menyu
Upangiri Wamtheradi Womvetsetsa Phishing Mu 2023
Ndiye, ndi chiyani phishing?
Phishing ndi njira yolumikizirana ndi anthu yomwe imapusitsa anthu kuti aulule mawu achinsinsi kapena ofunika mudziwe. Ziwawa zachinyengo zitha kukhala ngati maimelo, mameseji, ndi mafoni.
Nthawi zambiri, ziwonetserozi zimakhala ngati ntchito zodziwika bwino komanso makampani omwe anthu amawazindikira mosavuta.
Ogwiritsa ntchito akadina ulalo wachinyengo mu imelo, amatumizidwa kutsamba lomwe amawakhulupirira. Amafunsidwa kuti apereke zidziwitso zawo zolowera panthawiyi muchinyengo cha phishing. Akalowetsa zambiri zawo patsamba labodza, wowukirayo amakhala ndi zomwe akufunikira kuti apeze akaunti yawo yeniyeni.
Kubedwa kwachinyengo kumatha kubweretsa zambiri zamunthu kubedwa, zandalama, kapena zambiri zaumoyo. Wowukirayo akapeza mwayi wopeza akaunti imodzi, amagulitsa mwayi wopezeka ku akauntiyo kapena kugwiritsa ntchito chidziwitsocho kuti awononge maakaunti ena a wozunzidwayo.
Akauntiyo ikagulitsidwa, wina yemwe amadziwa kupindula kuchokera ku akauntiyo adzagula zidziwitso za akauntiyo kuchokera pa intaneti yamdima, ndikugwiritsa ntchito ndalama zomwe zabedwa.
Nachi chithunzi chokuthandizani kumvetsetsa masitepe pakuwopseza kwachinyengo:
Kuukira kwa Phishing kumabwera m'njira zosiyanasiyana. Phishing imatha kugwira ntchito pafoni, meseji, imelo, kapena uthenga wapa media.
Maimelo a phishing ndi mtundu wofala kwambiri wachinyengo. Zowukira ngati izi ndizofala chifukwa zimatenga khama lochepa.
Obera amatenga mndandanda wama adilesi a imelo okhudzana ndi Paypal kapena maakaunti azama TV ndikutumiza a kuphulika kwa imelo kochuluka kwa omwe angakhale ozunzidwa.
Wozunzidwayo akadina ulalo wa imelo, nthawi zambiri zimawatengera mtundu wabodza wa tsamba lodziwika bwino ndikuwafunsa kuti alowe ndi zambiri za akaunti yawo. Akangopereka zambiri za akaunti yawo, wobera amakhala ndi zomwe akufunikira kuti apeze akaunti yawo.
M’lingaliro lina, chinyengo chamtundu umenewu chili ngati kuponya ukonde m’gulu la nsomba; pomwe njira zina zachinyengo ndizochita zomwe zikufuna kwambiri.
Spear phishing ndi liti wowukira amalimbana ndi munthu wina wake m'malo motumiza imelo ku gulu la anthu.
Ziwopsezo zachinyengo za Spear zimayesa kuthana ndi chandamale ndikudzibisa monga momwe wogwiriridwayo angamudziwe.
Izi ndizosavuta kwa munthu wachinyengo ngati muli ndi zidziwitso zodziwikiratu pa intaneti. Wowukirayo amatha kukufufuzani inu ndi netiweki yanu kuti mupange uthenga wofunikira komanso wokhutiritsa.
Chifukwa cha kuchuluka kwa makonda, ziwopsezo za spear phishing zimakhala zovuta kuzizindikira poyerekeza ndi ziwopsezo zanthawi zonse.
Zimakhalanso zochepa, chifukwa zimatenga nthawi yochuluka kuti zigawenga ziwatulutse bwinobwino.
Funso: Kodi ma imelo a spearphishing ndi ati?
Yankho: Maimelo a Spearphishing ali ndi ma imelo otseguka 70% ndi 50% mwa olandira dinani ulalo wa imelo.
Poyerekeza ndi kuwukira kwa mikondo ya phishing, kuwukira kwa anamgumi ndikolunjika kwambiri.
Kuukira kwa whaling kumatsata anthu omwe ali m'bungwe monga wamkulu kapena wamkulu wachuma pakampani.
