Phishing is a form of online social engineering and an illegal method of deceiving people into disclosing sensitive information such as passwords, credit card numbers or downloading files that contain malicious code like malware, viruses etc.
To understand phishing and all its deviations, one must first understand that phishing is a form of social engineering, also known as social manipulation or scamming. In its core social engineering is all about manipulating, trying to gain their victims trust to get them to reveal confidential information or perform desired actions using psychological knowledge.
The method of Social Engineering is by no means exclusive to the internet. But because of the nature of the internet – with its easily accessible information and possibility to reach many people fast – it has become the main playground for these types of scams and frauds.
Keeping track of all the passwords we need to use to function in our everyday life online can often be both troublesome and hard. As a result, many of us tend to reuse one or maybe two passwords that often leave much to be wanted in terms of complexity and safety. In this article we will take a closer look to why it is so important to choose passwords wisely and what you can do to keep track of them.
Passwords have been around since ancient times and have a long and exciting history, but if you want to understand the way we view passwords today we need not wind back the clock very long; In December 2009, the American based development company RockYou, who then specialized in social media widgets, were subjected to one of the most infamous data breaches in history. The breach resulted in the exposure of 32 million accounts.
The stolen information spread fast among hackers and security professionals. Even though the number of accounts exposed was by no measure small, what made this breach stand out was that all the user data was unencrypted – including all user passwords. This not only meant that the RockYou had neglected to implement minimum of user data security but also that for the first time it was possible to analyze a massive list of passwords that people actually used in real life. After analyzes of the list had been made what stood out was the massive scale of people using very easy passwords. In short: if you use any of these passwords change them immediately, and the same goes for if you have an easy password in general.
Having access to the top 5000 passwords in the RockYou password-list means that you can crack 20% of all passwords. Or to be more precise: if you pick any account, be it a social media account or any other service, you have 20% chance in succeeding when trying them all. What is almost as shocking is that people until this day use the same passwords, which is really bad news since the RockYou password-list comes as a default in many popular hacking programs. Please note, although trying out 5000 passwords might seem like a time-consuming task it really isn’t given the computing power and tools available. More about that below.
The Iceberg
The areas of the internet are often described using the image of an iceberg, where the surface web forms the visible tip above the waterline, followed by the deep web submerged just below, and finally the darknet lying hidden at the very bottom. Although this is a simplification, the analogy serves an important purpose in helping to visualize the complexity, structure, and vastness of the online world.
Darknet, dark web, deep web, surface web — you have probably heard some or all of these terms before, but what is the real difference? In this article, we will sort out the confusion and provide a clear explanation of each concept, helping you gain a basic understanding of how these different areas of the internet function.
The surface web is often estimated to make up of 4-10% of the internet. This is the part of the web we typically think of when we hear the word “Internet”. The surface web is open to everyone and all its content can be found using a web search engine. Although 4-10% might sound like a small number one has to keep in mind that Google was estimated to index roughly 35 trillion web pages in the year 2020.
Example of content:
The deep web is what makes up the largest part of the internet, the estimates usually range somewhere between 90 – 96 %. The deep web is what makes up everything that is not indexed by standard web search-engines, meaning all pages that require a log-in to access. The deep web is estimated to be at least 4000 – 5000 times larger than the surface web.
Example of content:
Technically the dark web is actually a part of the deep web. The exact size of the dark web is unknown, but regardless of the exact size it only makes up a very small fraction of the internet as a whole. What makes the dark web stand out – other than the infamous illegal activity that occurs on some of its websites – is that it is anonymous and consists of so called darknets, which are overlay networks that use the internet but that require special software, authorization, or configurations to access.
Contrary to common belief not all content on the dark web is illegal, same as not all illegal activity on the internet is concentrated to the dark web. Most illegal activity is taking place outside of the dark web in closed forums on the deep web.
Examples of content: