Waa maxay Spear phishing? Sharaxaada, Tusaalooyinka, Ilaalinta
Horay ayaad wax uga ogeyd Phish(Phishing) -ka: habka loo dhigo xoogaa sed ah oo la sugo qof si uu u shaaciyo xogtiisa gaarka ah. Phishing waxa ay ku timaadaa dhadhano badan sida Spear(Spear Phishing) phishing , Tabnabbing , Nibiriga(Tabjacking) , Tabjacking(Whaling) , iyo Vishing and Smishing. Laakiin weli waxaa jira nooc kale, kaas oo ah Spear Phishing .
Waxaa laga yaabaa inaad horey ula kulantay Spear Phishing(Spear Phishing) . Markaad isticmaalayso farsamadan, dambiilayaasha internetka ayaa fariin kuu soo diraya cid aad taqaanid. Fariinta ayaa ku weydiinaysa macluumaadkaaga shakhsiyeed iyo midka maaliyadeed. Mar haddii ay u muuqato inay ka timid cid la yaqaan, kaliya waxaad ku jawaabtaa fikir labaad la'aan.
Waa maxay Spear phishing
Spear Phishing waa hab ay dambiilayaasha internetka u adeegsadaan farsamo la bartilmaameedsaday si ay kuugu khiyaaneeyaan inaad rumaysato inaad email sharci ah ka heshay cid la yaqaan, oo ku weydiinaysa macluumaadkaaga. Hay'addu waxay noqon kartaa qof ama urur kasta oo aad la macaamilayso.
Way fududahay in laga dhigo mid asal ah. Dadku waa inay iibsadaan xayndaab laxidhiidha oo ay isticmaalaan domain-hoosaad u eg ururka aad taqaan. Waxay kaloo u ekaan kartaa aqoonsiga iimaylka ee qofka aad taqaan. Tusaale ahaan, something.com waxay yeelan kartaa subdomain magaciisu yahay paypal.something.com . Tani waxay u oggolaanaysaa inay abuuraan aqoonsi iimaylka ah oo taga [email protected] . Tani waxay si qurux badan ula mid tahay aqoonsiga(IDs) iimaylka ee la xidhiidha PayPal .
Inta badan, dambiilayaasha internetka ayaa isha ku haya dhaqdhaqaaqaaga internetka(Internet) , gaar ahaan warbaahinta bulshada. Marka ay wax macluumaad ah kaaga helaan shabakad kasta, waxay heli doonaan fursad ay macluumaadka kaa soo saaraan.
Tusaale ahaan, waxaad soo dhejisaa cusbooneysiin adoo sheegaya inaad telefoon ka soo iibsatay Amazon goob kasta oo xiriir bulsho. Kadib waxa aad imayl ka helaysaa Amazon oo sheegaya in kaadhkaga la xannibay oo aad u baahan tahay in aad xaqiijiso akoonkaaga ka hor inta aanad wax soo iibsan. Maadaama aqoonsiga iimaylka uu u eg yahay Amazon , waxaad si diyaar ah u siinaysaa macluumaadka ay ku weydiiyaan.
Si kale haddii loo dhigo, Spear phishing waxa uu beegsaday Phishing(Spear Phishing has targetted Phishing) . Aqoonsiga(IDs) iimaylka iyo fariimaha adiga ayaa lagu gaaryeelay - iyadoo lagu salaynayo macluumaadka laga heli karo internetka(Internet) adiga.
Tusaalooyinka Spear phishing
In kasta oo phishing ay tahay shay maalinle ah oo qaar badan oo ka mid ah ay yaqaaniin si ku filan si loo ilaaliyo, qaar weli way ku dhacaan.
Mid ka mid ah tusaalooyinka phishing-ka waran ugu wanaagsan uguna caansan waa habka loo beegsaday cutubka RSA ee (RSA)EMC . RSA waxay mas'uul ka ahayd amniga internetka ee EMC . Dembiilayaasha internetka waxay soo direen laba iimayl, mid walbana wata faylka EXCEL oo uu ku jiro (EXCEL)MACRO firfircoon . Cinwaanka emailka ayaa lagu sheegay inuu yahay Qorshe Shaqaalaysi(Recruitment Plan) . In kasta oo labada emailba lagu shaandheeyay faylalka junk(Junk Folders) ee shaqaalaha, mid ka mid ah shaqaalaha ayaa ogaaday oo soo celiyay. Markii la furay, MACRO waxay u furtay albaab dambe oo loogu talagalay dadka soo diray emailka. Kadib waxay awoodeen inay soo iibiyaan shahaadooyinka shaqaalaha. Inkastoo ay tahay shirkad ammaan, haddii RSAwaa la khiyaami karaa, qiyaas nolosha isticmaalayaasha internetka(Internet) ee aan laga shakin .
