The Sound of Science - 'Hacking Humans'

Dec 30, 2019

Sam: Welcome to the Sound of Science. I’m Sam from NIU STEM Outreach

Fred: And I’m Fred Williams from NIU Division of Information Technology. In the last few episodes we’ve discussed some of the ways cyber criminals infiltrate networks to gain information and how you can try to keep that from happening. But there are ways criminals attack you directly, and you’re probably constantly targeted.

Sam: The most common are forms of phishing. That’s fishing with a p h. These are messages designed to get you to login to fake services with your common usernames and passwords.

Fred: These come in various forms like Vishing.

Sam: That’s voicemail and phone phishing, which is probably the most common these days.

Fred: SMSishing.

Sam: Text and SMS phishing.

Fred: Mishing.

Sam: Which is the rare mail phishing.

NIU STEM Outreach

Fred: And a very dangerous one: spear phishing. Generally phishing is generic and casts a wide net. An attacker might send out a phishing email to 10,000 accounts in the hopes of getting a handful of people to fall for their tricks, but spear phishing directly targets victims after diligent research. They’ll use this information to customize their emails or letters to add authenticity. 

Sam: Another in-person scam doesn’t necessarily target you. Tailgating happens when someone follows you into your office or building pretending to be a colleague. Then it’s a matter of finding an open computer or workstation to pretend to conduct business as usual.

Fred: There are tons of different examples, but here’s one that plays into your curiosity: USB Scattering or Peppering. An attacker will leave USB drives sitting around in parking lots, in libraries, or anywhere logical. Or as an extreme example, they could pose as a musician handing out USBs with their fake samples.

Sam: In any case, these USBs could be infected with malware that automatically burrows into your computer when they’re plugged in. 

Fred: The best defense against these scams and attacks is to be more aware of the things that come to us. Look for red flags.

Sam: Such as fake invoices or down payments for a larger return.

Fred: Or egregious spelling errors. Or anything with a USB that you didn’t pay for.

Sam: Like the ones that have my album that’s straight fire! But we’d like to hear from you, so email us at STEMOutreach@niu.edu. And you can safely listen to us on The Sound of Science on WNIJ

Fred: Where you learn something new every day.