Tag: cyber attack

AI, Programming, Tech

AI in the Job Market and You

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Alexa, I said I wanted “spam”, that didn’t mean mail me spam.
Photo by Andrea Piacquadio, please support by following @pexel.com

AI Talk

What’s the big deal!?

As the world turns, we’re finding more and more technology coming out, malware being spread, and phishing attempts ending up being successful. Not sure how phishing attacks are still getting people in trouble, but hey, when you’re lonely and want money, a prince is a prince. In the grand scheme, we should be proud of our wonderful accomplishments. However, we simply can’t have nice things. I mean, we have life, and we’re making that difficult. A quick shoutout to our four fathers for paving the way to this point. Point out life’s struggles aside, what is the latest in this crazy world? If you have been living under a rock, then let us introduce you to the world learning to live with “AI” (Artificial Intelligence).

Gasp, yes, the computers are getting smart, but they’re not getting smarter than us…yet. We’re going to be looking at what is AI, a little of how it came about, and what are some things you may need to know to keep your job. Because yes, AI will take your job. AI, what is it? It’s the uprising of the machines and taking the world for themselves. You’ve been informed, thank you for reading, and have a good day.

No, AI in its simplest terms, is giving machines the ability to learn like humans do from experiences. This could range from playing critical thinking games like chess and checkers, to self-driving cars. And before you think to say anything, don’t doubt checkers, there have been some tense moments. Now given our machines can learn (somewhat) like we do, to the machine this all breaks down to just ones and zeros.  

The ones and zeros, which are called “binary”, are encapsulated in what’s called “machine language”. We’re not going to cover it now, just know, if you want to learn this programming language.  You’re going to be heading down a rabbit hole because you’ll be learning how the computer puts together outputs for humans to understand.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

I work with computers, my job is safe from AI, right?
Photo by Brett Sayles, please support by following @pexel.com

The early days of AI, which has nothing to do with what we have today, began with a mixture of mathematics, philosophy, and technology from the Greeks. That was then later pioneered by Alan Turing, an English mathematician and logician. He proposed the idea that machines could simulate human intelligence. Then at the Dartmouth Conference in 1956 is often cited as the birth of AI as a field of study, where the term “artificial intelligence” was first coined, and the potential of intelligent machines began to capture the imagination of researchers.

This discipline formed the making of simple algorithms for the development of complex neural networks. An example of this is each neuron in your brain has a set of instructions or a program, which when it has information, that information is sent down the line to the next neuron for processing. Bringing this to a larger scale, a neural network working in tandem to provide decision-making. Choosing to learn builds your neural network, choosing not to build…well, nothing.

Okay, so at this junction, you’re probably wondering “How is AI going to replace me at work?” To answer your question, it’s a grey area. AI will replace jobs like customer service, basic software engineering, and other basic one-dimensional occupations.

We’ve seen how cashiers in a way getting phased out with self-checkout kiosks popping up in stores. Call centers and websites have moved to using AI instead of people. Developers have turned to the aid of AI to develop code. AI at this point in time will not replace jobs like carpentry, doctors, or construction.

However, just because it’s not happening right now, doesn’t mean it’s not going to happen within the next five years. The best way to ensure that you have a job is to make sure AI doesn’t outlearn you. This means go out and start learning today more than you did yesterday.

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on AI? Script a comment below.

Cloud Talk, Security, Tech

Google Ribbed Play Store

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Tucker: What’s with this scriptingthewhy nonsense? You actually like this stuff?
Becky: Granddad, just read it. You might learn something.
Photo by cottonbro studio, please support by following @pexel.com

Picture this if you will, you’re on the Google Play Store. You’re clicking around, hopping in and out of application descriptions, and viewing all the potential great ideas that developers have worked tirelessly to create and you’re just having a beaming time.

While rifling through several apps, you find one particular to you and figure to download it. While watching the app’s progression in downloading you begin to get an eerie feeling like something may be off.

Let me script for you how things may get interesting in the days to come. Trust me, you’re not going to love it.

Oh come on Zeroclay, what about my phone isn’t safe now!?
Photo by Olha Ruskykh, please support by following @pexel.com

Few Malware Apps a Ton

If you have an Android product, then there is a high chance that you have spent some time on the Google Play Store viewing tons upon tons of applications just waiting to be installed on your phone.

