{"id":16527,"date":"2024-01-03T16:31:18","date_gmt":"2024-01-03T13:31:18","guid":{"rendered":"https:\/\/authtake.com\/?p=16527"},"modified":"2024-01-03T16:35:48","modified_gmt":"2024-01-03T13:35:48","slug":"our-data-is-an-ocean-hackers-are-a-fisherman-what-is-whaling","status":"publish","type":"post","link":"https:\/\/authtake.com\/tr\/our-data-is-an-ocean-hackers-are-a-fisherman-what-is-whaling\/","title":{"rendered":"Verilerimiz Bir Okyanus, Hackerlar Bir Bal\u0131k\u00e7\u0131: Balina Av\u0131 Nedir?"},"content":{"rendered":"
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

<\/p>\n

Bir okyanus d\u00fc\u015f\u00fcn\u00fcn\u2026 Sonsuzlu\u011fa uzanan, g\u00f6ky\u00fcz\u00fcnden mavili\u011fini alan ve binbir t\u00fcrl\u00fc canl\u0131ya ev sahipli\u011fi yapan. Bu okyanus \u00f6yle bir okyanus olsun ki, i\u00e7inde ya\u015fayan canl\u0131lar s\u00fcrekli \u00e7o\u011fals\u0131n ve bu \u00e7e\u015fitlilik bir\u00e7ok bal\u0131\u011f\u0131 kendine \u00e7eksin. Buraya kadar her \u015fey m\u00fckemmel g\u00f6r\u00fcn\u00fcyor \u00f6yle de\u011fil mi? Peki g\u00fcvenli oldu\u011fu san\u0131lan bu koca okyanusta tekneleriyle gezmeye ba\u015flayan bal\u0131k\u00e7\u0131lar ortaya \u00e7\u0131kt\u0131\u011f\u0131nda neler olur? Hadi gelin, verilerimizle olu\u015fturdu\u011fumuz okyanusta bal\u0131k\u00e7\u0131larla yani bilgilerimizi avlamaya \u00e7al\u0131\u015fan hackerlarla ba\u015fa \u00e7\u0131kabilmenin yollar\u0131na birlikte g\u00f6z atal\u0131m\u2026<\/p>\n

\u00a0<\/p>\n

Balina Av\u0131 Nedir? Balina Av\u0131 Sald\u0131r\u0131lar\u0131 Kimleri Hedefler?<\/strong><\/p>\n

\u00a0<\/strong><\/p>\n

Bir\u00e7o\u011fumuz ki\u015fisel verilerini belirli ama\u00e7lar i\u00e7in farkl\u0131 web siteleriyle payla\u015f\u0131yor. Ad, soyad, do\u011fum tarihi, adres bilgileri, telefon numaralar\u0131 ve hatta kredi kart\u0131 \/ banka kart\u0131 bilgileri\u2026 Amac\u0131 d\u0131\u015f\u0131nda i\u015flenebilen ve kopyalanabilen ki\u015fisel verilerimiz sadece gizlice yap\u0131lan siber sald\u0131r\u0131lar\u0131n de\u011fil, bizlerle birebir ileti\u015fime ge\u00e7ilerek uygulanan doland\u0131r\u0131c\u0131l\u0131k y\u00f6ntemlerinin de bir par\u00e7as\u0131d\u0131r. Balina av\u0131, kimlik av\u0131 sald\u0131r\u0131lar\u0131ndan biri olarak kar\u015f\u0131m\u0131za \u00e7\u0131kar. Bu y\u00f6ntemde kurumlar\u0131n veya b\u00fcy\u00fck \u015firketlerin \u00fcst d\u00fczey y\u00f6neticileri hedef al\u0131n\u0131r. \u201cWhaling\u201d olarak da rastlayabildi\u011fimiz bu kavram asl\u0131nda hedef al\u0131nan ki\u015fileri bir eyleme s\u00fcr\u00fcklemek i\u00e7in at\u0131lan yemleri ifade eder. Siber g\u00fcvenlik \u00f6nlemleri almayan kurumlar, \u015firketler ve ki\u015filer, balina av\u0131na yakalanmaya \u00e7ok m\u00fcsaittirler. Bu y\u00f6ntemde k\u00f6t\u00fc niyetli doland\u0131r\u0131c\u0131lar, kimlik g\u00fcvenli\u011fi duvar\u0131n\u0131 a\u015farak elde etti\u011fi bilgilerle CEO\u2019lara me\u015fru g\u00f6z\u00fcken e-postalar veya k\u0131sa mesajlar g\u00f6ndererek para talep edebilirler. Hedefleri daha b\u00fcy\u00fck olan avc\u0131lar ise ki\u015filerin banka hesaplar\u0131n\u0131 ele ge\u00e7irmek i\u00e7in sahip olamad\u0131\u011f\u0131 bilgileri \u00f6\u011frenmek i\u00e7in harekete ge\u00e7ebilir.<\/p>\n

