If you're a #nftcollector .. especially one that collects or has high valued #NFTs.. you may want to read this thread carefully..

What exactly is spear phishing?
Spear phish: targeted attack on either an individual or a selected group of individuals. How does it start?
- open source intelligence (OSINT)

What does that mean?
- publicly available sources: Twitter, discord, TikTok, Instagram, GitHub, blogs, shodan, Google, LinkedIn, etherscan

Someone on #NFT spaces asked me about other ways threat actors can gain more user Intel without computer or phone.. Besides Christmas lights? Some toys that have bluetooth can be comprised and threat actors can use to spy or listen in on some conversations..

👇 1. Fisher-Price Chatter bluetooth has no secure pairing process. Threat Actors can exploit this in an audio bug.

Hope everyone had a nice holiday #NFTartist.

Some have asked me a question over the weekend about how threat actors are able to bypass 2FA.

👇 Man-in-the-Middle phishing toolkits:
Session Hijacking

Just trying to push security awareness:

1. The difference between different phishing techniques:

1. phishing: community
2. spear phishing: targeted members of the community 3. whaling: brand owner
4. vishing: by phone
5. smishing: send messages by text
6. Angler phishing: sending direct message within social media
7. Pharming: malicious actors hijack a Domain Name Server (DNS), the server that translates URLs from natural language into IP addresses