
Category: Threats

3 posts

Social Engineering is the art of manipulating, influencing, or deceiving you in order to gain control over your computer system. The hacker might use the phone, email, snail mail or direct contact to gain illegal access. Phishing, spear-phishing, and CEO Fraud are all examples.

How dangerous is social engineering?

“…Many of the most damaging security penetrations are, and will continue to be, due to Social Engineering, not electronic hacking or cracking… Social Engineering is the single greatest security risk in the decade ahead.” — Gartner, 2010

Social Engineer

OK, so who are these people? It could be a hacker in the USA who is out to do damage or disrupt. It could be a member of an Eastern Europe cybercrime mafia that is trying to penetrate your network and steal cash from your online bank account. Or, it could be a Chinese hacker that is trying to get in your organization’s network for corporate espionage.


What does this tactic look like in action? It could look like an email that has been designed to seem like it is from a credible organization, like the Better Business Bureau. But if you open it and click on that attachment, you could be installing malware. Or, it could be disguised to look like it comes from someone inside your organization – someone whom you trust. But if you respond to that email with your user name and password, your computer is easily compromised. The rule is Think Before You Click.


Cybercriminals create bogus profiles on social media and try to trick you. They will impersonate a celebrity or one of your friends or colleagues. These profiles look very much like the real thing, and it’s easy to get tricked. They try to impersonate a celebrity that the bad guys already know you like a lot.

Let’s say you were tricked into believing a bogus Social Network profile. The next step is that they try to make you click on a link or install malicious software, often something to watch a video. If you click, or do that install, it’s highly likely you will infect your desktop with malware that allows the attacker to take over your PC.


You may have heard of Norton antivirus, published by Symantec. The technical director of Symantec Security Response said that bad guys are generally not trying to exploit technical vulnerabilities in Windows. They are going after you instead. “You don’t need as many technical skills to find one person who might be willing, in a moment of weakness, to open up an attachment that contains malicious content.” Only about 3% of the malware they run into tries to exploit a technical flaw. The other 97% is trying to trick a user through some type of social engineering scheme. This means it does not matter if your workstation is a PC or a Mac. The final line of defense is… you guessed it: YOU !

Which email addresses are exposed on the Internet and are a target for phishing attacks?

Today, your employees are frequently exposed to advanced phishing attacks. Trend Micro reported that 91% of successful data breaches started with a spear-phishing attack.

Are you aware that many of the email addresses of your organization are exposed on the Internet and easy to find for cyber criminals? With these addresses, they can launch social engineering, spear- phishing and ransomware attacks on your organization. This type of attack is very hard to defend against unless your users get new-school security awareness training.

The more email addresses that are exposed, the bigger your attack footprint is, and the higher the risk. It’s often a surprise how many of your addresses are actually out there.

A type of virus that infect computers, and then prevent the user from accessing the operating system, or encrypts all the data stored on the computer,
The user asks the ransom to pay a fixed amount of money, as opposed to decrypting files or allowing access again to the operating system.

Wanna Cry Ransomware Guidelines to stay safe:

  • Be careful to click on harmful links in your emails.
  • Be wary of visiting unsafe or unreliable sites.
  • Never click on a link that you do not trust on a web page or access to Facebook or messaging applications such as WatSab and other applications.
  • If you receive a message from your friend with a link, ask him before opening the link to confirm, (infected machines send random messages with links).
  • Keep your files backed up regularly and periodically.
  • Be aware of fraudulent e-mail messages that use names similar to popular services such as PayePal instead of PayPal or use popular service names without commas or excessive characters.
  • Use anti virus and Always make have the last update.
  • Make sure your windows have the last update close the gap.
  • Use this link to download update Manual :

MS17-010 Update for Windows 8.1

The first option is for 64bit system and another option for 32bit system
MS17-010 Update for Windows 10

The first option is a 32bit system and a second option for a 64bit system
Update link for MS17-010 for Windows 7 and Server 2008

Choose the first 64bit system choice or the second 32bit option.
Links Update for MS17-010 for Windows XP and Server2003 and 8

Skip to content