Social Engineering and the Crypto World?

Binance Academy has tried to explain the concept of social engineering and how it triggers hacking into the cryptosphere.

Social engineering is often presented as a cyber threat, but the concept exists for a long time, and the term may also be used in relation to real-world fraudulent schemes, which usually involve impersonation of authorities or IT specialists. However, the emergence of the internet made it much easier for hackers to perform manipulative attacks on a wider scale and, unfortunately, these malicious activities are also taking place in the context of cryptocurrencies.

How does it work?
All types of social engineering techniques rely on the weaknesses of human psychology. Scammers take advantage of emotions to manipulate and trick their victims. People's fear, greed, curiosity, and even their willingness to help others are turned against them through a variety of methods. Among the multiple sorts of malicious social engineering, phishing is certainly one of the most common and well-known examples.

Phishing
Phishing emails often mimic correspondence from a legitimate company, such as a national bank chain, a reputable online store, or an email provider. In some cases, these clone emails will warn users that their account either needs to be updated or has shown unusual activity, requiring them to provide personal information as a way to confirm their identity and regularize their accounts. Out of fear, some people promptly click the links and navigate to a fake website in order to provide the required data. At this point, the information will be in the hands of the hackers.

Scareware
Social engineering techniques are also applied to spread the so-called Scareware. As the name suggests, scareware is a type of malware designed to scare and shock users. They typically involve the creation of false alarms that attempt to trick victims into installing a fraudulent software that looks legitimate, or into accessing a website that infects their system. Such a technique often relies on users’ fear of having their system compromised, convincing them to click on a web banner or popup. The messages usually say something like: “Your system is infected, click here to clean it.”

Baiting
Baiting is another social engineering method that causes trouble for many inattentive users. It involves the use of baits to lure victims based on their greed or curiosity. For instance, scammers may create a website that offers something for free, like music files, videos, or books. But in order to access these files, users are required to create an account, providing their personal information. In some cases, there is no need for an account because the files are directly infected with malware that will penetrate the victim’s computer system and collect their sensitive data.

Baiting schemes may also occur in the real world through the use of USB sticks and external hard drives. Scammers may intentionally leave infected devices on a public place, so any curious person that grabs it to check the content ends up infecting their personal computer.

How to prevent social engineering attacks?

As mentioned, social engineering scams work because they appeal to human nature. They usually use fear as a motivator, urging people to act immediately in order to protect themselves (or their system) from an unreal threat. The attacks also rely on human greed, luring victims into various types of investment scams. So it is important to keep in mind that if an offer looks too good to be true, it probably is.

Although some scammers are sophisticated, other attackers make noticeable mistakes. Some phishing emails, and even scareware banners, often contain syntax mistakes or misspelled words and are only effective against those who don’t pay enough attention to grammar and spelling - so keep your eyes open.

In order to avoid becoming a victim of social engineering attacks, you should consider the following security measures:

Educate yourself, family and friends. Teach them about the common cases of malicious social engineering and inform them about the main general security principles.
Be cautious with email attachments and links. Avoid clicking on ads and websites of unknown source;
Install a trustworthy antivirus and keep your software applications and operating system up to date;
Make use of multifactor authentication solutions whenever you can to protect your email credentials and other personal data. Set up two-factor authentication (2FA) to your Binance account.
For businesses: consider preparing your employees to identify and prevent phishing attacks and social engineering schemes.

What Can Hackers Do With a Replay Attack?
Replay attacks can be used to gain access to information stored on an otherwise protected network by passing it seemingly valid credentials. They can also be used to fool financial institutions into duplicating transactions, allowing attackers to draw money directly out of their victims' accounts. In some cases, hackers will combine parts of different encrypted messages and pass the resulting ciphertext to the network in what is known as a cut-and-paste attack. The network's reaction to this kind of attack will often give the hacker valuable information that can be used to further exploit the system.

Despite the obvious dangers associated with them, there are limits to what hackers can achieve with replay attacks alone. Attackers cannot change the data that is being sent without the network rejecting it, limiting the effectiveness of the attack to repeating past actions. These attacks are also relatively easy to defend against. A defense as basic as adding a timestamp to data transmission can guard against simple replay attempts. Servers can also cache repeated messages and cut them off after a certain number of repetitions to limit the number of attempts an attacker can make by replaying messages in quick succession.

Why Replay Attacks Matter in the World of Cryptocurrencies
Though they are far from exclusive to it, these attacks are particularly relevant to the environment of cryptocurrency transactions and blockchain ledgers. The reason for this is that blockchain ledgers sometimes go through protocol changes or upgrades known as hard forks. When a hard fork takes place, the existing ledger splits into two, with one running the legacy version of the software and one running the new, updated version. Some hard forks are meant merely to upgrade the ledger, while others branch off and effectively form entirely new cryptocurrencies. One of the best-known examples of a hard fork of the latter variety is the one that allowed Bitcoin Cash to fork from the main Bitcoin blockchain on August 1st, 2017.

When these hard forks occur, it becomes theoretically possible for attackers to employ replay attacks against blockchain ledgers. A transaction processed on one ledger by a person whose wallet was valid before the hard fork will also be valid on the other one. As a result, a person who received a certain number of cryptocurrency units from someone else through one ledger could switch to the other ledger, replicate the transaction and fraudulently transfer an identical number of units to his or her account a second time. Because their wallets are not part of the shared history of the ledgers, users who come to a blockchain after a hard fork takes place are not vulnerable to these attacks.

How Can Blockchains Be Protected Against These Attacks?

Although the vulnerability of forked blockchain ledgers to replay attacks is a valid concern, most hard forks include security protocols that are specifically designed to prevent these attacks from being successful. Effective measures against blockchain replay attacks fall into two categories, known as strong replay protection and opt-in replay protection. In strong replay protection, a special marker is added to the new ledger that emerges from the hard fork to ensure that the transactions conducted on it will not be valid on the legacy ledger, as well as the other way around. This is the type of protection that was implemented when Bitcoin Cash forked from Bitcoin.

When implemented, the strong replay protection is executed automatically as soon as the hard fork occurs. However, opt-in replay protection requires users to manually make changes to their transactions to ensure these cannot be replayed. Opt-in protection can be useful in instances where the hard fork is intended as an upgrade of a cryptocurrency's main ledger, rather than as a complete split from it.

Source and read more at: https://www.binance.vision/security/what-is-social-engineering