warranted for any purpose.

©2019 Hudson Gateway Multiple Listing Service, Inc. All rights reserved.

The data relating to real estate on this website comes, in part, through the IDX of the Multiple Listing Service of Ulster County, Inc. Real estate listings held by brokerage firms other than Vanessa Saunders - Global Property Systems are marked with the IDX logo and detailed information about them includes the name of the listing broker.