DO NOT open this email!
Vložit
- čas přidán 22. 05. 2024
- NEVER open this - It WILL ruin your life!
This email bypasses your password and your 2-factor authentication!
John Hammond video: • Fake OnlyFans MALWARE:...
SUBSCRIBED YET?
czcams.com/users/LironSege...
#TheTechieGuy
Want to protect yourself from scams?
What is the best security?
How do you keep safe online?
Then you are in the right place!
We cover everything from Security and Scams to How Tos, Tips and Tricks, Faster Internet.
My name is Liron Segev, aka TheTechieGuy, and I make tech simple for everyone to understand!
Liron Segev aka TheTechieGuy
TheTechieGuy.com
FYI: As an Amazon Associate I earn from qualifying purchases
0:00 NEVER open this email
0:21 What is Infostealer?
1:01 How does Infostealer work?
2:18 Example of Infostealer email
4:04 Can you buy an Infostealer?
4:40 what can you do to protect yourself from Infostealer? - Věda a technologie
Huge thanks for the shoutout, Liron!! Glad to be helping spread the word with you! 😁💪😎
and thank YOU for everything you do. Always learning so much and realising just how much I still have to learn when I watch your channe! Thank you for the education! 🔥🔥🔥
@@LironSegev Oh yeah John Hammond's video you do learn so much, about digital awareness.
This video is precisely why you reached 1M!! Thank you for always helping us!
appreciate you!
All good points, never open anything you don't recognise or are not expecting
Exactly
Moustly and especially those UNEXPECTED!
I was JUST lecturing a friend on this topic yesterday out in the real world! I could do that...because I watch YOU! Mahalo, brother!
Epic. Mahalo
Simple language and important information. Straight to the point. That is why I love your videos.
thank you and thanks for being here!
I don't use E banking, never will as long as I can, 'anything' on computers is there for the taking !
Also all E mail is taken as suspicious, they can ring me if they know me !
Gaz UK.
Thank you once again Liron for your very professional advice. Cheers from Australia.
Much appreciated
nice to see you back again... i make it a habit to log out of every thing no matter what. as i like to say.... its mo better that away.
nice!
I do that to most websites, but I should start doing that for my email sites.
I love your style sir Liron 🎉 Congrats!
Thank you kindly!
Thanks for the tip on safe browsing.
.
First watch - LOVED IT !!!!! greetings from SUNNY South Africa
Howzit - thanks for watching!
What I have found out using the "remember me" function is that when you need to actually imput that info yourself you find that you have forgotten it
YOU are my HERO!
thanks for the great useful information video , i pass many of your video's on to help others . keep up the great work !
Awesome, thank you!
Ok thank you boet. I will keep an eye out for that email and will not open or click on anything in that email. Awesome video man !!!
No worries!
I do not use my PC for email or internet browsing, I use iPhone & iPad. Any access to any banking or payment I use the App provided by the financial entity. I always use strong passwords. This is not 100% failsafe but is pretty close.
Great info! THANKS for sharing!
Any time!
Congrats on 1 million subs on your way to 2 million.
thank you!
Thank you very much for this information. 👍🏿
Glad it was helpful!
Before you delete any suspicious email. It would be adviced to report it and block and then delete it. That way your email provider can see what malware or what ever the suspicious file thats attached will be on there database if threats. However this video gets top marks for security information that you and everyone should know. Thank you Liron.
true - just be very careful not to click on the attachment
@@LironSegevBelieve me Liron Ive been trying to get my sister to log out of everything and not open attachments. In fairness she has calmed down a lot. Only because I got fed up fixing her computer 🙄 But Im going to show this vid to her. Hopefully it will knock a bit of sense. Thanks for the vid. 👍
Thank you Liron.
Very welcome
Thank you for sharing this information. Of course, I love the thick graying beard! Woof! Such a handsome technical man! Hugs, Liron!
😂
Always happy to make you laugh and smile! Hugs!
Thanks for the Info
You bet
Thanks for sharing this with us, is there a way to enable safe browsing for your account in Microsoft Edge?
Thanks for sharing, that's great information to know.
