Open in app

Sign in

Write

Sign in

How to protect yourself from hackers

Falken Smaze
5 min readMar 2, 2022

--

Cyber crimes become increasingly more common as time passes. More sophisticated attacks appear, more social engineering techniques and so on. How can an ethical hacker, help you protect yourself from black hat hackers without over complicating things? Well, let’s find out.

# Phishing

In this article , we will talk about the most common technique used by black hat hackers to compromise systems/accounts, phishing.

  • What is phishing?

-> Phishing is a type of social engineering where an attacker sends some sort of message designed to trick a victim in revealing personal information. ‘Personal information’ comes in different shapes and forms. That can be considered as revealing account credentials, or even granting access to an attacker on your computer. Let’s firstly talk about account-takeover type of phishing.

  • How to detect?

-> Phishing for account-takeover is usually done via a malicious e-mail or SMS. You might be sent a very trustworthy looking e-mail, claiming to be from a legit service, trying to get you to log-in somewhere. This can be easily detectable. Here’s a nice picture that shows you some of the things you need to look out for when you receive an e-mail:

# However, I would like to note that you should not only look at the e-mail address, but at the SMTP server that the e-mail is sent from. You can do that by clicking on the arrow which is placed right under the e-mail. If it looks suspicious, it is most likely a phishing e-mail.

# Also , another thing to note here. If you are working for a company and receive e-mails everyday, attackers might target you to install some kind of software on your computer. They will have a well-written story and will most likely get you to install malware on your system. You need to be extra cautious when dealing with these kinds of e-mails, even forwarding them to the IT department if that’s the case.

  • What to do if you get phished?

# So, you did sign-in on the phishing website. Now what?

-> The way you have probably figured this out is via a security e-mail coming from the service of your account. “Unknown Sign-In/New Location detected” are both signs that you have been hacked , in the event that you were not the one who signed-in. The first thing to do in this scenario, is try to log-in to the account and change the password. If that is successful, then add extra security steps such as 2FA or MFA. In the event that you could not log-in, send an e-mail to the support team of the online service, describing the issue. An extra but recommended step is to change the password for all of the other online accounts you have and add extra security steps on them as well.

# Let’s talk malware

  • What is malware?

-> Malware is a type of software designed by an attacker to perform malicious actions on a compromised system. These malicious actions can vary, from dumping credentials to establishing persistence on the system or to even spread itself on the network.

  • How to detect?

-> People usually get infected with malware when they install software . They might do a ‘google chrome web browser download’ search on the internet and one result may return a malicious website , designed to look a lot like the official Google website. After the user runs the executable file (.exe file), it is game-over. The attacker is granted access to your system. Another way that you might get infected, is , like account-takeovers, through malicious e-mails. This however, is more common in the company-field. Go back up to check the things you need to look out for when detecting a malicious e-mail. So, it is very simple to detect malware that comes in this ‘phishing’ form. Just don’t install unknown software from unknown vendors/websites.

# What to do if you do install malware on your system?

-> The first thing to do is attempt remove the virus using your anti-virus software [My recommendations : Kaspersky; MalwareBytes; BitDefender; Eset AV]. Then , try to end the process of the malware. You can do that by opening up Task Manager > More information, and try to identify any uncommon application. Then, simply click on the process, and click on ‘End process’. Of course, sophisticated malware can inject itself into a working trusted processes. However this is the most user-friendly tip I can give you. There are some alternatives to this for example TronScript; for more information check out > https://github.com/bmrf/tron ; https://www.reddit.com/r/TronScript/ .

# Extra tips before I go

  • Do not use public networks/Wi-Fi networks. If it is necessary to use one, use a VPN (virutal private network). For more information , check out this wikipedia article : https://en.wikipedia.org/wiki/Virtual_private_network
  • Enable 2FA/MFA right now!
  • If possible, ditch Windows and switch to Linux.
  • Use secure passwords
  • Use different passwords for different services [ use a password manager ]
Hacking
Cybersecurity
Cyber Security Awareness
Cybercrime
Security

--

--

Falken Smaze
Falken Smaze

Written by Falken Smaze

541 Followers
3 Following

| ethical hacker; developer; content creator

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams