Zero-Knowledge Proof – How It Works
Zero-knowledge proof is a cryptography technique that enables one party to prove knowledge without revealing it. – Read how it works here.
🇺🇦 Hacken stands with Ukraine!
Learn moreUseful links for crypto enthusiasts
Let’s imagine for a moment, it’s the middle of a work day, you’re up to your eyeballs in work, and then suddenly receive an email from your colleague with a further message, “Check out thes link. It is a new listings on thi exchange: link” The typos do not confuse, and it’s pretty likely that you’ll follow the link because you’re “just curious”, “looking for a distraction”, “that colleague always shares something useful”, and so on. Being ever so trusting, you click the link and in less time than it takes to say, “abracadabra”, all the sensitive data on your computer magically disappears. Congratulations, you’ve just been scammed by a fake website.
Such a manipulation refers to social engineering (SE), phishing in particular. The attackers use various socio-psychological methods to uncover personal data or to insert a virus to do it for them. They instil a false sense of trust by taking advantage of person’s mental triggers, for instance, sympathy or fatigue.
It is not enough to state, “I am a conscious user, it will never happen to me”, because it happens. Consider that according to the research of Cybint, a cyber education company, a phishing attack happens every 39 seconds; only 5% of governmental, retail, and technology industries can resist the breach; half of the SE attacks target small businesses; and only 38 percent of world organizations can ensure that they are able to handle a sophisticated offense. One important step to take against this dreadful statistics is to report an internet scam or fraud.
There are 7 signs of a phishing attack, learn them all
— Report a phishing page to Google Safe Browsing team. The link redirects you to a simple form which is needed to be filled out to report about a page that looks like another page with the aim of stealing users’ personal information. Information will be kept within Google’s privacy policy.
— Report a phishing Web site to Microsoft IE & Edge. This is an article describing the steps on how to report a fake website on Windows Internet Explorer 7 and 8.
— Report to Google Adwords Campaigns about unauthorized ads. There are four main categories (Trademark Violation; Advertising of counterfeit goods; Violation of other AdWords policies; Multiple ads from the same company are shown simultaneously) and numerous subcategories in each.
— Report to Ethereum Scam Database. This is a large database that users and cyber security experts update constantly. It deals mostly with fake websites created to harm the blockchain industry, particularly ICOs.
To block malicious and suspicious URLs install:
— EtherAddressLookup (EAL) – is an extension for Google Chrome. It provides integrity and safety of your crypto capital. In the settings, you must enable “Warn of blacklisted domains” to make the extension prevent you from visiting phishing sites from their list. Currently, there are more than 1594 domains in the blacklist of EAL.
— MetaMask – the goal is the same as in EAL-to block phishing websites. Besides, the extension allows the user to manage their own identities: so when a decentralized application wants to perform a transaction, the user receives a secure interface to review the transaction, before approving or rejecting it.
Being a manager or owner of an IT company, you are given greater responsibility, and the theft of trade secrets can lead to more severe consequences than the theft of identity in Facebook (however, we know that it is enormously unpleasant as well). Therefore, more sophisticated steps should be taken not only after identifying a phishing website, but also before you face it.
First of all, you definitely need to purchase anti phishing protection. Hacken’s service has already saved Jibrel Network’s ICO from several fake social media accounts. How can it be helpful for you? When the threat is identified, the Hacken’s team launches three directions to eliminate it. Website takedown supposes submitting the abusive domain via APIs, online forms and emails to various third parties, which will block and takedown it. Furthermore, takedown of Fraudulent Search Ads will overbidde ads run by criminals on all main keywords. The specialists will contact Google or other involved search engine insisting on the removal of all fraudulent ads. Fake social media accounts on behalf of your company’s name will be deleted as well.
Besides, in time of peace, Hacken will work hard to detect phishing domains that can possibly harm your company or clients and will take them down. The same procedure will be performed with Google ads and any other search ads. Thinking about the purchase of anti phishing service, do not forget to report any cyber violations to The Internet Crime Complaint Center.
Want to see a real life example of a phishing attack? Check Nucleus Vision case
Phishing is an extremely unpleasant event, which can be compared to being hooked (only the hook can be of various sizes). Hence, people should be careful to avoid being phished and contribute to the global struggle against cyber criminals around the world. All in all, the IT industry gains momentum, and malicious hackers remain part of this development. If you’re tired of constantly reporting to The ICCC, or don’t want to do it at all, contact Hacken, and we will take on this task for you.