PHISHING 4E

IT IS DIFFICULT TO PROTECT  BILLIONS OF DEVICES. WE PROPOSE A METHOD.

IT IS ENOUGH TO FORCE ALL PC TO CONNECT TO ONE SITE ONLY:  THE ONE CONNECTED TO INTERNET.

 HOW TO DEFEAT PHISHING

The possibility of someone falling into error and clicking on a malicious link is endless. Despite all the attempts to train company employees it is too simple to click, and even the best schools have always had dunces, who maybe confused during the lesson.
The solution is to parameterize our computers. Regarding the possibility that there is malware inside the attachments, it is enough to hijack the automatic opening of an attachment based on the file extension. Currently a pdf can be opened automatically by Adobe Reader and a docx by Microsoft Word. If we set an empty text file as the default application for documents that have the most risk of hosting malware, a window is automatically presented in which there is a list of applications compatible with the document, window in which you can choose. The choice time allows to eventually understand that a check must be done, maybe have the document analyzed by the antivirus installed on your computer.
But the most complicated case is to prevent the opening of an internet link. In this case, proceed as follows:


1) Activate a “secure” site where the link of the main internet search browsers, such as Google, is proposed. In WordPress cms it is very easy to set up a link to access another site. Imagine  this site: is called: www.EXAMPLE-ONE.com.

2) Set the Internet access parameters on the browser according to the Parental Control setting, but instead set a black list of sites to set the reference proxy as “none” and set www.EXAMPLE-ONE.com as the site to access independently of the proxy, then You can access www.EXAMPLE-ONE.com.

3) In these conditions, when you click on the Google.com. you  get the answer “No internet access”

4) To remedy the aforementioned problem on the site www.EXAMPLE-ONE.com. there is script code on the server side in PHP that sets an appropriate proxy, so that, when you click on the link “Google.com”, the internet connection is activated and all sites are accessed

5) Advantageously, a black list of sites to be avoided may be added.

6) The problem of the hacker attack is then moved from the internal defence to the company to the defence of www.EXAMPLE-ONE.com.. Tests were done on our sites written in WordPress, but the process must be scaled up, as WordPress itself is a source of vulnerability and therefore www.EXAMPLE-ONE.com could in turn become a gateway to malware. So we suggest following these guidelines.

A) Create a site www.EXAMPLE-TWO.com. in pure HTML5 language, without using cms tools like WordPress or others. The site is quite simple and therefore it could cost from 3,000 to 5,000 euros.

B) Verify that the company building the site has the necessary know-how reguarding computer security, both in terms of password management and users and in software construction.

C) Our VULNER product will be very useful to verify that the developer does not put known or potential vulnerabilities on the site. The problem of the hacker attack is then moved from the internal defence to the company to the defense of www.EXAMPLE-ONE.com.

D) Check that the company that builds the site www.EXAMPLE-TWO.com is certified as a Cyber Security manufacturer.

E) Choose a provider that has a proxy that has the characteristics to respect point D

F) Do not allow others to make updates on www.EXAMPLE-TWO.com, except for the certified company referred to in point D

G) Have the aforementioned company enter the PHP code on the server side that sets the proxy as described in points 4 and D.

H) Use our KEY-PSW-LOCK product in order to change more securely the www.EXAMPLE-TWO.com. passwords, all passwords must be encrypted.

I) Check the correct use of the site www.EXAMPLE-TWO.com. with appropriate network traffic analysis software.
identifying possible fraudulent access.

CONCLUSIONS:

It is not possible to do security without spending a euro, but you can spend a few thousand euros instead of millions of euros and you become independent of the human factor, which many identify as the weak point of the chain of defence against cyber attacks. If there are hundreds of www.EXAMPLE-TWO.com. you can create defensive “forts” against PHISHING, as in our RAMSES software you create defence forts against the RANSOMWARE that m eay even lead to protecting the entire national territory.