Dev/videos

From Kicksecure
< Dev
Jump to navigation Jump to search

Video Drafts for Kicksecure

Open Drafts[edit]

What does Open Drafts mean? - These are scripts for videos which have not been produced yet. Therefore any feedback (edit suggestions) are more likely to make it in the video which is due to be produced soon.

There may be some inaccuracies in the Open Drafts.

Open Drafts should not be considered Documentation or factual statements until finalized.

Documentation for this is incomplete. Contributions are happily considered! See this for potential alternatives.

Finalized Drafts[edit]

What does Finalized Drafts mean? - These drafts are not very useful to modify because the video has already been produced, pending upload. Unless there are critical issues, no changes will be recorded.

IDN Homograph Attacks[edit]

Beware of URL Impersonation: How Scammers Trick You with Lookalike Letters

Imagine you're visiting what you believe to be your bank's website. You verify the web address in the URL bar, and it appears to be exactly as expected. However, you're actually on a fake website created by scammers. This fake website looks identical to your bank's website, but it's designed to trick you into revealing sensitive information such as your password, credit card number, or other personal data.

This exact attack is not only possible but has been demonstrated by a security researcher using apple.com. Surprisingly, this attack cannot be spotted with the human eye by looking at the link. The URL clearly shows "apple.com," but instead of the sleek, polished brand website, you'll be greeted, luckily, by a friendly warning message from the researcher instead of a scammer. The link to the researchers attack demonstration and further information can be found in the video description.

[bumper : How the scam works]

Scammers create fake websites that look and function exactly like the real ones. But for their scam to work, they also often create URLs that resemble those of well-known brands to trick users into being careless. They use "lookalike letters" called "homoglyphs" from different languages to replace English letters and create "lookalike words" called "homographs". For example, they might use a Greek "a" instead of an English "a" to create a fake homograph that makes the browser render "apple.com". However, instead of the legitimate website, users will be visiting a domain that the attacker controls. This is how they deceive users and trick them into revealing sensitive information such as their passwords and 2FA logins.

Fortunately, you can avoid falling victim to this attack. Internal to the browser, the plain text version of apple.com is converted by the browser into a strange letter salad, called punycode, because URLs don't allow foreign characters. If your browser would show this punycode you would clearly see it's not the real apple.com (https://www.xn—80ak6aa92e.com). However, many browsers unfortunately, for your convenience and at the expense of your security, do not display you this punycode.

[bumper: Defending yourself]

If you come across a suspicious URL in an email, chat, or website, don't click on it. Instead take precautions.

One. You could simply type the URL into the address bar yourself. This might be inconvenient, but it's extremely safe.

[ In the video, show the URL bar and demonstrate typing the URL by hand. ]

Two. You can also change browser settings to always show punycode, but this only works well for Latin languages and not international audiences.

[ Show how to change the browser settings to show punycode in Firefox. ]

Three. You can copy and paste the URL and can add another layer of security by sanitizing the copied URL first before pasting it. What you think you copied might not be what you really copied, depending on your browser. To learn how to sanitize URLs and protect yourself from hidden text attacks, check out our previous video.

[ show previous video and link https://www.youtube.com/watch?v=6nHufztdkUIarchive.org iconarchive.today icon ]

In summary, URL impersonation is a common tactic used by scammers to steal sensitive information from unsuspecting users. To protect yourself, remember to:

  • Manually type URLs into the address bar: This is a safer way to access websites.
  • Enable punycode-only in your browser settings: This will prevent homoglyphs from being used in URLs to deceive you. Note that this may not work well for non-Latin languages.
  • Alternatively Right-click the URL, copy it, and sanitize it to make sure it's safe before pasting it into the address bar.

How to defend yourself from this attack is also documented in our wiki.

[ scroll through https://www.kicksecure.com/wiki/Social_Engineering#IDN_Homograph_Attacksarchive.org iconarchive.today icon ]

To learn more about how to protect yourself from this and other attacks, take a look at our wiki at https://www.kicksecure.com/wiki/Documentationarchive.org iconarchive.today icon. Stay vigilant and be safe! 

* fake apple.com security researcher demonstration website: https://www.xn--80ak6aa92e.com/
* https://thehackernews.com/2017/04/unicode-Punycode-phishing-attack.html
* https://www.xudongz.com/blog/2017/idn-phishing/
* https://forums.whonix.org/t/very-hard-to-notice-phishing-scam-firefox-tor-browser-url-not-showing-real-domain-name-homograph-attack-punycode/8373
* https://twitter.com/Whonix/status/1189513958488711169
* https://mothereff.in/punycode
* https://www.jamf.com/blog/punycode-attacks/
* https://github.com/mathiasbynens/punycode.js
* https://www.gnu.org/software/libidn/libidn2/manual/html_node/Invoking-idn2.html
* https://supertekboy.com/2020/07/15/url-impersonation-homoglyph-attacks/
* https://github.com/em-te/webextension-no-homographs

phishing,scam,scammer,homoglyph,homograph,homoglyph attack,homograph attack,url impersonation,lookalike letters,unicode,punycode

Vid #001 : OOPS! They tricked me to install MALWARE! Clipboard Hidden Text Attacks explained[edit]

Show Script

Don’t ever blindly trust screenshots #shorts[edit]

In the age of AI, you may have encountered amusing deepfaked videos and sound bites, such as Joe Rogan discussing his love for Bionicle. AI can also be a threat as deepfaked disinformation.

Disinformation using screenshots is even easier and requires less effort than using Photoshop. Everyone can do it in less than a minute.

Most desktop browsers come with integrated developer tools to edit HTML modifying the page you're on. In the browser, press F12 or simply highlight a phrase on a webpage, right-click, and choose "Inspect element". In the tools, double-click on the HTML element you want to change and type whatever you desire.

This method works on Twitter, Facebook, YouTube, TikTok and elsewhere and can be easily abused by scammers. So avoid jumping to conclusions based solely on unconfirmed screenshots. Use other sources and critical thinking.

For more about computer security and hacked safety check out the Kicksecure wiki.

[ B: Show Kicksecure Documentation and a few pages such as Malware, Mental Model and Social_Engineering. ]]

Good source: https://nymag.com/intelligencer/2015/11/how-to-fake-a-screenshot.htmlarchive.org iconarchive.today icon

screenshot,deepfake,ai,artificial intelligence,fake news,sources,fact check,fabrication,joe rogan,browser,Chrome,Firefox,Edge,developer tools,webpage,website,Twitter,Facebook,Youtube,TikTok

Your support makes
all the difference!

We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!

Retrieved from "https://www.kicksecure.com/w/index.php?title=Dev/videos&oldid=86880"