Thanks for being here 🔥
Thanks for telling these informations
My pleasure
Thanks
COOP
..
np
I was very interested on how you achieved AI on your web site. If you explain more on AI it would be great. thanks
Law 40 of 48: DESPISE THE FREE LUNCH. What is offered for free is dangerous. It usually involves a trick or hidden obligation.
Thanks for great video.
I have a question. Will the malware or virus affect my windows system if I open the attachment in a sandboxed environment using something like sandboxie?
Welcome back Liron. I don't understand how will the malware infect me just by opening the email. Can you explain that?
Not just by opening the email - but opening the attachement. Its not a real PDF or a MP4 file, its an executable file that runs like any other program
I remember late 90's you could download a programme, it still exists, it was meant to test the security of your own website, but you could use that programme also to hack other websites and get in as admin, change the website, etc. you could even find visa card accounts that way. time doesn't stand still neither the possible free programs/apps to hack.
So many free tools these days
This is why you never click, "yes" when your browser asks you if you want to store the password to a critical site. Just gear up and remember your password, or use a password program.
Thanks for sharing
Thanks for watching 🔥
Thank you for this info I never open an email attachment or pdf if I don't know the email sender,
QUESTION PLEASE HOW TO KNOW DETAILS OF RANDOM NUMBER CALLEED YOU ? CHERRS
You can use the global password feature of the browser or email software, then is need it to use once by session
Thank you, thank you, thank you…!!!
You are so welcome!
Hey can rockey 2 dongle be replace if loss the that go with my software . Can buy other to work with it old software 2018 . Love you video
Any opinion on the M1 Flipper alternative?
great channel. i wanted to ask how when you run a file with pdf ext you can run bad code. i mean the os will try to run a pdf viewer. can you please explain
To be honest, Windows auto repair has never repaired anything for me. I always needed to restore a backup or re-install.
Hi liron, i have a browser hijacker on chrome, could you make a vid on how to fix this?
Brilliant
thanks for being here
M.T LA million @@LironSegev
Wouldn't it be beneficial to NOT "Remember Me" on your accounts and erase your History every day? I don't save ANYTHING on my PC. I don't allow my Browser to save any User IDs or Passwords EVER.
Liron, will this still happen if your User Account Control is set to maximum? Will you get that prompt that asks you to confirm if you want to run something?
depends on the malware and what is does
Please make a video about your suggestions for a light weight antivirus.
actually have one coming up soon
Just deleting the e-mails permanently or leaving it in the trash folder is enough safety precaution, right?
I like to remove them so I don't by mistake click on it.
Since session-key vulnerability is well known, cannot the site that requires it implement additional checks for unique identifiers such as the MAC address that was first used when the session-key was delivered by the site? This renders stealing session-keys worthless as w/o it being used on a computer with the same MAC address - which is impossible to do - unless the MAC address can be spoofed etc etc. I don’t say it has to be the MAC address but would not something along those lines work?
I never open email's from anyone I don't know. Some I get from companies I know but the address is wrong so I delete those. I've cancelled my Norton Anti-virus subscription. Doesn't seem to do anything these days. When I first installed it, it was picking up about 3 viruses a week. Thinking of going to Windows Defender. Do you any thoughts on this? Only concern I have is with my iPhone's. Yes I have 2. One without a Sim as it uses my Wifi, the other with a Sim only gets used as a phone and navigation but sometimes I do Google to find an address.
Smart. Window defender isn't perfect but has come a long way since it was crap. I typically have an anti virus on a phone too
When you talk about preview mode for emails, are u just referring to desktop clients, or web browsers and mobile apps? Also, if you previewed an email with one of these malicious attachments, wouldn't a virus/malware scanner detect it once the code is executed? Thanks!
Descktop clients. You can't preview an attachment in mobile app (at least not in any app I have seen). It is also typically aimed at Windows machines not mobile systems. When you click on a PDF or a Word document - not doulbe click - it opens the document inside your email so you can see it. Malware uses that to trigger. The Anti virus can get disabled and there are ways for it to add itself to the "do not scan" exception list so your anti virus wont stop it.
