Security Implications of Dark Web – Copy

Security Implications of Dark Web

Dark web is one of the three layers of web on the world wide web; other are surface web and deep web. This article highlights some of the activities on dark web and their overall security implications. Surface web: also known as clean or visible web is a part of the web for public use. This is where most people routinely use every day for their online needs through search engines like google, Bing, yahoo, LinkedIn, YouTube, Facebook, and company websites. One of the unique features of surface web is that its web resources are indexed by search engine, thereby making them searchable and accessible. It is a powerful but fraction part of the web which is said to constitute about ten percent of web resources. No login credential is required to access most websites on surface web. Deep web: this is the web beyond surface web. The web resources on deep web are not searchable by search engines; and they require authentication (that is, login credentials) for access. Deep web play host to reserved and protected data which is not for public consumption. Such reserved data may include but not limited to government record, medical record, financial record, classified military records, online library resources, organization websites for internal use and other related data. Deep web is reported to playing host to about ninety percent of entire web resources. Dark web: also known as darknet is a subset of deep web. The striking features of this layer of web is that it is the deepest part of the web and it is only accessible through a special web browser known as TOR (The Onion Router); and overlay networks such as I2P. The strongest attraction of dark web is its anonymity (secrecy) For instance, TOR resources loudly guaranteed users of protection against tracking, surveillance and censorship. Dark web is also reported to constitute about five percent of deep web. Dark web, generally known as underground web market for criminals and other merchants of illegality is also used by genuine and law-abiding people for purpose of information gathering and sharing while remaining anonymous. See below, some type of information mostly traded on dark web and their security implications: Stolen information: confidential and personal information such as login credentials, passwords, codes, pin, social security number, payment card details, etc. are exchanged on dark web for facilitation of cybercrimes. Breached data: stolen information like classified government records, account details, company trade secrets, customer details, payrolls, medical records, intellectual properties, company financial records, etc. are traded on dark platform and used to commit various crimes against the owners and sometimes the public. Fraud guide: various cyber criminal forums use dark web to recruit and train cyber fraudsters through sharing fraud guide resources. These guides further drive s and promotes multiplication of criminals. Hack guide: cyber criminals use dark web as hands-on academy to train hackers. This in turn drives and promotes multiplication of cyber criminals who prowl the internet to carry out crimes against individuals and organizations. Malwares: different types of malicious wares such Ransomware, DDoS, Trojan horses, infested USB and other plug-n-play devices are sold on dark web. These malwares are then used to lunch attacks against the public. Drug peddling: drug cartels across the globe use dark web as a market place for sourcing, distribution and retail of control substances. The substances then spread with wide implications for both users and non-users, Gun running: illegal trade of guns and ammunitions amongst criminal merchants have identified as one of the notable trades on dark web platform. Illegal use of guns inevitably drives violent crimes and leads to destructions of lives and properties. Human trafficking: criminal merchants also carry out trade of humans for purpose of forced labor and sexual exploitation through dark web. This inhuman criminality is a huge assault on humanity and a drain on human resources. In conclusion, dark web is a special kind of web, used by special kind of people and for special kind of purpose. While its original intent for creation was genuine however; like other resources, its been overtaken by criminals who hide under its anonymity to engage in trades that holds so much risks to individuals and corporate organizations. ALSO READ: Entrepreneur: 7 Reasons Why You Need A Website

