Site icon Cybertek Defense

Hoaxes

Part 1 – 5: Terms and Definitions for Hoaxes

TermDefinition
HoaxSomething that is meant to be true but is actually false or fake
RansomMaking a demand or payment before resolving the issue
SpamJunk mail through email, mail, instant messaging or other means of communication

It seems more often than not these days that fake news and falsely claimed articles have been taken to the internet by storm. Something that is meant to be true but is actually false is called a Hoax. Many hoaxes are presented through emails, news and media, articles on the web or newspaper, and even from word of mouth. Sometimes these hoaxes are even presented to large groups or the mass to have a higher outcome in an influential attack.

Email Hoax

An example of an email hoax below shows how someone can fake an invoice request in order to get money from you. The attacker will utilize a link in the email which the victim can click on to proceed with paying the attacker. We can also see that very little detail has gone into the email and suggests clicking the link or luring the victim further down the path by getting them to reply back to the attacker via email. Email hoaxes are commonly tied with Spoofing of an email address. The attacker would manipulate the “From” address domain to look like the business domain. For example, I spoof my true email address which is fakeaccount123@fake.org and make the display address show jdoe@xyz.com. I can then send an email hoax to the CFO who’s email address is rjenson@xyz.com so that the CFO would think this came from an actually employee within the company.

Browser Hoax

A browser hoax can be done by use of a single page and by using a similar website address to an actual website. For example, I create a domain www.google.net to trick users into going to my webpage instead of www.google.com. By using a fake website, I can make the website look authentic like the real google landing page, but make the links or buttons start a virus or bring the user to a Ransom page which would require the victim to pay the attacker before closing the browser.

As with any website, it is always best to do due diligence whenever you may think elsewise of the content you are reading. Just because someone says something does not mean you should take it literally until you have done your own research and checked other sites of possible similarities of what you read. Social media has brought on a new beast into what our world relies on for information. While most of the hoax problems come from websites and articles, the also manifest from emails. Spam is a major problem for a lot of businesses who try to prevent hoaxes and other junk emails from getting through to their employees. Implementation of spam filters and firewalls can greatly reduce hoax emails from getting through. IT training is a great way to prevent employees from clicking on fake emails and going to wrong websites.

Exit mobile version