\u00a0<\/p>\n

Balina av\u0131nda profesyonel bir \u015fekilde kamufle olmay\u0131 ba\u015faran sald\u0131rganlar, genelde CEO\u2019lar\u0131n ortaklar\u0131ndan veya g\u00fcvendikleri \u00e7al\u0131\u015fanlar\u0131ndan biri gibi g\u00f6r\u00fcn\u00fcrler. Bunu yapmak sand\u0131\u011f\u0131n\u0131z kadar zor de\u011fil\u2026 Basit bir harf de\u011fi\u015fikli\u011finden yararlanmak, akla gelebilecek en basit yoldur. Bunun yan\u0131nda e-posta sistemlerinde uygulanan mail adresini ki\u015finin ismiyle ili\u015fkilendirme uygulamalar\u0131ndan da yararlan\u0131rlar. B\u00f6ylece yo\u011fun bir i\u015f g\u00fcn\u00fcnde \u00fcst d\u00fczey y\u00f6neticilere iletilen mail, kendi muhasebecisinden veya \u00f6deme yapmas\u0131 gereken birinden gibi g\u00f6r\u00fcnebilir. B\u00f6ylece hedef al\u0131nan ki\u015filer, kendi istekleriyle eyleme ge\u00e7erler ve s\u00f6ylenen talimat\u0131 yerine getirirler. Kendi iste\u011fiyle para transferi veya bilgi payla\u015f\u0131m\u0131nda bulunan ki\u015filer, balina av\u0131na yakaland\u0131klar\u0131n\u0131 anlad\u0131klar\u0131nda ise her \u015fey i\u00e7in \u00e7ok ge\u00e7 olur\u2026<\/p>\n

\u00a0<\/p>\n

Kimlik G\u00fcvenli\u011finde AuthTake Ayr\u0131cal\u0131klar\u0131\u00a0\u00a0\u00a0\u00a0 <\/strong><\/p>\n

\u00a0<\/strong><\/p>\n

\u00dczerinde durdu\u011fumuz balina av\u0131, kimlik g\u00fcvenlik a\u00e7\u0131klar\u0131ndan yararlan\u0131lan sald\u0131r\u0131lardan sadece bir tanesidir. Kimlik bilgilerinin ise her zaman \u00f6zg\u00fcr irade ile payla\u015f\u0131lmad\u0131\u011f\u0131 ortada... Siber g\u00fcvenlik \u00f6nlemlerinin al\u0131nmad\u0131\u011f\u0131 her g\u00fcn, verilerinizin izniniz olmadan kopyalanmas\u0131 ve ele ge\u00e7irilmesi m\u00fcmk\u00fcn hale geliyor. AuthTake ise size hem kimlik hem de eri\u015fim y\u00f6netimi konusunda profesyonel destek sa\u011fl\u0131yor. \u00d6rne\u011fin e\u011fer bir \u00fcst d\u00fczey y\u00f6netici iseniz m\u00fc\u015fterilerinizin, \u00e7al\u0131\u015fanlar\u0131n\u0131z\u0131n ve i\u015f ortaklar\u0131n\u0131z\u0131n eri\u015fimlerine dair de kontrolleri sa\u011flayabilece\u011finiz \u00e7\u00f6z\u00fcm \u00f6nerileri sunuyor. \u00c7ok fakt\u00f6rl\u00fc kimlik do\u011frulama (MFA) size, QR Kod ile giri\u015f, biyometrik y\u00fcz tan\u0131ma sistemi, tek kullan\u0131ml\u0131k parola gibi alternatifler yarat\u0131rken parolal\u0131 giri\u015flere oranla hesaplar\u0131n\u0131z\u0131n \u00e7al\u0131nma riskini b\u00fcy\u00fck bir oranda azalt\u0131yor. Buna ek olarak, Risk Tabanl\u0131 Kimlik Do\u011frulama sistemi sayesinde eri\u015fim talep eden kullan\u0131c\u0131lar\u0131n tehdit olu\u015fturup olu\u015fturmad\u0131\u011f\u0131na y\u00f6nelik taramalar da ger\u00e7ekle\u015ftiriliyor. B\u00f6ylece sistemlerinize giri\u015f yapmaya \u00e7al\u0131\u015fan yabanc\u0131 kullan\u0131c\u0131lar erkenden tespit ediliyor ve kimlikleri farkl\u0131 se\u00e7eneklerle do\u011frulanmaya \u00e7al\u0131\u015f\u0131yor. AuthTake ayr\u0131cal\u0131klar\u0131ndan biri de kurumunuzun veya \u015firketinizin ihtiya\u00e7lar\u0131na y\u00f6nelik kimlik ve eri\u015fim y\u00f6netimi alternatiflerinin aras\u0131ndan en uygununu se\u00e7me \u015fans\u0131n\u0131z oluyor.<\/p>\n