Chimodzi mwa zolinga zofala kwambiri pakuukira anamgumi ndi kusokoneza wogwidwayo kuti amangire ndalama zambiri kwa wowukirayo.
Mofanana ndi chinyengo chanthawi zonse chifukwa kuukira kuli ngati imelo, whaling angagwiritse ntchito ma logo a kampani ndi ma adilesi ofanana kuti adzibisire okha.
Nthawi zina, wowukirayo amakhala ngati CEO ndikugwiritsa ntchito umunthuwo kutsimikizira wogwira ntchito wina kuti awulule zambiri zachuma kapena kusamutsa ndalama ku akaunti ya owukirayo.
Popeza ogwira ntchito sangakane pempho la anthu apamwamba, ziwawazi zimakhala zachinyengo kwambiri.
Owukira nthawi zambiri amathera nthawi yochulukirapo akupanga kuwukira kwa anamgumi chifukwa amakonda kulipira bwino.
Dzina loti “whaling” limatanthawuza kuti zolinga zili ndi mphamvu zambiri zachuma (ma CEO).
Angler phishing ndi ofanana mtundu watsopano wa phishing ndipo umapezeka pazama TV.
Satsatira maimelo achikhalidwe chachinyengo.
M'malo mwake, amadzibisa ngati oimira makasitomala amakampani ndikupusitsa anthu kuti awatumizire zambiri kudzera pa mauthenga achindunji.
Chinyengo chodziwika bwino ndikutumiza anthu patsamba labodza lamakasitomala omwe amatsitsa pulogalamu yaumbanda kapena mwanjira ina ransomware pa chipangizo cha wozunzidwayo.
A vishing attack ndi pamene scammer akukuitanani kuyesa kusonkhanitsa zambiri zanu kuchokera kwa inu.
Nthawi zambiri achiwembu amadzinamizira kuti ndi bizinesi kapena bungwe lodziwika bwino monga Microsoft, IRS, kapena banki yanu.
Amagwiritsa ntchito njira zamantha kuti muwulule zambiri za akaunti.
Izi zimawalola kuti azitha kupeza mwachindunji kapena m'njira zina zamaakaunti anu ofunikira.
Kuukira kwa Vishing ndizovuta.
Zigawenga zimatha kukhala ngati anthu omwe mumawakhulupirira.
Onerani Woyambitsa Hailbytes a David McHale akulankhula za momwe ma robocall adzathere ndiukadaulo wamtsogolo.
Ziwopsezo zambiri zachinyengo zimachitika kudzera pa imelo, koma pali njira zodziwira kuvomerezeka kwawo.
Mukatsegula imelo fufuzani kuti muwone ngati ikuchokera ku maimelo apagulu kapena ayi (ie. @gmail.com).
Ngati ikuchokera ku maimelo a anthu onse, ndiye kuti ndiwe wonyenga chifukwa mabungwe sagwiritsa ntchito madera a anthu.
M'malo mwake, madambwe awo azikhala apadera abizinesi yawo (ie maimelo a Google ndi @google.com).
Komabe, pali ziwopsezo zachinyengo zomwe zimagwiritsa ntchito domain yapadera.
Ndizothandiza kusaka mwachangu pakampani ndikuwonetsetsa kuti ndiyovomerezeka.
Ziwopsezo za Phishing nthawi zonse zimayesa kupanga ubwenzi ndi inu ndi moni wabwino kapena wachifundo.
Mwachitsanzo, mu spam yanga osati kale kwambiri ndinapeza imelo yachinyengo ndi moni wa "Wokondedwa Mnzanga".
Ndidadziwa kale kuti iyi ndi imelo yachinyengo monga pamutuwu akuti, "NKHANI ZABWINO ZA NDALAMA ANU 21/06/2020".
Kuwona mitundu ya moniyi kuyenera kukhala mbendera zofiira ngati simunakumanepo ndi omwewo.
Zomwe zili mu imelo yachinyengo ndizofunika kwambiri, ndipo muwona zinthu zina zomwe zimapanga kwambiri.
Ngati zomwe zili mkatizo zikuwoneka ngati zopanda pake, ndiye kuti ndi zachinyengo.
Mwachitsanzo, ngati mutuwo utati, "Mwapambana Lottery $1000000" ndipo simukumbukira kuti mwatenga nawo gawo ndiye kuti ndiye mbendera yofiira.
