As the years go by criminals take advantage of technological advances and use it for their own methods of attack. Even the simplest things that we take for granted can be used against us.
Here are 6 sneaky techniques that attackers may use to attack with:
Taking pictures of your keys
You probably think that this would require some sort of method which would make James Bond proud, well he may be. Criminals have been known to take pictures of your keys from afar using telephoto lenses and then make duplicates using the photos. The duplication process starts with key normalisation. To calibrate measurements they first take a picture of a reference key that is the same brand and type as the target key. Points are established that are the same for both keys, such as the key ring holes and the length. This enables a pixel/mm ratio to be calculated. After a digital image of the target is taken, the user specifies points along the target that correspond to the points on the reference. Then off to the locksmiths they go and get the keys produced.
The same gimmick works for radio frequency identification (RFID) immobilizer chips in car keys. This has since been addressed by automakers but some cars including the 2017 BMW 7-Series has remote control parking functionality which has already been hacked into.
Taking pictures of building access codes
Yes another attack using high-tech cameras. In this instance, very tiny cameras about the size of a human fingernail have been known to be placed in areas where people enter door codes in order to access buildings. These tiny cameras are viewable via Wi-Fi and gives the attacker(s) a live feed of the building access devices. Due to the high-resolution capabilities and range of some of these cameras, this method can work from up to 300-feet away. They can also go undetected due to their size.
Leaving a bugged mobile phone in the open
Cyber criminals can leave mobile phones in an area where people conduct meetings or carry out private exchanges, and use remote control spy apps on the bugged mobile phone to prey and potentially infiltrate confidential data. This can even work at a simple business meeting – any colleague of yours can leave a mobile phone in the meeting room in the morning and by the end of their shift can have valuable private data such as voice audio recorded from the room, files and photos from your mobile extracted by spy apps since you’re most likely connected to the same network and even possibly full access to your phone or laptop with the ability to gain access to your devices at any time.
Cell-site compromise
Savvy cellular hackers rig bogus GSM hotspots from readily available off-the-shelf hardware. They place these near corporate offices to capture then forward phone calls to genuine cell towers, with no noticeable delay. So long as the fake hotspot uses a strong enough signal, compatible phones will connect to it. Attackers can crack even encrypted calls using the technology.
Questionnable gifts
If it’s Christmas time you’re going to expect gifts now and then. Well, be careful with what you receive as you may give away more that you think during the festive period. Usually targeted to C-levels, gifts sent can contain microphones embedded inside which collect and record audio which are sent over via Wi-Fi straight to the attackers inbox. In fact any form of gift can contain devices which can skim your credit cards, swipe your mobile phones or even record your every movement (via GPS). So unless you’re getting a pair of socks as a gift, it’s always best to check with the sender and the gift itself.
Tracking mail
Attackers use spymail such as ReadNotify to send emails with stealthy tracking code, enabling them to learn when you open it, your location, your system information, and who receives the same email when you forward it. Cyber hoods use spymail in conjunction with spear phishing. When they know your location, for example, they can reference it in phishing emails to convince you they are who they say. When they know who you forward the email to, they can spoof that party to convince you they are legitimate.