@LironSegev thank you! So if we're just using email via a web browser or mobile app, this really isn't a threat/issue, as long as we don't download attachments? Thanks so much for your response. Love your channel. Keep up the great work!
@@NorbertFarley I would not say that. Yahoo Mail has a preview feature for various attachments, so I could see this malware getting triggered.
@@fredericapanon207 hmm... is there a way to disable that setting?
@@NorbertFarley on the desktop, you need to select the Preview option in the menu that appears over the attachment when you hover your cursor over the attachment. The other option is to Download. So just don't select the preview.
@LironSegev, can malware files disguised at Jpegs be inserted inline into an email? That is the one way that pictures files display upon opening an email that I can think of. I would suspect not, but I don't know.
Is there software that performs a check locally on your pc for email attachments before you open them? Like an antivirus? If it's sent as a gmail/Hotmail attachment (not just a link) does Google or Microsoft check it?
all anti virus checks email attachements. If yours doesn't, it time to get a new one
Does this also apply to iPhone or android devices?
Fails to mention that Chrome "advanced protection" requires browsing data to be sent to Google. Your providing even more information to Google than they already collect from you. If your bank allows "remember cookies" don't use that feature. It's a PITA but always opt for a one time passcode to be texted or phoned to you. This will also alert you when someone may have your credentials and is trying to access your account.
Fails to understand the difference between Advance Proftection and Enhanced Safe Browsing....but ok - lets go with it. So you are on Google Chrome, trying to log into Google account and your concern is that Google will know? eh... ok.
And give up windows,switch to linux like debian.
TL;DR: Don't use Windows. Use something like Qubes OS that can isolate different programs so they can't access each other's data.
Every time I have ever checked the "Remember Me" box, websites only pre-fill my Username on the next visit. I have NEVER had a case where it auto-filled my password. I use Chrome OS.
Depening on the site, but if you choose Rememeber Me it shouldnt even ask you for the username. It will just like you straight in. That is literally the reason for that checkbox.
please open those emails.
people have to learn the hard way, if they can't learn then so be it. Its 2024, not 1995 anymore
not a great attitude as that makes the was "us" ie the tech savvy people vs the "them" the not so tech savvy. That is not right. It is "us" vs the "hackers". We need to educate not make people feel like they are dumb for not knowing. I don't know anything about my car, so I go to a mechanic. We all don't know everything about everything.
@@LironSegev Sorry dude, but the guy has a point. This is nothing new or sophisticated, it's kids stuff phishing that's been going on unchanged for over 30 years. It's not as if nobody has ever been warned about scam emails, calling it "hacking" merely shifts responsibility for security away from the user and it's a fashionable excuse.
I do repairs etc for a small technoshop with a fairly large catchment area, I get around half a dozen of these cases every year and the first thing I'm told is "my email/bank/card/other online service account has been hacked". My immediate response is "no it hasn't, you've given that information away, now let's see what you did" and generally within 30 minutes we've identified the email they fell for, the red flags in the email, and exactly what the user did to give their information away. The killer question in a lot of these cases, particularly with the fake login/update emails is "Why did it not occur to you to ask yourself why (for example) Microsoft Customer Services has sent you an important update or a login verification request email from a Gmail address?"
As a matter of routine these days I ask my clients if they store their logins on their computer and advise them not to for the very reasons given in the video, very few of them stop doing that even when I tell them I can give them their complete list of logins in 60 seconds and if I can do it anyone can. Every now and again (with the permission of the victim and with their details removed) we highlight one of these emails on the shop's Facebook page along with every detail that shows them to be fake. That appears to have little effect. Finally, for the last 3 years we've run a free Fake Email Checking Service (also featured on the shop's Facebook page), just forward the email to us and we'll check it out. Nobody has used it.
I fully agree with you that the war is against the bad guys and that we need to educate people about them but we also need to recognise that we live in a world where people have to be told that their coffee may be hot and that their nut-based comestibles may contain nuts, and that there are times when the only effective form of education is to call out dumb for what it is and let dumb go do what it wants and suffer the consequences.