4 Types Of Phishing Attacks And 10 Signs To Know A Phishing Email

4 Types Of Phishing Attacks And 10 Signs To Know A Phishing Email

Phishing is a type of social engineering attack built on manipulating and deceiving people to reveal confidential and private information which is then used to carry out further crime against them.  This attack takes advantage of gullibility and vulnerability of human emotion to steal from people. Phishing attacks have become a popular, easy to use and very dependable tool for cyber criminals. When in operation; criminals would reach out to users through any communication channel, pretend to represent a legitimate authority; maybe a financial service provider, health insurance provider, a family member or trusted friend, proffer assistance, then request for inimical action from the user. Actions that maybe required from users during phishing attacks include but not limited to; Reveal private and confidential information, e.g. password, date of birth, social security number, BVN, code, etc. Click a link that will further direct users to secondary resource where confidential information will be stolen. Open attachment which in most case will contain malwares that will launch further attack on the device and network. Request for cash to enable a staged problem to be solved. Reveal a sent code to enable completion of a proposed solution. With automation and Artificial Intelligence dominating and directing modern interactions and commerce, people shall depend more on digital channels of communication. Available facts have proven that oftentimes, phishing attacks regardless of its type have more success rate than failure. This means more people are falling victim to these exploits. Hence, the benefits of deepening your understanding about them. Let’s dive into four common types of phishing attack. And how to identify email based phishing attack. Four types of phishing attacks. Spear phishing – this type targets specific category of persons, e.g. insurance or bank customers, students, male mine workers, etc. Whaling attack: is a sub-spear type of attack that targets high net worth and high-profile individuals like company executives, politicians, celebrities, etc. Just like implication of the name “Whale” biggest fish – this attack targets only “big fish”. That is, wealthy people. Smishing attack: this is an SMS based phishing where short message service is used to deceive a receiver into providing private and confidential information or taking other action. This is catchy because, it does not require internet connectivity to hit its intended targets. Vishing attack: this type is a direct opposite of smishing. It uses voice call to reach out and deceptively request for confidential and private information from receiver. In the same vein, internet connectivity is not required to execute this attack. Ten Signs to know a phishing email It will come from a stranger: oftentimes phishing emails come from unknown person or agent. It will come from a public email domain: examples of public email domains are yahoo.com, gmail.com, hotmail.com. Domain name will either be misspelt or corrupted: when it pretends to come from private domain, such domain will never spell correctly as the genuine one. There will be a form of misspelling or corruption of it. It will disguise as proffering assistance: merchants of phishing attacks always pretend to offer one form of assistance or the other. Shylock assistance you may call it. The mail content will be poorly written: content of mail will likely lack expected quality of a business communication. Mail will include suspicious attachment or link: this would require further actions like follow or open. It calls for urgent action: whatever is the call for action from phishing attack always comes with “urgency”. It will request user to provide personal information to enable closure of an event. It may request user to send cash to enable a staged problem to be solved. It will appeal to a defined sentiment. Phishing is a low end and cost-effective tool for cybercrime. It is a social engineering attack that exploits inherent weakness in people to get through and steal from them or carry out other crimes against targets. Getting basic knowledge about method of attacks and the techniques to identify them is a better way to go to prevent being a victim. ALSO READ: Cybersecurity Threat Of Social Engineering

Security Implications of Dark Web

Security Implications of Dark Web

Dark web is one of the three layers of web on the world wide web; other are surface web and deep web. This article highlights some of the activities on dark web and their overall security implications. Surface web: also known as clean or visible web is a part of the web for public use. This is where most people routinely use every day for their online needs through search engines like google, Bing, yahoo, LinkedIn, YouTube, Facebook, and company websites. One of the unique features of surface web is that its web resources are indexed by search engine, thereby making them searchable and accessible. It is a powerful but fraction part of the web which is said to constitute about ten percent of web resources. No login credential is required to access most websites on surface web. Deep web: this is the web beyond surface web. The web resources on deep web are not searchable by search engines; and they require authentication (that is, login credentials) for access. Deep web play host to reserved and protected data which is not for public consumption. Such reserved data may include but not limited to government record, medical record, financial record, classified military records, online library resources, organization websites for internal use and other related data. Deep web is reported to playing host to about ninety percent of entire web resources. Dark web: also known as darknet is a subset of deep web. The striking features of this layer of web is that it is the deepest part of the web and it is only accessible through a special web browser known as TOR (The Onion Router); and overlay networks such as I2P. The strongest attraction of dark web is its anonymity (secrecy) For instance, TOR resources loudly guaranteed users of protection against tracking, surveillance and censorship. Dark web is also reported to constitute about five percent of deep web. Dark web, generally known as underground web market for criminals and other merchants of illegality is also used by genuine and law-abiding people for purpose of information gathering and sharing while remaining anonymous. See below, some type of information mostly traded on dark web and their security implications: Stolen information: confidential and personal information such as login credentials, passwords, codes, pin, social security number, payment card details, etc. are exchanged on dark web for facilitation of cybercrimes. Breached data: stolen information like classified government records, account details, company trade secrets, customer details, payrolls, medical records, intellectual properties, company financial records, etc. are traded on dark platform and used to commit various crimes against the owners and sometimes the public. Fraud guide: various cyber criminal forums use dark web to recruit and train cyber fraudsters through sharing fraud guide resources. These guides further drive s and promotes multiplication of criminals. Hack guide: cyber criminals use dark web as hands-on academy to train hackers. This in turn drives and promotes multiplication of cyber criminals who prowl the internet to carry out crimes against individuals and organizations. Malwares: different types of malicious wares such Ransomware, DDoS, Trojan horses, infested USB and other plug-n-play devices are sold on dark web. These malwares are then used to lunch attacks against the public. Drug peddling: drug cartels across the globe use dark web as a market place for sourcing, distribution and retail of control substances. The substances then spread with wide implications for both users and non-users, Gun running: illegal trade of guns and ammunitions amongst criminal merchants have identified as one of the notable trades on dark web platform. Illegal use of guns inevitably drives violent crimes and leads to destructions of lives and properties. Human trafficking: criminal merchants also carry out trade of humans for purpose of forced labor and sexual exploitation through dark web. This inhuman criminality is a huge assault on humanity and a drain on human resources. In conclusion, dark web is a special kind of web, used by special kind of people and for special kind of purpose. While its original intent for creation was genuine however; like other resources, its been overtaken by criminals who hide under its anonymity to engage in trades that holds so much risks to individuals and corporate organizations. ALSO READ: Entrepreneur: 7 Reasons Why You Need A Website