Everything you can imagine, from accessing your computer, tablet or phone’s camera to learning your card passwords. In the age of technology From today it is possible. People use a new method every day, sometimes even even the states As you can imagine, these situations that lead to dangerous events pose a very big threat.

We also provide you with information about what can happen to you if you face this threat. worst case scenarios We are a cybersecurity expert Yasir GokceWe spoke to and explained how they use these methods:

The first question we asked him was “Why is it that when we click on the link sent by fraudsters, they have access to all our files?” was the question. Here are Yasir Gökçe’s answers:

The most common method used in this type of attack is a type of attack called ‘drive-by download’. The victim of this attack open a specific file or click on a site is sufficient. After that, the malware or code will be automatically installed on the computer and will damage your computer’s protection and operating system. according to the current level activates itself.

downloaded to your computer and Self-destructive malware, although sometimes harmless “adware” Good as unwanted advertising While it can show its effect, it can also pose more damaging cyber threats to the target. This effect can be caused by malware or by type code Varies: Virus, Trojan horse, logic bomb, spyware, worm, cryptojacking, etc. Depending on the situation, various harmful consequences can occur.

This malware sometimes you don’t allow it It manipulates the permissions of social media applications to share your information and can change them without your knowledge. Sometimes internet The area where your traffic information is stored or by manipulating the table, it directs your internet traffic to its own network and captures your sensitive information.

But that’s not the worst: access with advanced rights It installs malware as needed. For example; By installing cryptominer you can hold your entire system hostage. cryptojacking Also known as.

Another bad scenario is that they have access to our vehicles’ cameras, such as phones, tablets or computers. So how do they do this?

As with any cyber attack “camfect” In this type of attack, the cybercriminal gains access to our system and begins to abuse this access. This attack is special laptop, television, telephone or camera surveillance It is a threat to information systems that contain cameras, and it takes place by gaining access to the relevant system via remote access and using the authorization escalation method known as “privilege escalation”.

This cyber attack usually “Remote Access Trojan” so-called malware is used. The cybercriminal, who infected the system and managed to increase the permissions to the desired level, used software or programs that used cameras for camouflage. browser add-ons downloads and activates them.

These continue to work in the background without us realizing it. Even the camera LED light does not light up It was activated in 2013 MacBook It was revealed in a PenTest study conducted on .

How can we protect ourselves from this situation?

Even if you are not using a camera, you can use the camera immediately when the camera light is on. Whether applications are open must be checked. You can do this by entering your computer settings and typing “camera settings”. Even though the browser is not open When the camera is active, The problem is with browser add-ons.

Related to by uninstalling or uninstalling the plugin You may find a solution, even if it is temporary. In addition, you can also check for accidental camera recordings by going to the file where your computer’s camera recordings are kept. As a general solution, many people today use their cameras. using a strap can turn it off.

The most important thing: your computer’s operating system and software kept up to date. An up-to-date antivirus program plays a big role in preventing and resolving the problem. Users with high technical knowledge protocols and services If necessary, they can deactivate access via the firewall.

With today’s technology, it is possible for them to learn our credit/debit card passwords through keyboard gestures. How can they do this?

One of these methods is computer keylogging, that is, recording the keyboard keys. recording the editions is to add a part similar to a hardware USB. Alternatively, an actor who has already accessed the system can be used keylogger software You can download and run it this way and record the keyboard keystrokes.

Moreover, Keyboards with Wi-Fi The most severe part is vulnerable to a “KeySniffer” attack. In these keyboards, signals or packets are sent via insecure radio protocols and are not encrypted.

The attacker can intercept and analyze this unencrypted signal transmission by placing a KeySniffer near the keyboard. This is why keyboards connected via Wi-Fi should be avoided Bluetooth or wired keyboards is preferred.

Finally; speed, hardness, duration and intensity of pressing the keyboard understands which button is pressed Artificial intelligence applications are being developed. In addition, the sounds are made by the keyboard key understand the difference in nuance There are studies on artificial intelligence. Cybersecurity experts predict that artificial intelligence will also be used by cybercriminals for this purpose.

Some links, especially those sent via email, may be exactly the same as the original domain addresses, how can we distinguish this?

Using a method called spoofing, the email header is removed manipulate It’s possible to. For this, you need to use an email server such as Outlook, Gmail and Simple Mail Transfer Protocol, which is not considered secure. (SMTP) protocol is sufficient.

This way the content ends up in the email header “sender, reply or return” Such information can be created separately from the email text. SMTP does this There is no mechanism to verify this so it cannot detect whether the email is real or not.

To detect email fraud, the content and quality of messages must be examined serious spelling and contextual errors It must be checked whether it is there. In addition, there should be harmony between the sender and recipient information in the email header and email address.

Also, RECEIVED-SPF against knowledge “Passphrase should take place. The phrases “Fail” or “Softfail” are included here sign of fraud It does. Externally, secure email protocols should be used. (For example SPF, DKIM, DMARC etc.)

And finally, what bad scenarios await us apart from the above? Is there anything worse than this?

Apart from cyber attacks that cause physical effects in the physical world and can cause injury and death, states too has had its share in this cybercrime.

For example; Russia gained access to the control systems of a Ukrainian power plant and people without electricity let go or US control of a significant portion of Natanz’s uranium facilities in Iran. through hacking Harm (Stuxnet incident) can be given as an example.

After this attack there will be a device that can be controlled digitally dam gates can be opened; on the train tracks at-grade intersections personal medical data can be manipulated or tampered with in the hospital.

I’ve talked to him before about “What should you do if you click a link and get hacked?” We have shared a theme content:

What we mean is that you click on every link, site or email you see on the Internet. not to click There are advantages. cyber security expert Yasir GokceWe thank you very much for sharing this information with us and wish you can surf the Internet in a safe environment!