One challenge after another for the user, along with phishing, now also need to avoid vishing

One challenge after another for the user, along with phishing, now also need to avoid vishing

 ‘Voice Plus Phishing’ is a phishing attack based on a voice or VoIP. In which cybercriminals use social engineering to call from telephone, mobile, Viber, Messenger, WhatsApp, or any unknown number and seduce or intimidate the user.

Sensitive personal and financial details of the computer and mobile users are requested under the pretext of providing false information about the problem in the user's bank account, credit card or PIN number, etc. From receiving emails and passwords, PIN codes, bank account numbers, etc., to attempts to get money deposited into your account from a bank, this is what happens.

Such incidents have been on the rise lately. Therefore, the Telecommunications Authority of Nepal, the regulator of the telecommunications sector, has suggested some measures to avoid Vishing. Based on that, we are giving tips on how to avoid phishing.

Let's not pick up the phone from an unknown number. Also, do not call back to such unfamiliar numbers.

When picking up a phone from an unknown number by mistake, let's not provide the information requested by such strangers in a hurry. Also, if there is any doubt in the phone call, we should immediately inform the regulator about the phone call through the official email of the authority or the Complaint Handling System.

Don't believe a phone call or a voice message from a stranger showing various temptations (lottery/gift, visa, social security, loan) and don't reply.

Password, OTP, Bank Account Number (PIN), PIN (PIN code) and do not give such sensitive details to anyone when asking for the code on the mobile.

When someone demands Personally Identifiable Information (PII) over the phone, including citizenship number, passport number, insurance number, bank account number, we should not provide such details to anyone.

Never do this if someone suggests you press a button on your device or click on a link via phone or voice message.

If there is any suspicion of theft of any sensitive details including financial details, Pincode, password of your bank, let's change the password and pin code immediately and immediately inform the concerned institution/bank.

Use an official or trusted app to block scam calls from strangers.

This is how social engineering leads to cyberattacks, how to avoid them?

Social engineering is a type of cyber attack, in which a cyber attacker uses psychological tactics and strategies, as well as relationships with people. They try to get the user's password, bank account number and PIN code, and amount.

They are also succeeding in this. It is usually easier to win a person's trust by attracting them than by hacking.

So Cyber ​​Attackers allow you to download enticing messages, music, movies for free and at the same time secretly install malicious software on the computer to gain access to the computer user and take control of the computer.

Similarly, cyber attackers use cyberattacks to fool and intimidate people into obtaining passwords. In this way, they even try to get money deposited in their account from the bank and succeed in trapping such people directly.

Cyber-attackers send emails, use fake websites that look like real ones, send messages and even use phone calls and win people's trust through psychological activities. Social engineering is the act of deceiving, stealing, and selling data directly to the users and damaging the value and reputation of the organization financially.

To carry out a social engineering attack, cyber attackers use phishing emails, telephone / mobile conversations (Vishing), pen drives (USB Sticks), websites (Internet freebies), physical access (Physical impersonation), and electronic waste (Electronics). Waste) is used as a medium.

How to avoid social engineering attacks?

Don't reply to suspicious emails as they may be phishing emails.

Do not click on suspicious attachments of emails and links found in them.

To search and identify the authenticity of the sender by hovering the crosser in the email address and the link embedded in the email.

Generally not providing sensitive information in telephone / mobile conversations.

Don't give your personal details to the caller under the pretext of gift, lottery, working visa, etc.

If there is any doubt about the caller ID, message sending ID, and shirt code, search and identify the authenticity.

If there is any doubt about the name of the caller, the name of the organizational unit, or an external company, take some time to search and send your details only after identifying the authenticity.

Pen drives (USB sticks) can be attacked by putting malicious software such as viruses, key loggers, trojans, ransomware, so use the pen drive only after scanning for viruses.

Usually do not use pen drives (USB sticks) on very important infrastructure (sensitive infrastructure like a server).

If an unfamiliar pen drive (USB Sticks) is found, do not use it on your computer and do not open the contents of such pen drive (USB Sticks).

Provide your personal details only by identifying the official website.

Do not download and use cracked and pirated software.

Don't use unsafe websites like Emu, BitTorrent, Araj.

Don't use insecure websites (Internet freebies) that offer various offers of movies, songs, music videos, software, books, etc. for free.

Keep passwords and physical locks on workplace computers.

Accurately identify any person before giving them any access to your computer or device.

To arrange proper security guards in the workplace.

To do electronic waste disposal.

Since even electronic materials that do not work can contain sensitive details, such materials should not be disposed of indiscriminately and should be disposed of only by destroying sensitive details.

Dispose of expired electronic cards such as ID cards, ATM cards, access cards, etc. before disposing of any details from those cards.

Dispose of useless data from useless hard disk pen drives, memory sticks, and electronic data on USB flash drives.

Is your phone waterproof? Check it out like this

One of the various apps on Android is the 'Water Resistance Tester', an app to find out how safe your phone is from water. This is an app in the Google Play Store, the use of which we may not know about in general.

This app can be used to find out the IP rating of an Android phone using a barometer air pressure measuring device in a certain environment.

According to the app's developer Ray Wang, the app was developed to help people find out what their waterproof ceiling looks like once they have repaired their phone or have been using it for a long time.

You can see how safe your phone is from water by downloading this Android app and following the instructions given in it.

If your phone is waterproof, it grades your phone as 'pass', if your phone is not waterproof, or if your phone is degraded, Apple grades your phone as 'fail'.

But just because your phone is passing doesn't mean that you can take it back and immerse it in water. This app is not the first app made to test waterproof.

There are many such apps in the Google Play Store, some of which are used for phones and some for limited phones. Some of these apps have now stopped running.

Amazon's online store down worldwide

E-commerce giant Amazon's online stores in various countries have gone down. On Sunday night, 'error' messages were seen in the regional domains operated by the company in different countries.

According to the online monitoring website DownDetector, problems have been seen in online stores in the United States, India, Canada, the United Kingdom, and France. Amazon's customers in those countries had problems with the online shopping process.

According to DownDetector, there were problems on the online Star's website for about two hours. In the meantime, users had sent more than 38,000 reports.

Meanwhile, the company has recently informed that the online Star service has returned to normal. ‘Some customers had temporary problems shopping. We have solved this problem and now everything is going smoothly, 'said an Amazon spokesperson.