Experience in detecting Social Engineering attacks like. I will tell you what happened to me these past few days.
What is a Social Engineering attack?
Table of Contents
Is a method often used by hackers to infiltrate systems or scam users by using social engineering to gather information, reveal sensitive information, or perform unwanted actions. want.
Social engineering often involves deception, information entrapment, or compromising a user’s trust by impersonating or using fake information. This may include sending spam emails, making fake phone calls, creating fake websites, or using social media to collect personal information or carry out other attacks.
The common point of these methods is to take advantage of human trust or negligence to achieve the attacker’s goals.
The Social Engineering attack I experienced
Here’s what happened and I hope it helps you.
Hackers find ways to reach you
There are many ways that hackers can approach you, such as: making phone calls pretending to be company employees, sending emails saying you won a prize, making friends on social networks like Facebook, Instagram and inviting friends to play trending games,…
For me this time, it was more interesting as it took place on Linkedin – a recruitment platform. A female account sent me Connect on Linkedin and then introduced herself in Hong Kong, wanting to be friends and chat with me. This person also said that he had been to Ho Chi Minh, Vietnam several times and had the opportunity to visit the city where I live.
After talking for a while, the hacker asked me if I could be friends on WhatsApp, I don’t use it. So this person asked me if I use Zalo? Of course I use it, it is a popular application in Vietnam but not popular in other countries.
This is the first point I noticed, because Zalo is not as popular as Facebook or other applications. Why would someone in Hong Kong use Zalo? It’s obvious that they target Vietnamese people (or hackers are also Vietnamese).
Lesson #1: Always be wary when a stranger wants to get to know you, especially if the introduction account is of the opposite sex, beautiful (or handsome) and in another country.
Hackers try to gain your trust
After making Zalo friends with me, the hacker started talking to me about work, travel and family. Here, this person tries to make the conversation seem like they are sharing about each other’s lives and a little flirty. The important thing in a Social Engineering attack is to gain trust from you, the hacker is trying to do this.
Proactively send you beautiful photos
Right after talking for a while, the hacker proactively sent me some photos that looked very beautiful with the message that she was about to go home after work, even though I didn’t ask that.
Immediately, I used Google Image to search for relevant information about these images. And here’s a Twitter (X) account I found.
Let’s continue to see what’s next.
I then accessed the Twitter (or X) account that I found through the photo. In that account, a lot is shared but mainly shows a rich life, expensive cars, 5-star restaurants and hotels, and even some posts sharing nude and sex photos. By this time, I was 99% certain that this was a fake account.
But I still try to find more information to see what happens. From that X account, I took another image from the account and searched it on Google Image again.
I accessed two Linkedin accounts and saw different information. Different names, different companies, different places to live. So until now, I have 3 Linkedin accounts of the same person (someone’s photo and the hacker used it), one lives in Hong Kong, one lives in the US and one lives in Singapore.
That is, after just a few messages and a few photos, I was able to confirm that the person texting me was not real. But I want to see how things turn out.
Lession #2: If a rich and beautiful person proactively contacts you, sends you photos and talks in a cute way. There are definitely problems and be wary.
Lession #3: Get into the habit of “investigating” about strangers through tools like Google Image and Google Search. You can try searching for images, phone numbers, names, addresses. See if it appears anywhere and if the information doesn’t match.
Text every day and show interest in the target
This is probably the hacker’s next step, after attracting attention with a few photos of someone, looking beautiful.
This person texted me every day, whether I replied back or not. Regularly share about lunches, dinners, reading habits and financial research.
This person even talked about holidays, and pretended to be interested in me, interested in my work (people love to be cared for, hackers love to attack at this point).
As I said above, from the beginning I knew this was a fake account. But I still texted to see how things continued, what the hackers would do.
Lession #4: If a stranger suddenly cares about you more than your lover. Be careful because it’s a trap.
Start showing off about make money and it’s easy
The next performance is to start attacking people’s greed. Hackers start showing how to make money very easily every day.
This person told me that she could make a profit every day just by following a broker who had been her father’s friend for more than 20 years.
Lession #5: The cheese is only available in the trap. If making money was that easy, they would make their family, relatives and all their friends rich, not your turn. So, if someone tells you that you can easily make several thousand dollars a day, be prepared that you are about to be scammed out of pocket.
Offer to help
Even though the hacker demonstrated how easy it was to make money, I just congratulated her. There will be many people who will ask her how to get rich instantly in this situation.
But you can rest assured, because any type of hacker will suggest helping you whether you want it or not. It’s touching, isn’t it?
Your friends may not even help you in difficult times, but a stranger suggests helping you make money easily. Surprise?
At this point, have you seen this person who has all the elements of paradise?
- Beautiful
- Care about you
- Be rich and make good money
- Want to help you
Am I forgetting anything? Oh I forgot, me and the hacker (or her or him or someone else) are just strangers, we’ve only known each other for a few days. There is no reason for a stranger to be this enthusiastic, except for one reason, which is to lure you into a trap.
Lession #6: If a stranger is beautiful, rich, makes good money and suddenly cares about you and wants to help you. Please call the police immediately or run away.
The real Social Engineering attack begins
After trying to show sincerity to gain the trust of the victim (this is me, but I haven’t lost anything, I just want to see what this person does), the hacker begins the real work.
Hacker asked me to create an account on OKX and buy about 200$ USDT. I also did the same.
Don’t worry I have some experience with Bittrex and Binance, I also tested OKX before doing it and everything is fine.
After that, the hacker continued to urge me to visit a website (like another coin exchange) and download the app to install, not forgetting to tell me to check Unknown source when installing. I have worked in the IT field for about 10 years (up to now) and 100% never install an Unknown source app because it is always malicious code.
Here’s what I checked next:
- When I received that link, I immediately checked to see if it had a virus with the VirusTotal website.
- Checked the domain name on Whois.com and saw that this website was registered just over 2 months ago.
omf-markett.comis definitely a scam website.
Lession #7: Never install applications from unknown sources. If someone sends you a link, a word file, an email or even a photo, scan it immediately for viruses.
- I visited the website and checked the information that an exchange usually has: about the website, about the company, policies, customer support,… But this website has nothing. Some links on the website even have DNS record errors. No exchange is allowed to operate that looks like that.
Lession #8: If you are asked to visit a website, immediately scan it with VirusTotal. Check information about the website’s domain name on Whois.com. Check the above basic information such as: about the website, about the company, company headquarters, policies and licenses, customer support. Or you can type on google with the syntax
domain.com scamto see if that website has been reported as a scam anywhere.
And now I know what this person’s ultimate goal is. It would be malicious code and she wanted me to install it on my phone so she could steal information on my phone.
When I pretended to say why I couldn’t find the app on ChPlay and the website looks like it was just created. The hacker even prepared a fake certificate from ASIC. Of course, I also tried checking on the ASIC system to see if this company exists or not and the result is definitely not there.
I didn’t beat around the bush anymore and let her know that I just wanted to play with her for fun.
Conclusion
I hope the 8 lessons above can help you avoid Social Engineering attacks. Hackers will have many different ways, but if you pay a little attention, they can still be easily recognized. Always ask yourself the question “why is a stranger so nice to you?” then you will see that what is behind is definitely a trap.