<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\tBize Ula\u015f\u0131n<\/span>\n\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"

Think of an ocean… It extends to infinity, takes its blue from the sky, and hosts thousands of living creatures. Let this ocean be such an ocean that the living creatures living in it will constantly multiply and this diversity will attract many fish. Everything looks perfect so far, doesn’t it? So what happens when fishermen start sailing with their boats in this huge ocean that is thought to be safe? Let’s take a look at ways to deal with fishermen, that is, hackers who try to hunt our information, in the ocean we create with our data… \u00a0 What is Whaling? Who Do Whaling Attacks Target? \u00a0 Many of us share our personal data with different websites for specific purposes. Name, surname, date of birth, address details, phone numbers and even credit card details… \u00a0Our personal data, which can be processed and copied for purposes other than its intended purpose, is not only a part of cyber-attacks carried out secretly, but also of fraud methods applied by contacting us one to one. Whaling is one of the phishing attacks. This method targets senior executives of organizations or large companies. This concept, which we can also come across as “phishing”, actually refers to the bait thrown to drag the targeted people into an action. Institutions, companies and individuals who do not take cyber security measures are very vulnerable to be caught in whaling. In this method, malicious swindlers can request money by sending legitimate-looking emails or text messages to CEOs with the information they obtained by bypassing the identity firewall. Hunters with larger targets may take action to obtain information that people do not have in order to take over their bank accounts. \u00a0 Attackers who manage to camouflage themselves professionally usually appear to be partners or trusted employees of CEOs. Doing this is not as difficult as you think\u2026 Taking advantage of a simple letter change is the simplest way imaginable.\u00a0 They also benefit from the practice of associating a mail address with a person’s name, as implemented in e-mail systems. So on a busy workday, an email to senior executives can look like it’s from their accountant or someone they need to pay. Thus, the targeted people voluntarily take action and carry out the instructions. When people who voluntarily transfer money or share information realize they’ve been caught in a whale hunt, it’s too late… \u00a0 AuthTake Privileges in Identity Security\u00a0\u00a0\u00a0\u00a0 \u00a0 The whaling that we are talking about is just one of the attacks that exploit identity vulnerabilities. It is clear that identity information is not always shared freely… Every day that cybersecurity measures are not taken, it becomes possible for your data to be copied and intercepted without your permission. AuthTake provides you with professional support for both identity and access management. For example, if you are a senior manager, it offers solutions that you can control the access of your customers, employees and business partners. Multi-factor authentication (MFA) gives you alternatives such as QR Code login, biometric facial recognition, one-time passwords, and greatly reduces the risk of your accounts being stolen compared to password logins. In addition, thanks to the Risk-Based Authentication system, users requesting access are scanned to see if they pose a threat. With this way, foreign users trying to log in to your systems are detected early and their identities are verified with different options. One of the privileges of AuthTake is the chance to choose the most suitable identity and access management alternative for the needs of your organization or company. Since 2022, when phishing attacks based on credentials increased by 61%, protection from cyberattacks is of great importance for both individuals and organizations. If you want to take shelter in the safe harbor of AuthTake to escape from the nets and rods of fishermen in this huge ocean we created with our data, you can contact with us. Contact Us<\/p>","protected":false},"author":4,"featured_media":16532,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[],"_links":{"self":[{"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/posts\/16527"}],"collection":[{"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/comments?post=16527"}],"version-history":[{"count":5,"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/posts\/16527\/revisions"}],"predecessor-version":[{"id":16533,"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/posts\/16527\/revisions\/16533"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/media\/16532"}],"wp:attachment":[{"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/media?parent=16527"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/categories?post=16527"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/tags?post=16527"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}