Social engineering

June 8, 2021

Share this article:

The UG is taking new measures to prevent hackers from attacking their network. Therefore, we have been subjected to the mandatory password change, and soon, the university will require two-factor authentication for all it’s users. These measures will make it more difficult for attackers to gain access to the networks of the university, however, no matter how strong your password is, you should never forget that people are the weakest link in the security chain. That’s why we are often responsible for the failure of security systems.

During the corona pandemic we have observed a tremendous amount of increase in phishing, scam, and ransomware. These acts of cybercrime pose sever threats to our security as individuals. I would like to focus on phishing attacks, since these are the works of individuals with extensive knowledge on artistry. These people or organizations are called con artist (or organizations). They are good at making people believe things that are not true. For example, they will impersonate organizations with which we interact daily, like government agencies, schools, and banks.

Personally, I had received an email from someone who was impersonating the university and saying that there were two blocked incoming messages. It looked like a legit email, since the domain where the mail originated from, does officially belong to the university. However due to either an improperly configured mail server or email spoofing, the attackers were able to impersonate, as if the email was coming from the university. When I clicked on the link, sandboxed of course, I noticed that the domain was in India. The page looked like Nestor, however the font size was not correct, and it looked like a cheap Alibaba version. At that point I realized that there was something wrong and did not proceed to enter my personal information.

This is one reason why we need to be careful and double check when entering our information on suspiciously looking website. Don’t forget that hackers nowadays are able to create identical looking websites to that of official organizations, in order to disadvantage people (i.e. steal money, identity theft, etc.). They use old tricks, disguised in new tools.

Disclaimer: It’s often relatively easy to avoid phishing attempts. Just be suspicious, avoid clicking on strange links, and generally do your best to not give the attackers anything to work with.


This article is written by Berke Aslan

Read more

Dunning-Kruger Effect

Dunning-Kruger Effect

How intelligent do you think you are? Can you accurately predict your own skill level or judge the intelligence of your ideas? In 1999, David Dunning and Justin Kruger, two social psychologists, discovered that people are exceptionally poor judges of their abilities,...

Reaching the Unreachable

Reaching the Unreachable

Have you ever felt like giving up? Wanting to quit something because it seems impossible to reach your goal (for example passing Difference- and Differential Equations)? Of course you have, but don’t give up too fast! Sometimes, it is possible to succeed in what...

Van Gogh – not just a painter

Van Gogh – not just a painter

Van Gogh is undoubtedly one of the most famous painters of all time, but perhaps it’s time to consider him a mathematician. Starry Night is one of Van Gogh’s most renowned paintings, depicting just that: a starry night. With a bright moon on the right, and Venus in...