1 00:00:01,020 --> 00:00:08,220 So let's talk a little bit about how to avoid these really targeted spearfishing campaigns when they 2 00:00:08,220 --> 00:00:13,980 come to you or to one of your family members or to one of the employees in your organization, one of 3 00:00:13,980 --> 00:00:19,410 the first things you can do is train your people to spot these types of attacks. 4 00:00:19,710 --> 00:00:25,680 If I hover over this address in one browser, Firefox, for example, on my Mac, you'll see really 5 00:00:25,680 --> 00:00:28,950 small in the lower left hand corner of the browser window. 6 00:00:29,110 --> 00:00:34,530 I'll try to bring this over a bit by hover over that, you'll see Facebook dotcom at and some address. 7 00:00:34,860 --> 00:00:40,980 Teach your employees, your family members to hover over these addresses and look before they ever click 8 00:00:40,980 --> 00:00:41,460 through. 9 00:00:41,790 --> 00:00:46,440 Never click through a suspicious email, especially when it has something that looks like this Facebook 10 00:00:46,440 --> 00:00:48,420 dotcom at some weird number. 11 00:00:48,960 --> 00:00:54,270 Or if I look at this in Chrome, if I hover over it, notice it resolves down to the ten point nine 12 00:00:54,510 --> 00:00:54,980 four. 13 00:00:55,260 --> 00:00:56,700 Open this up in Chrome, though. 14 00:00:56,700 --> 00:01:00,840 I'm not going to be able to hover over and see it in the current version of Safari. 15 00:01:01,110 --> 00:01:05,640 That is, if I open this up in my Mac Safari browser, I won't be able to readily see that. 16 00:01:06,180 --> 00:01:11,100 But rather than click through any email any time, especially if it has an urgent message. 17 00:01:11,100 --> 00:01:16,110 If this had said Bryson, you're in some inappropriate pictures on Facebook or I can't believe someone 18 00:01:16,110 --> 00:01:20,190 said this about you or it looks like your account has been hacked. 19 00:01:20,190 --> 00:01:23,550 You need to log in to verify that it's you. 20 00:01:23,910 --> 00:01:28,850 All you need to do is come in your browser and type in w w w to Facebook dotcom. 21 00:01:29,070 --> 00:01:34,020 The second thing that we need to do besides typing in the full address is check to make sure that it 22 00:01:34,020 --> 00:01:42,890 is secure that we are using HTP s Coingate whenever we enter our username and password. 23 00:01:43,230 --> 00:01:50,110 It's a small difference in the euro, but it's a tremendous difference in the security of the website. 24 00:01:50,130 --> 00:01:54,030 This https Facebook or https. 25 00:01:55,660 --> 00:01:57,280 Colon slash, slash. 26 00:02:01,290 --> 00:02:08,220 And the name of your bank, that secure connection means that it is encrypted and no one can just pull 27 00:02:08,220 --> 00:02:13,080 your username and password from it, plus you notice that it's going to the real website address not 28 00:02:13,080 --> 00:02:19,560 to attend at 029 or 172 dot something or another Web server halfway around the world that's trying to 29 00:02:19,560 --> 00:02:20,600 steal your credentials. 30 00:02:21,420 --> 00:02:24,530 The next thing you can do is just bookmark those websites. 31 00:02:24,810 --> 00:02:31,140 So if I click my bookmark here and say I want to bookmark Wells Fargo or Bank of America or whatever 32 00:02:31,140 --> 00:02:37,110 your bank may be, if I bookmarklet the benefit to doing that, is it all I have to do is come to my 33 00:02:37,110 --> 00:02:44,820 bookmarks and open up the Wells Fargo account or come to my bookmarks and open up Facebook from the 34 00:02:44,820 --> 00:02:48,060 secure login page when I bookmark it. 35 00:02:48,600 --> 00:02:57,450 Then I just come to my most important pages, like Facebook or Alibaba or WeChat or whatever it may 36 00:02:57,450 --> 00:02:57,810 be. 37 00:02:58,440 --> 00:03:04,500 Wells Fargo, whatever your bank account information is, if you bookmark those, it will also help 38 00:03:04,500 --> 00:03:08,070 you avoid type squatters, which is or typo squatters. 39 00:03:08,340 --> 00:03:12,480 That's let's say that you typed Wells Fargo Dotcom. 