Zomwe zilimo zikapanga chidwi ngati "zimadalira inu" ndipo zimabweretsa kudina ulalo wokayikitsa ndiye kuti mwina ndi chinyengo.
Maimelo achinyengo nthawi zonse amakhala ndi ulalo wokayikitsa kapena fayilo yolumikizidwa kwa iwo.
Njira yabwino yowonera ngati ulalo uli ndi kachilombo ndikugwiritsa ntchito VirusTotal, tsamba lomwe limayang'ana mafayilo kapena maulalo a pulogalamu yaumbanda.
Chitsanzo cha Imelo ya Phishing:
Mu chitsanzo, Google ikuwonetsa kuti imelo ikhoza kukhala yowopsa.
Imazindikira kuti zomwe zili mkati mwake zimagwirizana ndi maimelo ena achinyengo.
Ngati imelo ikukwaniritsa zambiri zomwe zili pamwambapa, ndiye kuti tikulimbikitsidwa kuti munene ku reportphishing@apwg.org kapena phishing-report@us-cert.gov kuti atsekedwe.
Ngati mukugwiritsa ntchito Gmail pali njira yoti mufotokozere imelo yachinyengo.
Ngakhale ziwopsezo zachinyengo zimapangidwira ogwiritsa ntchito mwachisawawa nthawi zambiri zimalunjika antchito akampani.
Komabe owukira samangotsatira ndalama za kampani koma deta yake.
Pankhani yabizinesi, deta ndiyofunika kwambiri kuposa ndalama ndipo imatha kukhudza kwambiri kampani.
Zigawenga zitha kugwiritsa ntchito zomwe zatsitsidwa kuti zisokoneze anthu posokoneza kukhulupirirana kwa ogula ndikuipitsa dzina la kampani.
Koma si zokhazo zimene zingabwere chifukwa cha zimenezi.
Zotsatira zina zikuphatikiza kusokoneza kukhulupirika kwa osunga ndalama, kusokoneza bizinesi, ndikulimbikitsa chindapusa chowongolera pansi pa General Data Protection Regulation (GDPR).
Kuphunzitsa antchito anu kuthana ndi vutoli ndikulimbikitsidwa kuti muchepetse ziwopsezo zaphishing.
Njira zophunzitsira antchito nthawi zambiri ndikuwawonetsa zitsanzo za maimelo achinyengo ndi njira zowawonera.
Njira ina yabwino yosonyezera antchito kuti akubera chinyengo ndi kuyerekezera.
Zoyeserera zabodza ndi zabodza zomwe zimapangidwira kuti zithandizire ogwira ntchito kuti azindikire chinyengo popanda zovuta zilizonse.
Tikugawana zomwe muyenera kuchita kuti muthe kuchita kampeni yabwino yachinyengo.
Phishing ikadali chiwopsezo chachikulu chachitetezo malinga ndi lipoti la WIPRO la cybersecurity 2020.
Imodzi mwa njira zabwino zosonkhanitsira deta ndi kuphunzitsa antchito ndikuyendetsa kampeni yachinyengo yamkati.
Zitha kukhala zosavuta kupanga imelo yachinyengo ndi nsanja ya phishing, koma pali zambiri kuposa kumenya kutumiza.
Tikambirana momwe tingachitire mayeso a phishing ndi mauthenga amkati.
Kenako, tikambirana momwe mumasankhira ndikugwiritsa ntchito zomwe mwasonkhanitsa.
Kampeni yachinyengo sikutanthauza kulanga anthu ngati agwa chifukwa chachinyengo. Kuyerekeza kwachinyengo ndi kuphunzitsa antchito momwe angayankhire maimelo achinyengo. Mukufuna kuwonetsetsa kuti mukuchita zowunikira pakampani yanu. Ikani patsogolo kudziwitsa atsogoleri amakampani za kampeni yanu yachinyengo ndikufotokozera zolinga za kampeni.
Mukatumiza mayeso anu oyamba a imelo a phishing, mutha kulengeza kampani yonse kwa antchito onse.
Mbali yofunika kwambiri ya mauthenga amkati ndikusunga uthengawo mofanana. Ngati mukuchita mayeso anu a phishing, ndiye kuti ndi lingaliro labwino kuti mupange mtundu wazinthu zanu zophunzitsira.
Kubwera ndi dzina la pulogalamu yanu kumathandizira ogwira ntchito kuzindikira zomwe mumaphunzira mubokosi lawo.