Now while it is common knowledge that the Play Store is a trusted source, that does not necessarily mean that everything on the Play Store is a trusted product. As of recent there has been a surface of a malware called “Fleckpe”.

Fleckpe is an Android Trojan that first appeared at the start of 2022 and not only has it amassed more than 620,000 downloads, but it has been receiving upgrades as well.

But I can hear a few of you reading this saying “Z-Daddy, I’m not clear on what a trojan is.” And to those few, don’t worry, I got you. A trojan is malware that is disguised as a legitimate program and when installed, is released, and can wreak havoc on your machine. Clearly, this trojan isn’t ribbed for your pleasure.

Also, one of the upgrades has a nasty secret feature you’re not going to be happy about knowing. Needless to say, this trojan is packing and again, it’s not for your pleasure.

Evan: he said it had affected here, here, and here.
Ms. Simon: You’ve been reading scripts again instead of doing your homework, haven’t you?
Photo by Tima Miroshnichenko, please support by following @pexel.com

Packing the Details

So, what are some of the areas that are feeling this trojan’s imprint? Well, since this is on the Google Play Store and the Play Store has users in a lot of countries leading this to be pretty much set on a global scale, you can count on this imprint to be globally distributed.

Although, areas that have been confirmed to be affected are Thailand, Indonesia, Singapore, Malaysia, and Poland. As a side note, it has been noted that authors of novel viruses, malware, and trojans alike have said that they are pleased when their creations go places where they can’t.

One author had said that even though the US had kept him away, the fact they couldn’t do the same with his creation was a satisfying feeling.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

What’s this nudemidgetcowgirlsfromouterspace subscription and why is it $29.89 a month? I never signed up for this!
Photo by MART PRODUCTION, please support by following @pexel.com

Unwanted Subscriptions and Spin

Are you wondering how this trojan worked? Once you had downloaded and installed one of the eleven infected applications from the Play Store, which were used either for photo editing, wallpapers for the background of your device, or an application that involved the camera, the good times would roll downhill…along with your credit score.

The infected app would request access to notification content that is required to capture subscription confirmation codes for an array of premium services. Fleckpe then springs into action, decoding its payload containing infected code. The payload contacts the command-and-control (C2) server that relays information back to the attacker about the newly infected device.

This includes the Mobile Country Code (MCC) and Mobile Network Code (MNC). Following this would be a paid subscription page that is opened on an invisible web browser window and attempts to subscribe on the victims’ behalf by abusing the granted permissions and obtaining the confirmation code required to complete this step.

Yes, this is exactly what you’re thinking. It’s like having your spouse sign you up for a spin class without your knowledge and opting for the highest difficulty so they can get a laugh.

Ugh, unwanted bills, spin class, and subscriptions. How do we stop this one now Z-Daddy?
Photo by Tima Miroshnickenko, please support by following @pexel.com

Watching Bill and Company

Are you ready to take some steps to ensure this doesn’t happen to you? There are a few steps you can take to ensure that you don’t get imprinted with this trojan on your device.

One way is just to be cautious of downloading apps from both trusted and unknown sources. Being vigilant when dealing with requested permissions during the installation process and keeping a watchful eye on your billing statements to catch any unauthorized activity such as subscriptions and charges.

Below are the comprised apps:

  • Beauty Camera Plus (com.beauty.camera.plus.photoeditor)
  • Beauty Photo Camera (com.apps.camera.photos)
  • Beauty Slimming Photo Editor (com.beauty.slimming.pro)
  • Fingertip Graffiti (com.draw.graffiti)
  • GIF Camera Editor (com.gif.camera.editor)
  • HD 4K Wallpaper (com.hd.h4ks.wallpaper)
  • Impressionism Pro Camera (com.impressionism.prozs.app)
  • Microclip Video Editor (com.microclip.vodeoeditor)
  • Night Mode Camera Pro (com.urox.opixe.nightcamreapro)
  • Photo Camera Editor (com.toolbox.photoeditor)
  • Photo Effect Editor (com.picture.pictureframe)

Make sure you check the reviews to see if anyone has had or is having issues with the application. If you find that you have downloaded one of the following applications that were compromised, uninstall them immediately and keep a watchful eye on your phone bill.

