At least 69.5 percent of employees and business owners in Pakistan faced a situation when colleagues (39.5 percent), friends or relatives (30 percent) made jokes with their unlocked computer.
According to a recent survey by Kaspersky, these jokes included sending funny messages or emails on behalf of the account’s owner. Placing a screenshot of the desktop as a desktop background. And leaving unexpected pictures, notes, or photos in the files.
Cyber attackers also use similar tricks. For example, a phishing website may open in a new window in full-screen mode, making the original browser bar with the phishing URL invisible. Instead, the attackers replace it with an image of the browser bar with the official link of some well-known organisation. This image may display various messages (both visual and audio). The messages might include warnings saying ‘your computer has blocked. Pay fine to unblock.
If the user does not know how to exit full-screen mode in the browser, they may think their computer is really locked. To escape such a trap, users can press F11 or Alt+F4 on Windows. Or Cmd+Ctrl+F on a Mac, to exit full-screen mode and regain control.
Short links and QR codes should always be treated with vigilance, as they may lead to unexpected downloads or websites, not only claiming to be a friend’s joke. QR code phishing, known as Quishing, has been a growing concern in recent years.
Cybersecurity Solutions:
Cybersecurity solutions help with a built-in QR scanner that lets users check the link and warns users about landing on a dangerous website. Additionally, hovering over a short link (without clicking) can sometimes reveal the true destination URL in the browser’s status bar, offering a quick safety check.
“Of course, a friendly joke won’t lead to the loss of money or data, that is the case with cyber attacks, but it might still not be very pleasant. Be vigilant, have strong passwords in place and keep your devices locked,” said Brandon Muller, technology expert and consultant at Kaspersky.
Safety Measures:
Lock your computers and other devices when leaving them unattended. Use strong passwords and do not write them down near your computer. Using a different password for each device and service is recommended. Password manager solutions can be of great help. Educate yourself on how to recognise phishing emails by looking for such signs as the sender’s address, executable files, or files with macros in attachments.
Only open attachments and click links if you are confident in the sender’s legitimacy. If the sender seems legitimate, but the content of the message looks strange, it is worth contacting the sender via an alternative means of communication. Specialised courses, such as Kaspersky Automated Security Awareness Platform, can help organisations educate their employees, including through phishing simulators. Use a protection solution, such as Kaspersky Next for businesses or Kaspersky Premium for individual users, that warns about potential dangers.
