Imagine someone has taken over your account, what would happen to you and the people who contact you on WhatsApp?
Just as it is easy to fresh install of WhatsApp for your new phone is also how easy an attacker would gain access to your WhatsApp and possibly start a conversation with your friends claiming it is you.
Most times, the direct risk is not to you if you’re attacked, but to your contacts. They can expect to receive requests for data or even emergency funds. This is social engineering at its best. We would trust an end-to-end encrypted platform, a message from a trusted friend and so are coded to have our guards down and rather feel pity in these circumstances.
The repercussions of this happening are beyond imagination. This can even further spread to more of your contacts having there WhatsApp accounts taken over.
With the account taken over, the attackers could then message contacts in the groups you are in as if from the account holder (you), as well as any other contacts whose WhatsApp messages were received after the take over. No legacy data is compromised. The target device remains untouched. WhatsApp has simply been ghosted onto an illegitimate device.
It is surprising how many people have not yet enabled the Two-step verification PIN in WhatsApp—almost everyone we have asked has yet to set it up. If you’re the same, then please take that minute and set it up now.
The Question now is, How do we prevent this from happening to you for the first time or again?
WhatsApp introduced a feature where you can set a PIN of your own choice and even an email address just in case you forget your PIN. The PIN is your own verification to confirm that it is you even after inputting the SMS verification so you do not otherwise have to share your PIN with anyone.
You can find this feature in your WhatsApp setting > Account > Two-step verification: There you will be prompted to enable your PIN and confirm it, then you will also be asked to type in an email address to use to recover your account in case you forget your PIN
A Strategic Emergency Response Initiative seeking to establish and coordinate a joint mechanism that offers effective emergency response solutions to the dynamic and complex HRDs security needs associated with the working environment in Uganda, especially during this COVID-19 Pandemic.
Cognizant that Uganda has registered some progress in managing the situation and infection rate, these achievements have not gone without a challenge. The majority of non-governmental organizations have had to adapt to the new normal of working from home according to the respective guidelines. Therefore, our civic effort to push back against human rights violations has been curtailed since all attempts to support affected HRDs, activists, and non-governmental organizations have been stifled by the hostile civic space’s attendant elements.
HRDs and individual activists who speak truth to power during this Pandemic are highly susceptible to physical and digital security attacks. These attacks include but are not limited to intimidation, arrest, torture, killings, withdrawal of operation license, defamation, freezing of bank accounts, office closure, computer and network surveillance, office break-ins, theft and confiscation of digital equipment, loss of information, denial of service attacks and internet censorship.
Despite such hostilities, there is a lack of an inclusive, well-coordinated, sustainable and effective emergency response system geared at security, safety, and protection of the HRDs/groups and the allies during this period. Albeit the availability of the several organizations and entities that support HRDs in such instances, a reasonable number of democracy activists within and out of the capital city have on various forums referred to the available emergence response system as ineffective, unsustainable, inaccessible, individualistic, to mention but a few.
We strongly believe that the current and post-pandemic period will require response through concerted effort. Thus, it is imperative to take stock of partner organizations’ possible roles as strategies for responding to any emerging issues.
Truth is, most of us have ever been a victim of phishing before and with the abundant resources online and trainings that we have so far had, we have become sort of immune to phishing.
Our immunity against phishing has so far been boosted by e-mail service providers, mail gateways and even browsers that we use which has all embedded in their systems anti-phishing filters and malicious address scanners.
With all these above, cybercriminals are constantly inventing new, and refining old, circumvention methods. One such method is delayed phishing.
Delayed phishing is an attempt to lure a victim to a malicious or fake site using a technique known as Post-Delivery Weaponized URL.
“As the name suggests, the technique essentially replaces online content with a malicious version after the delivery of an e-mail linking to it. In other words, the potential victim receives an e-mail with a link that points either nowhere or to a legitimate resource that may already be compromised but that at that point has no malicious content. As a result, the message sails through any filters. The protection algorithms find the URL in the text, scan the linked site, see nothing dangerous there, and allow the message through.”
Effecting the malicious link
Attackers operate on the assumption that their victim is a normal worker who sleeps at night. Therefore, delayed phishing messages are sent after midnight (in the victim’s time zone), and become malicious a few hours later, closer to dawn.
If cybercriminals find a specific person to attack, they can study their victim’s daily routine and activate the malicious link depending on when that person checks mail.
Technology behind Delayed Phishing
For delayed phishing to be effective, hackers use at least one of these 2 common methods:
Although there is a third technology that is not so common which includes a randomized and short link where there is a probabilistic redirection. That is, the link has a 50% chance of leading to google.com and a 50% chance of opening a phishing site. The possibility of landing on a legitimate site apparently can confuse crawlers (programs for automatic information collection).
– Spotting & fighting Delayed Phishing
Ideally, there is need to prevent the phishing link from getting to the user, so rescanning the inbox would seem to be the best strategy.
In some cases, that is doable: for example, if your organization uses a Microsoft Exchange mail server. Kaspersky Security for Microsoft Exchange Server is also included in our Kaspersky Security for Mail Servers and Kaspersky Total Security for Business solutions.
In recent years, non-profit organisations (NPOs) around the world have faced operational and legal restrictions due to counter-terrorism regulations.
Defenders protection initiative is committed to re-enforcing the resilience of Human Rights Defenders against digital/cyber attacks. Following a survey to assess the digital security posture of civil society organisations in Uganda, DPI organised #DigiSecCon17; The Digital Security Conference 2017, themed, “Why should Civil Society in Uganda Worry” that was held in Kampala at the Serena Conference Centre, on the 8th of September 2017.