40 00:03:13,080 --> 00:03:20,490 Well, if that company hasn't purchased a few extra misspellings of its name, then that might take 41 00:03:20,490 --> 00:03:22,710 us to a malicious website. 42 00:03:22,710 --> 00:03:26,580 I'm not even going to go to this site to see if Wells Fargo owns that one. 43 00:03:27,000 --> 00:03:30,390 Typos are pretty common when it comes to typing in websites. 44 00:03:30,390 --> 00:03:31,620 So type it correctly. 45 00:03:31,890 --> 00:03:34,920 Make sure you've got a secure Web site and then book market. 46 00:03:36,640 --> 00:03:41,890 So that you don't ever have to wonder if you're going to the right site, never click through the link 47 00:03:41,890 --> 00:03:46,930 from an email, even if you hover over it and it looks good like our other one did here, that looks 48 00:03:46,930 --> 00:03:47,160 good. 49 00:03:47,440 --> 00:03:50,260 WW beat Facebook dotcom at something. 50 00:03:50,710 --> 00:03:52,000 Don't click through the link. 51 00:03:52,000 --> 00:03:56,080 Come to your browser and either type it in and make sure it's secure. 52 00:03:57,930 --> 00:04:00,810 Or better yet, Bookmarklet. 53 00:04:01,690 --> 00:04:07,870 So that you can come back to it safely in the future, you especially want to educate your family and 54 00:04:07,870 --> 00:04:14,560 your co-workers that if something in the email seems urgent, hey, you need to log in now to get this, 55 00:04:14,560 --> 00:04:21,130 or if something's giving something away for free, then you need to make sure to tell them never to 56 00:04:21,130 --> 00:04:26,230 click through the link, make them go to Facebook, dotcom and search from there, make them go to their 57 00:04:26,230 --> 00:04:32,890 bank site and search from there and never click through a suspicious email and be suspicious of every 58 00:04:33,280 --> 00:04:35,920 email, even when it looks like it's coming from a friend. 59 00:04:36,220 --> 00:04:40,780 If your friend sends you something that says, hey, it looks like you've been hacked or somebody posted 60 00:04:40,780 --> 00:04:46,840 an inappropriate picture of you, or did you really say this comment on this social media platform because 61 00:04:46,840 --> 00:04:51,490 your friend's account may have been hacked, they may have felt for some fellow fallen for something 62 00:04:51,490 --> 00:04:56,200 like this, and then they sent someone sends you an email asking for money, asking for you to click 63 00:04:56,200 --> 00:04:57,010 through something. 64 00:04:57,280 --> 00:05:01,930 It can come from that other person's account or it can be spoofed to look like it's coming from your 65 00:05:01,930 --> 00:05:02,680 friend's account. 66 00:05:02,890 --> 00:05:06,550 So you have to be really careful whenever you receive anything by email. 67 00:05:06,790 --> 00:05:11,310 If it's coming from a friend, why don't you just text them or call them, see if they're doing OK, 68 00:05:11,350 --> 00:05:14,530 make sure that they don't need help in real life. 69 00:05:14,980 --> 00:05:22,150 But spear phishers, scammers, con artists, predators are getting smarter and smarter all the time. 70 00:05:22,150 --> 00:05:27,280 We saw just a handful of ways to make an email look like it was really coming. 71 00:05:29,370 --> 00:05:36,510 From a social media Web site and not from our fake spearfishing server that we set up in Cali Linux, 72 00:05:37,200 --> 00:05:41,550 so you really need to be careful when it comes to phishing, train your kids, train your parents, 73 00:05:41,790 --> 00:05:46,950 train your family members and friends and definitely train your employees to look out for phishing. 74 00:05:46,950 --> 00:05:53,220 Remember, you can just click on a new browser window and type in the address directly, make sure that 75 00:05:53,220 --> 00:05:58,350 it's secure when you get there and you can verify that with the little lock and https. 76 00:05:58,620 --> 00:06:01,590 And then there are even finally a few tools out there. 