Statistics
- Global cybercrime costs are expected to increase by 70% between 2023 and 2028. The costs in 2020 are projected to be four times higher than those in 2028: https://www.statista.com/chart/28878/expected-cost-of-cybercrime-until-2027/
- FBI figures for 2023: https://www.ic3.gov/Media/PDF/AnnualReport/2023_IC3Report.pdf
- Real-time map of cyberattacks – Radware: Live Cyber Attack Threat Map | Radware
- Real-time map of cyberattacks – Check Point: https://threatmap.checkpoint.com/
Social engineering
-
- A book The Art of Invisibility (Kevin Mitnick): https://www.databazeknih.cz/knihy/umeni-klamu-12032
- Hacking conference – DEF CON: https://defcon.org
Attacks and surveillance
- Stolen voter database: https://www.privacyaffairs.com/hacked-voter-records/
- John Oliver sits down with Edward Snowden to discuss the NSA, the balance between privacy and security: https://www.youtube.com/watch?v=XEVlyP4_11M
- Watch This Russian Hacker Break Into Our Computer In Minutes | CNBC: https://www.youtube.com/watch?v=CV39QzFpJx4
- Study – What Android reveals about you: https://lukasbarda.cz/english/studie-co-o-vas-android-naseptava/
- Article about anonymity on the web: https://lukasbarda.cz/english/web-a-anonymita/
- An extreme example of surveillance – China’s social credit system: https://www.youtube.com/watch?v=CLo3e1Pak-Y
- Stuxnet: Cyberattack on Iran’s nuclear program: https://en.wikipedia.org/wiki/Stuxnet
- Podcast Darknet diaries – an episode about NotPetya: https://darknetdiaries.com/episode/54/
- Undesirable AirTag: https://support.apple.com/en-us/119874
- Services and tools to protect your privacy from tracking: https://www.privacytools.io/
Frauds
- On a global scale, the recent case in Hong Kong: https://edition.cnn.com/2024/02/04/asia/deepfake-cfo-scam-hong-kong-intl-hnk/index.html
- Fake kidnappings of children in the USA: https://amp.theguardian.com/us-news/2023/jun/14/ai-kidnapping-scam-senate-hearing-jennifer-destefano
AI
- GenAI hacking: https://gandalf.lakera.ai/
- Prompt ingestion: https://www.youtube.com/watch?v=iUNqFCQPwdg
- Shoulder surfing password: https://www.youtube.com/shorts/e9CfWK-uN44
- AI recorder: https://www.plaud.ai/
- AI grandmother Daisy helps detect fraud (UK): https://www.cbsnews.com/news/ai-grandma-daisy-uk-anti-fraud-scammers-virgin-media-o2/
Fake videos
- Reality check tool: https://realitycheckk.com/
- deepfake CFO: https://edition.cnn.com/2024/02/04/asia/deepfake-cfo-scam-hong-kong-intl-hnk/index.html
- Fake voice: https://elevenlabs.io/
- Fake video: https://app.heygen.com/
- Fake F40 ad retro: https://www.youtube.com/watch?v=yegfPcFKV6U
- Fake F40 ad 2025: https://www.youtube.com/watch?v=K9I_y2S9rKY
- Prague is beatiful English (HeyGen tool) or on YouTube (including AI-generated English subtitles in YouTube Studio)
- Prague is beatiful Japanese (HeyGen tool) or on YouTube (including AI-generated English subtitles in YouTube Studio)
Passwords and two-factor authentication
- Have your login credentials been stolen? https://haveibeenpwned.com/
- Password strength check: https://www.passwordmonster.com/
- The 200 most common passwords: https://nordpass.com/most-common-passwords-list/
- The 10,000 most common passwords: https://en.wikipedia.org/wiki/Wikipedia:10,000_most_common_passwords
- Hardware key YubiKey: https://www.yubico.com/
- Darknet monitoring service: https://www.alerts.bar/
- Article about the second factor: https://lukasbarda.cz/english/vicefaktorova-autentizace-vas-ucet-v-bezpeci/
Malware
- https://www.nomoreransom.org/en/index.html
- A tool to check files and urls: https://www.virustotal.com/
- Zeus trojan malware: https://www.crowdstrike.com/en-us/cybersecurity-101/malware/zeus-malware/
- Backup rule: https://www.starwindsoftware.com/blog/3-2-1-backup-rule-implementation/#fancy-image
Profiles and login
- What Google knows about you: https://myactivity.google.com/
- Gmail security label in App Store: https://apps.apple.com/us/app/gmail-email-by-google/id422689480
- Securing your Facebook profile: https://www.facebook.com/settings?tab=security
- Where you are logged in with your Facebook account: https://www.facebook.com/settings?tab=applications§ion=active
- Security of your Google profile: https://myaccount.google.com/security-checkup/3
- Where you are logged in with your Google account: https://myaccount.google.com/permissions
