Skip to main content

What have I learned from giving advice at Subreddit /r/cybersecurity_help?

 After I got my cybersecurity certificates and certifications, I decided to hang out in subreddit /r/cybersecurity_help for a while, as that's where people go for help. I've noticed the questions tend to come in 3 major categories:

a) I noticed something odd. Could I have been hacked? 

b) I REALLY have been hacked, what do I do now? 

c) I did something stupid! Could I have been hacked? 

I have found that some people are just super-nervous when it comes to technology, as if they can be hacked everywhere doing nothing, while others are almost completely oblivious to the risks. 

Let's discuss each in turn. 

a) I noticed something odd. Could I have been hacked?

OP started noticing some oddities with his or her phone, and wonders if it's connected to some previous event. 

EX1: Op got a call from the doctor's office. X minutes later a call with caller ID "Health Center" arrived. Op asked for more details, and was hung up on. Op wants to know if the spammer has hacked their phone and accessed their call history. 

ANSWER1: No, this is just spammers trying all sorts of fake caller ID to get you to answer and verify it's an active number. It worked!

Main Takeaway: assume dumb luck or coincidence, even incompetence, before assuming you've been hacked or deliberate action. This is a variation on Hanlon's Razor, which states "Never attribute to malice that which is adequately explained by stupidity."

In this case, the coincidence of the spam call coming right after an actual doctor's office call is just random chance. 

b) I really have been hacked! What do I do now? 

OP have lost access to certain accounts, from Facebook to Google, from Steam to Youtube... Probably as a result from clicking on a phishing link earlier. Or downloaded some malware and allowed it to execute which gave away the control of the account. 

EX1: Op have found that s/he can no longer log into Facebook. 

ANSWER1: Do NOT use the potentially compromised computer (turn it off if possible). Instead, go to a different device (phone, etc.) and Google "recover my ______ account" (in this case, Facebook). Every service has a knowledgebase article for this very topic. Facebook Help Center has one called "Fix a Login Problem".  Any other service should have something similar. Follow those instructions PRECISELY to reclaim your account. 

Main Takeaway: Practice proper cyber hygiene, do NOT download EXE and run them except from trusted sources. And any account you set up should include all of those recovery questions plus "trusted friends", etc. as well as multi-factor authentication.  Seek professional help immediately. Linus Tech Tip lost control of their channel earlier this year due to one such Trojan, and they didn't see professional help and thus lost valuable HOURS. 

c) I did something stupid! Could I have been hacked?

OP has succumbed to temptation and download and installed "warez" (pirated software or game) and now doubts his or her decision. 

EX1: OP downloaded COD2 from a site that claimed to be hosting a giveaway, then realized the install looks unofficial as heck. How can OP check if the download is safe? 

ANSWER1: There's no way to tell whether a download is "safe" or not without a full scan from Virustotal or such, and even a scan is not foolproof. Frankly, there's no reason why you should trust someone to give something free. As the cliche goes, "there ain't no free lunch", there's always a price to be paid. This goes directly against the previous Takeaway: DO NOT download EXE except from trusted sources. 

Instead, delete the download immediately, and run updated Malwarebytes and/or antivirus scanner. And stop trusting in tooth fairies or software fairies that give away AAA games. 

Main Takeaway: There ain't no free lunch (or software, or whatever).  If you don't want to lose your system, keep backups, know how to restore / recover your system if it goes kaput, and practice proper cyber hygiene, don't download random EXEs and run them, etc. etc.  

Main Takeaway, folks...

1) Don't be greedy (avoid warez at all costs)

2) Practice common cyber hygiene (do not download unknown EXEs except from trusted sources)

3) Don't panic (seek semi-pro and professional advice)

Next time we'll discuss simple cyber hygiene that anyone can follow    



Labels:

Comments

Post a Comment

Popular posts from this blog

I finished Google Cybersecurity Certificate in 5 Days. What did I learn?

As of May and June 2023, there were a lot of buzz about the Google Cybersecurity professional certificate issued in conjunction with Coursera.  So I took the 8 course certificate program, and I was able to finish it in 5 days (May 31st to June 4th), which is so fast, it was within the 7 day trial period, so I did not pay anything (normally $49.00 USD).  I did go in with a couple unfair advantages: * I already know SQL * I already know Python * I was an IT professional  * I have taken a cybersecurity intro course before * I was also between jobs so I have a LOT of time to dedicate to studying * I have taken many Coursera courses before (back in early 2020) So is the course any good? I think it is a good course for people who have no idea what to expect, and this will give them a taste on what a job in cybersecurity will involve. The video lectures are relatively short, and there were a LOT of emphasis on the non-traditional non-technical background of many of the Google em...
Post a Comment
Read more

6 tips to finish a Coursera Certificate Fast! (from the guy who did it in 5 days)

Hi, I am Captain Chang, an IT professional, and veteran of multiple Coursera certificates, most of them finished in 10 days or less. Recently, I finished the Google Cybersecurity Certificate in 5 days. A link to that video is in the description.  To me, Coursera education is a cheap introduction to a career you are considering, from data science and information technology to cybersecurity and user interface design, and a lot more for less than $50 a month. However, to get the most out of Coursera, there are some strategies you should follow.  While the strategies I talk about after this mainly applies to the the cybersecurity certificate, most of the tips should work in general toward other technical Coursera professional certificate programs as well. 1. Understanding how Coursera payment works Coursera is usually organized around "certificate programs", which has several courses. For example, the cybersecurity certificate course from Google / Coursera has 8 courses. [insert ...
Post a Comment
Read more

I Got Both Google Cybersecurity and and ISC2 Certified in Cybersecurity. Should You?

The Google Cybersecurity Certificate and the ISC2 Certified in Cybersecurity are two of the most popular cybersecurity certifications available. Both certifications cover a wide range of topics, including network security, application security, and security operations. However, there are some key differences between the two certifications. Both Google Cybersecurity Certificate and the ISC2 Certified in Cybersecurity are considered entry-level certifications The Google Cybersecurity Certificate is very friendly for people who did not come from a computer background, but if you already know IT, Linux, SQL, or Python, you will have an advantage here. You will also learn some practical cybersecurity tools, such as SIEM and Splunk log reading, and you will end up trying to write incident report logs, short analysis reports, and so on.   The ISC2 Certified in Cybersecurity is more focused on theoretical and base level knowledge, with a bit more discussion on the differences among in...
Post a Comment
Read more