Obsessed with technology?
Subscribe to the latest tech news as well as exciting promotions from us and our partners!
By subscribing, you indicate that you have read & understood the SPH's Privacy Policy and PDPA Statement.
Tech Guides

This is how people like you are getting hacked

By Team HardwareZone - 5 Aug 2017

You’ve been played

You’ve been played

When the hack gets personal.

It was a busy day at work when Vincent Chang received an e-mail from his ex-boss. He wanted Chang’s help on testing a new website by clicking on an attached URL. The site promised bunch of online materials that would benefit both of them at work. Chang did so, only to find the URL leading to a dead web page.

This opened Chang up to more suspicious e-mails along the week. To Chang’s horror, his former superior said that he hadn’t sent anything. The e-mails were from a practiced Trend Micro researcher named Ryan Flores.

Vincent Chang isn’t just your average Joe suffering from a social engineering attack – he’s our ex-Senior Tech Writer, and now a correspondent for the technology columns in The Straits Times, Singapore’s broadsheet. To make matters worse, the researcher had left tell-tale signs in the e-mail. Chang also had pre-warning, since he had requested for the test of his cyber defenses.

Social engineering uses privileged information and psychological manipulation to gather leverage or unauthorized access. Within the cybersecurity realm, it uses a host of tricks to fool their victims, but the threat is personalized by pretending to be a legitimate contact or website. What makes social engineering dangerous is its ability to use the offline emotions and trust to break into the online realm. The hacker toys the human mind into giving away hard-earned digital cash.

According to the FBI, social engineering attacks cost US$2.3 billion worldwide, from October 2013 to August 2015. Closer to home, bank and parcel phone scams cost victims more than S$1 million within Singapore, while Malaysia authorities arrested and released 20 of such fraudsters, citing lack of evidence despite Taiwanese scammers being responsible for losses totaling S$1.54 million.

How to defend yourself:

1. Avoid giving out your personal info on scammy sites

If a scammy site promises to give you the secrets to getting rich quick while asking for your personal details, it’s probably a scam.

2. Look closely at the URL

Malicious sites can look almost identical to the real thing, with similar URLs like www.the-facebook-real-news.com. Don’t be fooled, bookmark the real thing to stay safe.

3. Don’t be intimidated by threats

Calls or e-mails pretending to be the police, the delivery guy, or even your mother are one of many scams. Stay calm, and verify the call through another mode of communication.