While I agree that DO NOT DRINK labels on pain tins kinda tell a story about the people, I am still a big fan of not making it about smarter tech people vs not-so-smart tech people.
It doesn't matter how long we have been educating, I still can not tell a 68-year-old man who just lost his life's saving "Tough shit - now you learned the hard way not to click on links."
An entire generation didn't grow up with tech and is being taken advantage of. And to make them feel stupid for it is just wrong.
It's not how they are wired to think because it's not in their psyche.
There is also an entire set of people where tech is just not their world.
They had no idea about Apple Vision Pro, couldn't give a shit about AI, and have had the same phone for 5 years since it still works.
So when they fall for a scam, are you really going to blame them and not the scammer?
A waiter/ waitress working three jobs trying to survive is the problem because she thought her bank needed her to verify her PIN - so she is the problem because she isn't up to date with all the tech in between her jobs and she is dumb and should suffer the consequences?
Sorry, but I can not get on board with that.
That is why I keep making these videos - in the hope that someone will have a conversation somewhere and they would warn others about whatever scam is going on. We have to keep fighting the threat actors and not the "dumb people who fell for it"
@@LironSegev Thank you for taking the time to reply. To be clear, I'm with you on the tech elitism thing, I've been against it since I started working with and on computers. I tell my clients that what I do isn't sorcery, they can do anything I can, and have talked myself out of a good few dollars by teaching people how to forestall or fix problems. I also don't pile on to people who have lost out as the result of a scam, but for every example you can give of someone who has understandably been scammed I can give one of someone who has been scammed because they don't give a moment's thought to the security of their tech or their information or apply even basic principles of common sense.
Probably the most important lesson I ask my clients to learn is that the security of their tech and information is entirely their responsibility, everyone knows scams exist and everyone has a responsibility to do their best to avoid being scammed. The internet is awash with good advice (including yours) on how not to get scammed, but time and time again we see the results of that information going unsought or unheeded. There will always be one born every minute, and no amount of education will fix that. Depressing, really.
All that said, another good video, I hope it hit the target somewhere, and a belated congrats on a million subs.
true story - you can't fix everyone! Thanks for helping to spread the word and keeping people safe. We can do what we can but can't save everyone unfortunatly.
Appreicate the "chat" 🔥
Does clearing all browser info like cookies make it sufficient?
I'd like to know exactly what "opening" an email is? I use Microsoft Outlook, clicking on an email shows it in the preview panel. Is that "opening" the email? Since Microsoft has shoved Outlook down our throats this is what it does. I used to be abe to just right click an email and mark as junk, now it opens it while trying to mark it as junk.
just having it in your Outlook doesn't mean it is opened. When I say preview is when you click on it so it loads up inside your email without having to double click on it.
He means don't open or click on an ATTACHMENT
4:43 just clear the cookies, easy stuff!
Nope. That only takes care of a tiny fraction of the issue.
But how can they bypass 2 factor authentication, sent to my phone, not email, unless they do a SIMM card swap with my phone provider?
I don't open none of these emails. It gets reported and deleted asap.
Your the Best! Thank you❤
You're welcome 😊
Please share with us, EXACTLY how just opening nd previewing an email can execute the attachment. Because I do not believe that is a fact. It just can not be done. One has to click on the attachment at least.
Preview the attachment not preview the email. Literally said that 2:49
🤦
A technical question: say the virus hides as an mp4 file and you right click and choose "open with Gomplayer". Does the latter have to load the entire file into memory to check whether it's a legit mp4 file? Doesn't it only have to load the first couple of Kb to notice it's not an mp4 file at all?
If that'd be the case, how can the virus get activated?
really depends on the malware - some load immediatly. Others download software in the background without your knowledge. Others are not actually MP4 files but they are the malware.
*If* it is an .mp4 it is _never_ malware and you will _never_ get an infection when you play it by means of File->Open in the .mp4-player.
The problem is, that some .mp4-files may be disguised executable files (like e.g. .exe). If you open it by doubleclick they will get executed imstead of being played in the .mp4 player.