77 00:06:01,590 --> 00:06:09,570 If you look for the net craft toolbar, this net craft toolbar will allow you to install an extension 78 00:06:09,570 --> 00:06:12,560 in your Firefox or Chrome or other browser window. 79 00:06:13,200 --> 00:06:19,680 This net craft toolbar will let you install an extension to Firefox, Chrome or whatever browser you 80 00:06:19,680 --> 00:06:25,760 like most that will help you spot fake phishing emails a little more quickly. 81 00:06:26,100 --> 00:06:32,220 So if you get something in, it's from a server that people know is a bad server, then that craft can 82 00:06:32,220 --> 00:06:36,060 give you a little advisory up here if you're wary of installing browser extensions. 83 00:06:36,060 --> 00:06:38,220 And I understand that net craft is a good one. 84 00:06:38,640 --> 00:06:46,620 And if I try to visit that htp ww dot Facebook dot com at ten point nine for address with my Minecraft 85 00:06:48,030 --> 00:06:52,830 toolbar installed and hit Enter says Suspicious You URL detected. 86 00:06:53,100 --> 00:06:57,240 The page you're trying to visit contains suspicious characters indicating that it might be a malicious 87 00:06:57,240 --> 00:07:01,260 site that dot that at ten point nine four. 88 00:07:01,260 --> 00:07:02,170 Do you still want to go there? 89 00:07:02,520 --> 00:07:03,750 No, we don't. 90 00:07:03,930 --> 00:07:06,870 And notice it says phishing site blocked. 91 00:07:07,320 --> 00:07:10,580 This phishing site has been blocked by the Net Craft Toolbar. 92 00:07:11,130 --> 00:07:12,560 Very cool. 93 00:07:13,230 --> 00:07:18,280 So once again, phishing has gotten much, much more difficult to spot. 94 00:07:18,660 --> 00:07:20,400 Be careful with every email. 95 00:07:20,400 --> 00:07:26,520 Be suspicious of any email, even if it looks like it's from your bank, from your organization, from 96 00:07:26,520 --> 00:07:31,680 your email provider or your social media platform or even from one of your friends or family members 97 00:07:31,680 --> 00:07:33,690 because they could have been hacked themselves. 98 00:07:34,290 --> 00:07:35,880 Always look at those you URLs. 99 00:07:35,880 --> 00:07:42,480 And better yet, either type in the URL or bookmark your favorite URLs so that you never click through 100 00:07:42,480 --> 00:07:44,210 a link in an email ever. 101 00:07:44,970 --> 00:07:50,010 And finally, if you want a little extra protection, you can download an extension like the Net Craft 102 00:07:50,160 --> 00:07:56,040 Toolbar for Firefox, for Chrome, for whatever your favorite browser may be, and it can help you spot 103 00:07:56,640 --> 00:08:00,280 those bad URLs that you might try to click through in your organization. 104 00:08:01,050 --> 00:08:07,290 Sometimes these tools can go a long way toward preventing the types of social engineering attacks that 105 00:08:07,290 --> 00:08:09,300 we've been training about in this section. 106 00:08:09,990 --> 00:08:14,190 Well, I hope you've learned a lot about protecting yourself, protecting your organization, even your 107 00:08:14,190 --> 00:08:21,180 family and friends from social engineering attacks like spearfishing some really scary things out on 108 00:08:21,180 --> 00:08:21,630 the Internet. 109 00:08:21,630 --> 00:08:27,690 But you can be safer by always being suspicious of emails, never clicking through those links and emails, 110 00:08:27,690 --> 00:08:32,460 especially if there's a sense of urgency or sense that you're getting something for free or something 111 00:08:32,460 --> 00:08:33,180 exclusive. 112 00:08:33,420 --> 00:08:38,910 Always go out to the Web browser and type in your favorite e-commerce site, type in your bank account, 113 00:08:39,090 --> 00:08:43,200 your bank website, type in your email account. 114 00:08:43,530 --> 00:08:47,220 Never click through those links, especially with a suspicious URL. 115 00:08:47,340 --> 00:08:51,900 And if you want an extra layer of protection, use a tool like Nekrasov toolbar. 116 00:08:52,320 --> 00:08:56,880 I hope you've enjoyed this thorough lesson on social engineering in Calli Linux. 117 00:08:57,000 --> 00:08:58,320 We'll see in the next section.