Practices and experiences of phishing

Today, I said on twitter that my QQ could not be used several times a year. I 'd better sell it. @ Cosbeta says that he needs a short QQ number to do business. Because he has a lot of knowledge on twitter, I just gave it to him. I came back to give him related information in the evening. At this time, something interesting happened. Someone tried to get this QQ number and wanted to fish through the "social engineering" method. Although I will not be fooled, I think it is somewhat fraudulent. So I will share it with you and remind you to pay attention to it.

The email is very short.

498) this. style. width = 498; ">

1. the email address in the figure is well registered. It must be fraudulent. I would like to remind you that this is not the email address of @ cosbeta. To identify whether a mailbox is commonly used, you can use google to search for the previous activity records. If there is no activity record, it is generally just registered.

Previous activity records are equivalent to credit card bills on the Internet, which is one of the reasons why I have always urged everyone not to pay too much attention to the so-called privacy. You need to keep a credit record for others to check. If you know @ cosbeta, you can search for the real mailbox to see how many results are there.

Google looks at activity records. This method can even be used to deal with a specially crafted email server with a reverse resolution domain name (which can be called an official Phishing ). Is a simple and effective method.

Of course, some pushing friends mentioned that they are well protected because they prevent spam, so that they do not have any search results. This situation is special and can be verified by other methods, I will also mention it below.

2. Pay attention to the previous cosbeta. He does set the user name, but normal people do not write the name like this. It must be in the form of a name. Even if you use a nickname, few people repeat it twice. In this case, at least be vigilant. This is not normal.

3. Be sure to judge the writing habits of the other party. This email is also rough in this regard. For example, although @ cosbeta is in Chengdu, it is very easy to talk about lisuo, and seldom adds a language like "slightly. All of his punctuation marks are full-width, and generally no halfwidth occurs. This is determined by the habits of the input method and the keyboard layout, and is similar to the fingerprint. If you do not change the machine or input method, it will not change much.

4. There are other details to determine whether an email is phishing. In this regard, you can think slowly, not to mention. The principle we need to do is not to say anything important without being able to identify.

Identity confirmation methods include but are not limited to: talking to the other party about some details, such as talking about the specific business of @ cosbeta, to see if the other party knows. I also talked a lot when I chatted with @ cosbeta for the first time. You can confirm the identity of the other party from the details of these conversations.

Of course, it may be easier to make a call. The voice and speaking habits of the other party are more difficult to forge. If you say a few more words on the phone, you can also pay attention to the environment of the other Party, whether it is under promotion, whether it is nervous, and whether the response is slow. These signs indicate exceptions. Pay special attention to them.

The best method is that both parties use the OTR signature, which is an important means to identify and protect information security. It is very effective despite the trouble. Of course, if you send a QQ number, you don't have to bother @ cosbeta to install an OTR. I can confirm his identity through the conversation. There are many specific practices, and more methods can be derived based on this.

A basic principle is that it should be confirmed through at least two channels. For example, let's talk about dm on twitter, gtalk, online, and phone. Make the content related to different channels, so that you can check whether there is a person on both sides. This idea can be used in the opposite way.

Summary: 1. Understand that important information may be leaked. 2. ensure that security is cumbersome, but important. Therefore, please use multiple channels to confirm the identity of the other party, this is the most basic step. These two points are very basic, but if you have a deep understanding, you can solve many problems.

After the skills are completed, I will sum up the lesson: there are still bad people on twitter, and a QQ number is worth doing this. Other information may be interesting for different purposes. Therefore, if you use a third-party streamer from unknown sources, please remember to change your password. Maybe your password has been saved. I am very, very confident that someone has used a third party or an api to collect a large number of passwords and information for twitter accounts, which will be used in some cases.

Security awareness must always be kept in mind and be cautious with key issues. Note that email addresses can be forged, but gmail is difficult, but it is still possible to be forged. So pay attention to what you are, what will make you lose money, and what will make you die. Exercise caution when considering the consequences.

There are some unobjectionable methods to confirm the information, which can be shared. For example, if I want to send money to someone else and the recipient sends a text message to an account, how can I confirm it? To be polite, you can say: Could you please confirm the amount? If the other party sends details, the details are generally similar. The first contact person can talk about the past as a greeting, and so on.

In general, security is very difficult to achieve. We can default that our behavior is insecure, and then use a series of measures to reduce the probability of insecurity, and ultimately reach a better balance. This article lists some simple and easy-to-implement methods. A deep understanding of these principles may not guarantee absolute security, but at least it can handle most of the troubles.