This is different for filetypes that are designed to _contain_ executable code (like .pdf, word, excel, ...). There the code will be executed by the corresponding application. This means you may be infected by those even if you use File -> Open from within the application.
I receive and open daily several files by email for 30 years now (including tons of .pdf and word or excel) and and was _never_ infected. It is all a matter of correct user behavior and correct system configuration. My Windows OS is always set to show file extensions (file types) and e.g. my .pdf reader has the execution of code disabled.
liron got exited and opened it
k
"Google drive or Dropbox won't host malware." That's just not true.
Please show me an incident where it does and doesnt get removed.
@@LironSegev well I'll try again. Since YT won't even allow links to YT. A channel named woodgears had a video from 9 days ago showing how he he got compromised via Dropbox.
ahhh that is different. In this case it was RAR file. Its the same as having a password protected ZIP file. Those systems will not scan those documents for privacy reasons and some technical reasons too.
If you try to download a large file from Google Drive, it will literally tell you on the screen that is will not scan it.
If you get a PDF or a Word document in a cloud storage system, it will scan those first and send you a link so you can view it in the browser.
Then you can download it.
Imagine if you had your confidential information in a zip file and google found a virus in it. People would be outraged at Google for "looking" inside their files.
@@LironSegev can't see who you're replying to, but it sounds like as long as the file is too big or is password protected it could be malware.
@@Plasmacore_V it looks like he deleted his comment. and yes - never download or accept any password-protected files.
👍👍👍
🔥
how does a PDF file contain malicious code?
What about small 11 kb files attachment but still malicious codes will get into computer?
what about them?
@@LironSegev small enough to get virus inside the computer it can be info stealer ?
sir how to keep safe android phone .is google have any file size limit for file scanning on cloud plz answer
thetechieguy.com/ask
i coded a fix for this years ago i dont need to know this lol
Scary
yup
8:35 maybe there's some malware than can bypass google drive and dropbox
there are always hackers who develop systems to bypass security - so its def possible. But if the file is a PDF and not a zip file then this is less of an issue.
You never mentioned that they arent really .mp4 / .png files. It only works against people who have hidden files extensions. The files really are .mp4.exe or .mp4.scr
I do not even open any files someone I know send me, I do not trust anyone
I keep getting a strange google docs share one lately..
if its not somethig you are expecting - delete
@@LironSegev ohh I am well aware.
If we use a password manager, are we still at risk?
Yes. Because a password manager will put the password in for you. If they steal the tokens then they get an already logged into website.
@@LironSegev the password manager makes it easier to re-enter usernames and passwords. What you are saying is that this needs to be combined with logging out of EVERY session. Please correct me if I'm wrong.
How can anything run in preview mode? Unless you open the file.
When you click on a PDF or a Word document - not doulbe click - it opens the document inside your email so you can see it. Malware uses that to trigger.
@@LironSegev OK, but just looking at the email, without clicking or double-clicking on the attachment should not be an issue.
I assume this is a Windows issue, not Linux, which is all I use.
yup - mostly. However, be aware that there are groups who are specifically attacking Linux so its not immune, much like Mac isn't when hackers realized there is value there.
@@LironSegev True, but I still have the habit from my Windows days of never opening an unexpected attachment, and don't do preview in Thunderbird, so it should be cool.
Can you open it in incognito mode?
nope
What if Im using linux?
you are def safer (although there are hackers groups who are specifically targetting Linux too)
you are a great youtuber
appreicate you
Don't open any email ever again
haha lets not get too crazy
If this is true, why doesn't anyone fix it? I just don't believe you.
Who, with any sense, ever clicks "remember me" anyway?? 🤨
Do you logout every single day from your Google account on all your devices? 🤔
I confess that I use "remember me" for my webmails: YahooMail, GMail.
I cannot think of any other sites where I use "remember me".
Thank you Liron the info is much appreciated. Best wishes from Adelaide; South Australia🦘🐨🇦🇺💐
You are so welcome! Still need to make a trip down under
@@LironSegev you really do need to visit many people don’t realise how big Australia is. Look after yourself. 🦘🐨🇦🇺💐