Awareness and Security is dedicated to cybersecurity education, online privacy, and digital protection. Discover security tips, threat analysis, hacking awareness, account protection methods, and practical guides designed to help users stay safe in the modern digital world.
- Details
- Written by: khalil shreateh
- Category: Awareness and Security
- Hits: 173
Cybersecurity Awareness
The parking meter looks normal. The restaurant menu looks normal. The QR code taped over the real one looks normal too — and that's exactly the problem.
This article explains why quishing became viable only once QR scanning was built directly into phone cameras and normalized through contactless menus and check-ins, removing the friction that once made scanning a random code feel unusual. It walks through the real-world settings where malicious QR codes actually appear — stickers placed over legitimate parking and payment codes, swapped restaurant table codes, fake delivery notices, and QR codes embedded as images inside phishing emails specifically to slip past filters built around scanning link text. It also covers why many email and web filters still struggle to detect this variant, the physical and contextual warning signs worth checking before scanning any public code, and a concrete, practical set of habits — for both individuals and organizations distributing physical QR codes — that restore the verification step this format quietly removed from everyday phishing awareness.
Read more: Quishing: How a Sticker Over a QR Code Became a Serious Phishing Threat
- Details
- Written by: khalil shreateh
- Category: Awareness and Security
- Hits: 75
It started as a harmless coupon finder or PDF converter. Then it got sold, updated silently, and quietly turned into a data collection tool — without ever asking your permission again.
When you install a browser extension, you make a single trust decision at one moment in time. What almost nobody accounts for is that the extension you approved doesn't stay frozen at that moment — it keeps updating, silently, in the background, often for years, and each update operates under the permission grant you gave once and never revisited.
Read more: The Browser Extension You Installed Two Years Ago Might Be Reading Everything You Type
- Details
- Written by: khalil shreateh
- Category: Awareness and Security
- Hits: 53
Cybersecurity Awareness
This attack doesn't guess your password. It already knows it — from a breach at a completely different company you've probably never connected in your mind.
Most people picture password attacks as a hacker sitting at a screen, guessing combinations one at a time until something works. That image is almost entirely wrong for the attack that actually does the most damage today. Credential stuffing doesn't guess anything. It takes a password that is already known to be correct — because it leaked from an unrelated breach — and simply tries it somewhere else.
Read more: Why Reusing One Password Puts Every Account You Own at Risk
- Details
- Written by: khalil shreateh
- Category: Awareness and Security
- Hits: 61
Cybersecurity Awareness
SIM Swapping: The Silent Attack That Turns Your Own Phone Number Against You
Your phone number was never meant to be a security key. Attackers figured that out long before most carriers did — and they're using it to drain bank accounts in minutes.
A single convincing phone call to a mobile carrier's support line, backed by personal details scraped from data breaches and social media, is often all it takes to move your number onto a SIM card they control. From that moment, your phone goes silent while they race through password resets on your email, banking, and cryptocurrency accounts, intercepting every SMS code along the way. This article walks through exactly how SIM swap attacks unfold step by step, why cryptocurrency wallets and email accounts remain the most targeted assets, the early warning signs most victims miss until it's too late, and the concrete steps — from authenticator apps to carrier-level PIN protection — that remove your phone number as the weak link in your entire security setup.
Read more: SIM Swapping: The Silent Attack That Turns Your Own Phone Number Against You
- Details
- Written by: khalil shreateh
- Category: Awareness and Security
- Hits: 109
Cybersecurity Awareness
The Voice on the Phone Isn't Real: Inside the Rise of AI Deepfake Social Engineering
Attackers no longer need to guess your password — they can now clone your boss's voice, your daughter's face, or your CEO's video call in seconds. Here's how, and how to fight back.
For all of human history, a familiar voice or face was proof enough. Generative AI has quietly ended that era. This deep dive explains how deepfake technology works, real attack case studies, and the zero-trust verification framework individuals and organizations need to adopt immediately.
Read more: The Voice on the Phone Isn't Real: Inside the Rise of AI Deepfake Social Engineering