Social engineering

June 8, 2021

Share this article:

The UG is taking new measures to prevent hackers from attacking their network. Therefore, we have been subjected to the mandatory password change, and soon, the university will require two-factor authentication for all it’s users. These measures will make it more difficult for attackers to gain access to the networks of the university, however, no matter how strong your password is, you should never forget that people are the weakest link in the security chain. That’s why we are often responsible for the failure of security systems.

During the corona pandemic we have observed a tremendous amount of increase in phishing, scam, and ransomware. These acts of cybercrime pose sever threats to our security as individuals. I would like to focus on phishing attacks, since these are the works of individuals with extensive knowledge on artistry. These people or organizations are called con artist (or organizations). They are good at making people believe things that are not true. For example, they will impersonate organizations with which we interact daily, like government agencies, schools, and banks.

Personally, I had received an email from someone who was impersonating the university and saying that there were two blocked incoming messages. It looked like a legit email, since the domain where the mail originated from, does officially belong to the university. However due to either an improperly configured mail server or email spoofing, the attackers were able to impersonate, as if the email was coming from the university. When I clicked on the link, sandboxed of course, I noticed that the domain was in India. The page looked like Nestor, however the font size was not correct, and it looked like a cheap Alibaba version. At that point I realized that there was something wrong and did not proceed to enter my personal information.

This is one reason why we need to be careful and double check when entering our information on suspiciously looking website. Don’t forget that hackers nowadays are able to create identical looking websites to that of official organizations, in order to disadvantage people (i.e. steal money, identity theft, etc.). They use old tricks, disguised in new tools.

Disclaimer: It’s often relatively easy to avoid phishing attempts. Just be suspicious, avoid clicking on strange links, and generally do your best to not give the attackers anything to work with.


This article is written by Berke Aslan

Read more

The Ewing Theory

The Ewing Theory

What happens if your team’s best player goes down with an injury, leaves for another team or retires? Your team should be less successful, right? Well, as it turns out, this is not necessarily always true. Sometimes, a team can inexplicably flourish without their...

Why your Dobble cards always match

Why your Dobble cards always match

Dobble: a game played by kids, but still very popular among adults. In the game, you have to draw two random cards and place them face-up on the table between all the players. Then, you have to look for the identical symbol between the two cards. Between every two...

Why do we count in base 10?

Why do we count in base 10?

What is two plus two? The realist will say four, the computer will say 100, and the cynic will say 5 – but which is correct? The reason we count in base 10 stems from the simplest fact: humans have 10 fingers. Understandable and logical, as this seems to be nature’s...