Tusaal kale oo ku saabsan shirkadda amniga internetka, waxaa jiray iimaylo ka yimid dhinacyo saddexaad oo ku khiyaameeyay maamulayaasha inay rumaystaan inay shaqaalahoodu tahay inay faahfaahin weydiiyaan. Markii dambiilayaasha internetka ay heleen macluumaadka iyaga oo iska dhigaya shaqaale ahaan email ahaan, waxay awoodeen inay lacag ka helaan shirkadda oo lagu wareejiyo akoonnada dembiilayaasha ee xeebaha. Waxaa la sheegay in Ubiquity ay lumisay in ka badan $47 milyan oo doolar khiyaanada waranka-fiishka awgeed.
Khiyaamooyinka Whaling(Whaling) & Spear phishing ayaa soo ifbaxaya arrimo amniga internetka ah. Waxaa jira farqi dhuuban oo u dhexeeya labada. Spear Phishing wuxuu bartilmaameedsadaa koox dad ah - sida iimaylka bartilmaameedka u ah shaqaalaha shirkadda, macaamiisha shirkadda, ama xitaa qof gaar ah. Khayaanada (Scams)Whaling waxay caadi ahaan beegsataa maamulayaasha heerka sare ah.
Ilaalinta phishing-ka
Had iyo jeer xasuusnoow in aysan jirin shirkad e-commerce ku weydiin doonta macluumaadkaaga gaarka ah iimaylka ama taleefanka. Haddii aad hesho fariin nooc kasta ah oo ku weydiinaysa tafaasiisha aanad ku qanacsanayn la wadaaga, tixgeli inay tahay isku day waran-phishing oo si toos ah u jar. Iska daa iimaylka(Ignore) , fariimaha oo kale demi wicitaanada noocaan ah. Waxaad ka xaqiijin kartaa ururka ama qofka ka hor inta aanad ka jawaabin mustaqbalka.
Hababka kale ee ilaalinta Spear phishing , waa in la wadaago oo keliya inta looga baahan yahay shabakadaha xidhiidhka bulshada. Waxaad odhan kartaa waa sawirka taleefankaaga cusub oo dheji halkii aad ku dari lahayd inaad ka soo iibsatay ururka XYZ - taariikh cayiman.
Waa inaad barataa sida loo garto weerarrada(identify Phishing Attacks) phishing-ka si aad wax badan uga ogaato ilaalinta phishingka guud ahaan. Asal ahaan(Basically) , waa inaad haysataa software ammaan oo wanaagsan oo si fiican u shaandhaysa iimaylkaaga. Waxaad ku dari kartaa caddaynta iimaylka iyo sirta macaamiisha iimaylka ee aad isticmaashid si aad si fiican u ilaaliso. Qaar badan(Many) oo ka mid ah isku dayga-fishing-ka ayaa laga yaabaa in lagu qabto barnaamijyada shahaado-akhrinta oo lagu dhex dhisay ama lagu rakibay macmiilka iimaylka.
Stay safe, stay sharp when online!
Related posts
Madaxbanaanida Dijital ah - Qeexid, Macnaha, Tusaalooyinka iyo Sharaxaad
Kaabayaasha Adeeg ahaan - Qeexid, Sharaxaada iyo Tusaalooyinka
Weerarada Ransomware, Qeexid, Tusaalayaal, Ilaalinta, Bixinta
Sidee Looga Fogaadaa Khayaanada Khiyaamada iyo Weerarada?
Noocyada Phishing-Sheet-qiyamka iyo Waxyaabaha aad u baahan tahay inaad ogaato
Waa maxay Domains Parked iyo Doomaha Qulqulka?
Ilaalinta Ilaha Windows ma bilaabi karto adeegga dayactirka
CSS Exfil Ilaalinta biraawsarka kordhinta waxay bixisaa CSS Exfil weerar nuglaanta
Sida loo dejiyo Ilaalinta Folderka ee kootada OneDrive
Waa maxay Google Advanced Protection Program?
Waa maxay liiska cad ee BIOS? Sharaxaada iyo ka saarida.
Daar oo ku habbee Ilaalinta Ransomware ee Difaaca Windows
Waa maxay astaanta Ilaalinta Tamper ee gudaha Windows 11/10
Adeegga Platform Ilaalinta Software Sppsvc.exe taasoo keenaysa isticmaalka CPU sare
Nabadgelyada qof walba - Dib u eeg Ilaalinta Guud ee McAfee
Qeexida Weerar ku buufida Password-ka iyo Difaaca naftaada
Xatooyada Aqoonsiga onlaynka ah: Talooyin ka hortag iyo ilaalin
Waa maxay Ilaalinta Xisaabaadka ee Windows 11/10 iyo sida loo qariyo qaybtan
Fayraska COVID-19 phishing, khayaanada, khiyaanada iyo qorshayaasha
Ciwaanka shaqadu waxa uu sababay Cilad Ilaalinta - Cilad Daabacaad