What makes us up-to date?
The moment we have awareness of any event, social announcement, information etc.. then we are up-to date with the market.
Why should we?
Consider stock market trading. All the trading happens based on the latest events,announcements happened in a company. Similarly this will also applies to our digital assets.
Late in 2016, Indian government has announced that they have cancelled the 500/1000 Rs notes in-order known as 'demonetization'. Hackers from other country took this news as an advantage and sent mails to our customers by spoofing our corporate mail id's. The mail says like this: " Dear Sir, Due to the inconsistent financial situation in India, our government is tracking every transaction for auditing purposes. We request to kindly send the payment to our offshore account in Hong Kong. Account details are as follows......". This email seems to be legit and crafted perfectly based on societal situation. Our customers believed this as an alert mail and sent our payments to the bank without any acknowledgement mail to us. Our organisation may not be the only victim.There may be other 1000 companies effected by this crafted phishing attacks.
The only weapon attackers used is the news that happens at the moment. They created a situation in the mail and made our customers believe that it really happened. We can also use this weapon to stay secure. One can interpret the data in a way they want. As we are living in a society where information is treated as weapon, we should always update our knowledge on whats happening and interpret the resources in a way how we think as well as how attacker is thinking.
Update1: Big billion day!
I have planned this blog to express my view on Information security and will try to learn/help from/for other security minds. All views expressed here are strictly from personal view. This blog is neither an organization nor affiliated to any organization with respect to the blog posts.
Hi.. Myself Varun Kondagadapa and I am Information Security Specialist having 2+ years of experience in Securing organizations. From startups to MNC I have work experience in all scales of Infra.
Be the first one to comment