Help me stay safe online
The reality
There is no such thing as a perfectly safe system. As long as we all are flawed beings, there will be errors in code, vulnerabilities in systems, nefarious people cheating or holding you ransom. That is the digital age we live in and that is the reality we need to know.
However like many things in this fallen world we can definitely mitigate the risks. So that is why I’ve made this post, to hopefully help you become a little safer while you use this amazing tool called the Internet to keep up to date with friends, use online banking, research awesome parts of creation or a myriad of other God honouring things.
What follows is a work in progress. An attempt to collate various types of attack vectors used by those who wish you ill and some tools you can learn to protect yourself and your coin or privacy.
Phishing (pronounced fishing)
You might have heard the phrase “Click bait”. That is the technique employed to cause your brain to overwhelmingly want to click on a link.
Caterpillar gets WRECKED!!! or Liberal feminist OWNS conservative student
These catch phrases or even just a single word stir up massive emotional reactions that are used to trick your brain into thinking “I need to click on this, I need to know what this is”. Threat actors use the same technique they bait you with things like “Australia Post has an order that couldn’t be delivered, check your address is correct here”.
Google has made a quiz to help with this. So have a look at that here – Jigsaw | Phishing Quiz
Fake links
The ability to replace links like https://www.techcare.au with a word TechCare is visually appealing but also good for space saving. The downside is that those nefarious bunch are using this to fake links so that you go to their website (as part of a phishing scam) or to be infected with malware by visiting purpose built websites to breach vulnerabilities in your device (e.g. iPhone, Tablet, Desktop, etc).
The easiest method to recognise this technique is to just hover over the link and if it is known URL then it is probably safe, if it is obfuscated then don’t click it.
These are legitimate:
TechCare Support – Defence of the Truth – Power 4 All
These are fake:
Australia Post – Facebook – Reset your password here
The last one is even harder to catch. They make you think you are clicking on the URL, but have just used legitimate words to make an illegitimate link.
As you can see your defence is by just hovering before you click. The more you do the better you will become.
I will add to this post as I have time to increase awareness and equip you with better tools to stay safe online.