The main thing you can do is remain vigilant as scammer scamming is increasing on the marketplaces such as Google Play. All-in-all, it’s best practice to just keep a watchful eye on your bill seeing as though there is no real sure-fire way to protect from the bad guys getting in. Security is always secure enough, it’s never 100%.

Tom: I’m great goalie…but even I can only stop so much.
Photo by Tony Schnagl, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on Fleckpe? Script a comment below.

Security, Tech

Caller ID is Inop, Please Try Again.

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Oh a new post, I guess I get to see what all this Scriptingthewhy nonsense is about.
Photo by Mike Jones, please support by following @pexel.com

Scammers are trying to get people with the old hook, line, and sinker. Phishing emails aren’t the only thing you have to be on the lookout for, well, in this case, keeping an ear out for.

Scammers have turned to fishing phone calls to lure potential victims into giving most if not all their information. We will be looking at what kind of attack this is, who used it, the functionality, and effects upon release, and what are some ways to keep safe when you’re just trying to use the phone to call Nana.

Who are these people that keep calling me fam?
Photo by Liliana Drew, please support by following @pexel.com

The Attack

What are the latest attacks on the internet coming up like gas prices and rising panic of the future? Look no further than what’s called “vishing.” This version has been named “LetsCall”. If you’re under a rock and have no clue, don’t worry, we got you.

Vishing is similar to email phishing; this is the act of posing as someone the victim may know or a reputable business in hopes they fall victim and leak sensitive information.

Vishing is done differently because this attack uses the phone instead of sending the victim a letter saying “I’m a prince with a lot of money and I need your account to hide it in.” And before you ask, yes, people still fall for that.  

Hello, it’s me. I was wondering if all these years you’d like to meet.
Photo by Tan Danh, please support by following @pexel.com

Who Can It Be Now

Since its release on the market and a lot of threat actors are using it, no one person or group has been made a name for using it but that doesn’t mean someone won’t slip up in the future.

It is believed that the group of threat actors consists of both front-and-backend developers, designers, and operators who specialize in voice social engineering.

This is a nice little mix of; down let your guard down but don’t get your hopes up.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

When it comes to the world, it’s a game of chess.
Photo by Pixabay, please support by following @pexel.com

That Sinking Feeling

LetsCall has been used to target users in South Korea but given how crafty it is, it’s believed that attacks have expanded since its release to European Union countries. This is a growing concern because LetsCall comes ready to go out of the box and this means anyone can use it.

It has been noted that there are three parts to this attack. The first step is, as with many phishing attempts where a fake site is created for the victim to interact with, in this case, it’s the Google Play Store. From there they download the first portion of the application chain attack.

Once the application is installed and run, it redirects all incoming calls to a call center controlled by the threat actors. In the call center, there are trained operators posing as bank employees, this is done with the intent to extract sensitive bank information.

To facilitate connections and bypass firewalls, threat actors make use of the Voice over Internet Protocol (VoIP)— is a technology that allows the user to make internet-based calls instead of using a standard phone, and Web Real-Time Communication (WebRTC)—which allows for audio and video to work within webpages by allowing peer-to-peer communication.

So in short, once this is on your phone, the only people you will be able to contact is the call center.

When it comes to your information, operate with top secret clearance.
Photo by Caleb Oquendo, please support by following @pexel.com

The Prevention

At this point, we’re assuming you don’t want to make friends with people from a random call center and you’re looking to protect yourself. A good form of protection is to use and do not disclose your 2MFA (Two-Multifactor Authentication), password, and any other possibly sensitive information.

Check your caller ID before answering as you could more likely tell by the number that it’s a scammer calling you. If you choose to engage with the scammers, explore how much information they are willing to give you regarding their full name, the company they’re working for, and the reason pertaining to the call, and request an extension number in case the call drops.

You should red flag anyone requesting payment via prepaid or gift cards as this will be the payment method of scammers and not a legitimate organization. Any questionable or suspicious interaction should be documented, and authorities should be involved.

Remember, the best kept secrets are the ones no one finds out about.
Photo by Ty Huynh, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on LetsCall? Script a comment below.