Ngati mukugwiritsa ntchito ntchito yoyeserera yoyeserera yachinyengo, ndiye kuti izi zidzaphimbidwa. Zolemba zamaphunziro ziyenera kupangidwa pasadakhale kuti muzitha kutsata kampeni yanu ikatha.
Patsani antchito anu malangizo ndi chidziwitso chokhudza protocol yanu ya imelo yachinyengo mukatha kuyesa koyambira.
Mukufuna kupatsa ogwira nawo ntchito mwayi woyankha moyenera ku maphunzirowo.
Kuwona kuchuluka kwa anthu omwe amawona molondola ndikuwonetsa imelo ndi chidziwitso chofunikira kuti mumve pamayeso achinyengo.
Ndi chiyani chomwe chiyenera kukhala chofunikira kwambiri pa kampeni yanu?
Kutanganidwa.
Mutha kuyesa kuyika zotsatira zanu pa kuchuluka kwa zopambana ndi zolephera, koma manambala amenewo sakuthandizani kwenikweni ndi cholinga chanu.
Ngati muyesa kuyesa kwachinyengo ndipo palibe amene amadina ulalo, kodi zikutanthauza kuti mayeso anu adachita bwino?
Yankho lalifupi ndi “ayi”.
Kukhala ndi chiwopsezo cha 100% sikumatanthawuza kukhala wopambana.
Zitha kutanthauza kuti mayeso anu a phishing anali osavuta kuwona.
Kumbali inayi, ngati mutalephera kulephera kwambiri ndi mayeso anu a phishing, zitha kutanthauza china chosiyana.
Zingatanthauze kuti antchito anu satha kuwona ziwawa zachinyengo.
Mukapeza kudina kwakukulu kwa kampeni yanu, pali mwayi wabwino woti muchepetse zovuta zamaimelo anu achinyengo.
Tengani nthawi yochulukirapo yophunzitsa anthu pamlingo womwe ali nawo.
Pamapeto pake mukufuna kuchepetsa kuchuluka kwa kudina kwa ulalo wa phishing.
Mutha kukhala mukuganiza kuti kudina kwabwino kapena koyipa kuli kotani ndi kuyerekezera kwachinyengo.
Malinga ndi sans.org, anu kuyerekezera koyamba kwachinyengo kumatha kutulutsa pafupifupi 25-30%.
Icho chikuwoneka ngati chiwerengero chokwera kwambiri.
Mwamwayi, adanena zimenezo pambuyo pa miyezi 9-18 yophunzitsa zachinyengo, kudina kwa mayeso a phishing kunali pansi pa 5%.
Ziwerengerozi zitha kukuthandizani ngati kuyerekeza movutikira kwa zotsatira zomwe mukufuna kuchokera ku maphunziro a phishing.
Kuti muyambe kayesedwe kanu koyamba ka imelo yachinyengo, onetsetsani kuti mwayeretsa adilesi ya IP ya chida choyesera.
Izi zimatsimikizira kuti ogwira ntchito alandila imelo.
Mukamapanga imelo yanu yoyamba yachinyengo musapangitse kuti ikhale yosavuta kapena yovuta kwambiri.
Muyeneranso kukumbukira omvera anu.
Ngati ogwira nawo ntchito sali ogwiritsa ntchito kwambiri pazama TV, ndiye kuti sikungakhale lingaliro labwino kugwiritsa ntchito imelo yabodza ya LinkedIn yokhazikitsanso imelo yachinyengo. Imelo yoyesera iyenera kukhala ndi chidwi chokwanira kuti aliyense pakampani yanu akhale ndi chifukwa chodina.
Zitsanzo zina zamaimelo achinyengo omwe ali ndi chidwi chachikulu angakhale:
Ingokumbukirani psychology ya momwe uthengawo ungatengedwere ndi omvera anu musanamenye kutumiza.
Pitilizani kutumiza maimelo ophunzitsa zachinyengo kwa antchito anu. Onetsetsani kuti mukuwonjezera pang'onopang'ono zovuta pakapita nthawi kuti muwonjezere luso la anthu.
Ndibwino kutumiza maimelo pamwezi. Ngati mumachita "phish" gulu lanu pafupipafupi, litha kugwira mwachangu.
Kugwira antchito anu, osayang'ana pang'ono ndi njira yabwino yopezera zotsatira zenizeni.
