APK File Fraud is Rampant, Cyber Experts Recommend Changing All Passwords and Activating 2FA
Cyber security expert Bruce Hanadi.
– Cyber security expert Bruce Hanadi said that the Indonesian people's cyber culture in accessing digital systems is still vulnerable to being hacked by hackers. Bruce explained that one of the cyber cultures that most gadget users in Indonesia do is being lazy about changing their passwords regularly.
"Many of us are lazy about changing our passwords. We never change our passwords for a year or even our whole life," he said in a podcast broadcast on the YouTube channel 'Kasi Solusi' which aired, Thursday (14/9/2023).
"What's worse is that they use the same password on all devices for all .id users because they don't want to think about it," he continued. Furthermore, the man who is the Chief Information Security Officer of snc.id also revealed that many people create passwords with combinations of words or numbers that are easy to guess.
"As soon as one is caught, they are all found out, he just guesses each one and the password is one that is easy to guess, the name of the spouse or partner's name, the name of the child, the car number, that must be avoided. That is what is called cyber culture," he concluded.
Responding to the many cases of fraud using APK files using various methods such as wedding invitations, package couriers, traffic tickets and BPJS bills which can hack personal data and drain accounts, saying it is malware.
"We call it malware, evil software, APK, viruses and so on. It can be packaged into any file, in the form of docs, xls, pdf, jpg, bmg, whatever you want," he explained.
Bruce explained that first aid for device users who have already clicked on a link containing a virus APK file is to change all passwords.
"Change all the passwords you remember. If you click on WhatsApp, change your WhatsApp password, you must also change your e-mail password, change your e-banking password, all if possible," he said.
He also discussed how hackers work in hacking information. By clicking on the APK file link, continued Bruce, the system will automatically send a number of data to a certain server including the password for hackers to later try to hack.
"Usually it is automatic (sending data) so it will send to a certain server, the data from here, that's why you should replace the data that has been sent in a hurry, because your old password will be sent, it will take 3 - 4 seconds to send it," he said.
"My suggestion is to change the password and also one of the steps to prevent attacks from hackers, as much as possible activate 2FA or Two-Factor Authentication (for example, tokens, or Google 2FA) which provides information in the form of validation on the user's cellphone to do somethingor by sending an OTP to the user's cellphone)," he said.
SNC's collaboration with the kasi Solusi podcast received a positive response from netizens, because the experiences shared by the sources were new and important knowledge for them.
SNC itself is a security and connectivity services company with a team of experts and experience to help business security from cyber attacks in Indonesia.
Penipuan File APK Marak, Pakar Siber Sarankan Ganti Semua Password dan Aktifkan 2FA
Ahli keamanan siber Bruce Hanadi.
– Ahli keamanan siber Bruce Hanadi mengatakan budaya siber masyarakat Indonesia dalam mengakses sistem digital, masih rentan diretas hacker. Bruce menjelaskan, salah satu budaya siber yang paling banyak dilakukan sebagian besar pengguna gawai di Indonesia adalah malas mengganti password secara berkala.
"Banyak dari kita yang males ganti password. Password itu kita satu tahun bahkan seumur hidup nggak pernah ganti," ujarnya dalam sebuah tayangan podcast di channel YouTube 'Kasisolusi' yang tayang, Kamis (14/9/2023).
"Lebih parah lagi mereka memakai satu password yang sama di semua device di semua user .id karena nggak mau mikir," lanjutnya. Lebih jauh pria yang merupakan Chief Information Security Officer snc .id itu juga mengungkap banyaknya masyarakat yang membuat password dengan kombinasi kata atau nomor yang mudah ditebak.
"Begitu ketahuan satu, ketahuan semua, dia tebak aja satu-satu itu dan passwordnya itu pakainya yang gampang ditebak nama spouse atau nama pasangan, nama anak, nomor mobil, itu harus dihindari. Itu yang namanya cyber culture," pungkasnya.
Menanggapi banyaknya kasus penipuan menggunakan file APK dengan berbagai modus seperti undangan pernikahan, kurir paket, surat tilang hingga tagihan BPJS yang dapat meretas data pribadi hingga menguras rekening di mengatakan hal tersebut merupakan malware.
"Kita bilangnya malware ya, software yang jahat, APK, virus dan lainnya. Itu bisa dipacking ke file apa saja bisa dalam bentuk docs, xls, pdf, jpg, bmg, apapun yang anda mau," paparnya.
Bruce menjelaskan pertolongan pertama bagi pengguna gawai yang terlajur mengeklik tautan berisi file APK virus adalah dengan mengganti semua password.
"Ganti semua password yang anda ingat. Kalau Anda kliknya di WhatsApp, password WhatsApp anda ganti, password e-mail juga harus Aanda ganti, password e-banking Anda ganti, semua kalau bisa," katanya.
Ia juga mengupas cara kerja hacker dalam meretas informasi. Dengan mengeklik tautan file APK, lanjut Bruce, maka sistem akan secara otomatis mengirim sejumlah data ke server tertentu termasuk password untuk nantinya dicoba untuk diretas oleh hacker.
"Biasanya otomatis (mengirim data) jadi dia akan mengirim ke server tertentu, data-data dari sini, that's why data-data yang sudah dikirim buru-buru Anda ganti, karena password lama Anda akan dikirim, 3 - 4 detik akan terkirim," ujarnya.
"Saran saya mengganti password dan juga salah satu langkah pencegahan terjadinya serangan dari hacker, sebisa mungkin mengaktifkan 2FA atau Two-Factor Authentication (contohnya seperti token, atau google 2FA) yang memberikan informasi berupa validasi di handphone pengguna untuk melakukan sesuatu atau dengan ngirim OTP ke handphone pengguna)," ungkapnya.
Kolaborasi SNC dengan podcast kasisolusi mendapat respon positif netizen, karena engalaman yang dibagikan narasumber merupakan pengetahuan baru dan penting bagi mereka.
SNC sendiri merupakan perusahaan layanan keamanan dan connectivity dengan tim ahli dan berpengalaman untuk membantu keamanan bisnis dari serangan siber di Indonesia.
Post a Comment