Ngati mumatumiza maimelo amtundu womwewo wa "phishing" nthawi zonse, simudzaphunzitsa antchito anu momwe angachitire ndi miseche yosiyanasiyana.
Mutha kuyesa ma angle angapo osiyanasiyana kuphatikiza:
Mukamatumiza makampeni atsopano, nthawi zonse onetsetsani kuti mukukonza kufunikira kwa uthengawo kwa omvera anu.
Mukatumiza imelo yachinyengo yomwe sikugwirizana ndi zinazake zokondweretsa, simungayankhe zambiri kuchokera ku kampeni yanu.
Pambuyo potumiza makampeni osiyanasiyana kwa antchito anu, tsitsimutsani ena mwamakampeni akale omwe adapusitsa anthu nthawi yoyamba ndikusinthanso kampeniyo.
Mudzatha kudziwa momwe maphunziro anu amagwirira ntchito ngati muwona kuti anthu akuphunzira ndikusintha.
Kuchokera kumeneko mudzatha kudziwa ngati akufunika maphunziro ochulukirapo amomwe mungawone mtundu wina wa imelo yachinyengo.
Pali zinthu zitatu zomwe zingakuthandizeni kudziwa ngati mupanga pulogalamu yanu yophunzitsira zachinyengo kapena kutulutsa pulogalamuyo.
Ngati ndinu injiniya wachitetezo kapena muli ndi kampani yanu, mutha kupanga seva yachinyengo mosavuta pogwiritsa ntchito nsanja yomwe inalipo kale kuti mupange kampeni yanu.
Ngati mulibe mainjiniya achitetezo, kupanga pulogalamu yanu yachinyengo kungakhale kopanda funso.
Mutha kukhala ndi mainjiniya achitetezo m'gulu lanu, koma sangakhale odziwa zaukadaulo wamakhalidwe kapena mayeso achinyengo.
Ngati muli ndi munthu wodziwa zambiri, ndiye kuti angakhale odalirika kuti apange pulogalamu yawoyawo yachinyengo.
Ichi ndi chinthu chachikulu kwambiri kwa makampani ang'onoang'ono mpaka apakati.
Ngati gulu lanu lili laling'ono, sizingakhale bwino kuwonjezera ntchito ina ku gulu lanu lachitetezo.
Ndikosavuta kukhala ndi gulu lina lodziwa zambiri kuti likuchitireni ntchitoyo.
Mwadutsa bukhuli lonseli kuti muwone momwe mungaphunzitsire antchito anu ndipo mwakonzeka kuyamba kuteteza gulu lanu kudzera mu maphunziro a phishing.
Nanga bwanji tsopano?
Ngati ndinu injiniya wachitetezo ndipo mukufuna kuyambitsa kampeni yanu yoyamba yachinyengo tsopano, pitani apa kuti mudziwe zambiri za chida choyerekeza chachinyengo chomwe mungagwiritse ntchito poyambira lero.
Kapena…
Ngati mukufuna kuphunzira za ntchito zoyendetsedwa kuti zikuyendetseni kampeni yachinyengo, phunzirani zambiri pomwe pano za momwe mungayambitsire kuyesa kwanu kwaulere kwa maphunziro a phishing.
Gwiritsani ntchito cheke kuti muzindikire maimelo achilendo ndipo ngati akubera nenani.
Ngakhale pali zosefera zachinyengo kunja uko zomwe zingakutetezeni, si 100%.
Maimelo achinyengo amasintha nthawi zonse ndipo safanana.
Kuti tetezani kampani yanu kuchokera pazovuta za phishing mutha kuchita nawo zoyerekeza kuchepetsa mwayi wochita bwino zachinyengo.
Tikukhulupirira kuti mwaphunzira mokwanira kuchokera mu bukhuli kuti mudziwe zomwe muyenera kuchita kuti muchepetse mwayi wanu wowononga bizinesi yanu.
Chonde siyani ndemanga ngati muli ndi mafunso kwa ife kapena ngati mukufuna kugawana zomwe mukudziwa kapena zomwe mwakumana nazo pazanyengo zachinyengo.
Osayiwala kugawana bukhuli ndikufalitsa uthenga!
Hailbytes
9511 Queens Guard Ct.
Laurel, MD 20723
Foni: (732) 771-9995
Imelo: info@hailbytes.com