- Shared credentials: http://bugmenot.com/
- DeleteMe – remove personal information from Google and the internet: Remove Personal Info from Google – DeleteMe
- Incogni – data broker removal service: Data Broker Removal Service | Incogni
- https://amiunique.org/
- A message from Ella: https://www.youtube.com/watch?v=F4WZ_k0vUDM
- Fotoforensics tool: https://www.fotoforensics.com/
- Google vision tool: https://theyseeyourphotos.com/
- Wayback machine: https://web.archive.org/
- Google alerts: https://www.google.com/alerts
More tips, tools and apps
- Open Source Intelligence (OSINT): https://osintframework.com/
- Protect your castle: https://andersontech.com/protect-your-castle/
- Offensive methodology: https://attack.mitre.org/
- Defensive methodology: https://d3fend.mitre.org/
- Sexspionage: https://www.imdb.com/title/tt13879352/
- Phishing test by Google https://phishingquiz.withgoogle.com/
- Omg Cable: https://shop.hak5.org/products/omg-cable
- Sharenting – Why (not) share photos of children online: https://lukasbarda.cz/english/sharenting-fotky-deti-na-site-nepatri/
- Article on how to set up a new mobile phone: https://lukasbarda.cz/english/novy-telefon-naucte-se-ho-spravne-nastavit/
- Ad blocking: https://blokada.org/
- Check a file or website before opening: https://www.virustotal.com/
- Online PDF splitting (use Adobe tools for sensitive files: https://www.ilovepdf.com/
- Online translator: https://www.deepl.com/en/translator
- Google Duplex voice assistant: https://www.youtube.com/watch?v=D5VN56jQMWM
- Boston Dynamics roboti: https://www.youtube.com/watch?v=fn3KWM1kuAw
- Boston Dynamics robots for sale: https://www.alza.cz/search.htm?exps=boston+dynamics
- Lustration of a person in the online space (OSINT tool): https://www.maltego.com/
- DDoS report for 2023: https://blog.cloudflare.com/ddos-threat-report-2023-q3/
- Am I unique: https://amiunique.org/
- Hooked Book: https://www.goodreads.com/book/show/22668729-hooked
- The book Irresistible: https://www.goodreads.com/book/show/30962055-irresistible
- Dokument The Social Dilemma. https://www.netflix.com/title/81254224
- Dokument The Big Hack: https://www.netflix.com/title/80117542
- Black Mirror series, episode Nosedive: https://www.imdb.com/title/tt5497778/
- Documentary Spycraft, episode Sexspionage: https://www.imdb.com/title/tt13879352/
- Long Distance podcast and scam from India (part one): https://gimletmedia.com/shows/reply-all/6nh3wk
- Long Distance podcast and scam from India (part two): https://gimletmedia.com/shows/reply-all/76h5gl
- MY 2022 Olympic App Security Analysis: https://citizenlab.ca/2022/01/cross-country-exposure-analysis-my2022-olympics-app/
- OMG Cable – attack USB cable from Hak5: https://shop.hak5.org/products/omg-cable
- Flipper Zero – a tool for testing devices and networks: https://flipperzero.one/
- Windows Sandbox – secure testing environment: https://learn.microsoft.com/en-us/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-install
- Maltego (tool for lustrating a person’s digital footprint): https://www.maltego.com/
- Maltego (sample output): https://lukasbardacz-my.sharepoint.com/:f:/g/personal/jsem_lukasbarda_cz/Epr5pecyoChIloTINGtzqIUBOD461YCFWjet9HTLVpSf8Q?e=rtsmVB
- HeyGen – AI tool for creating avatar videos: https://app.heygen.com/home
- Microsoft 365 Copilot Chat – AI chat in the enterprise environment: https://m365.cloud.microsoft/chat/
- GPTZero – AI generated text detection: https://app.gptzero.me/
- Google Alerts – watch for new content online: https://www.google.com/alerts
- Bug Hunters – rewards for found bugs (Google): https://bughunters.google.com/
- The 3-2-1 backup strategy: https://www.techtarget.com/searchdatabackup/definition/3-2-1-Backup-Strategy
- What to do after losing your Facebook account: https://lukasbarda.cz/english/ukradli-mi-facebook-ucet-co-ted/
- Barbie app: https://www.barbieselfie.ai/
Bank of icons and photos
- Iconfinder – icons and graphic elements: https://www.iconfinder.com/
- Dreamstime – paid photographs and illustrations: https://www.dreamstime.com/
- iStock – professional photos and vectors: https://www.istockphoto.com/
- Unsplash – photos for non-commercial and commercial use: https://unsplash.com/ (free)
Alternatives to Google services
- Alternative applications: https://lukasbarda.cz/english/alternativy-ke-sluzbam-a-aplikacim-zdarma/
- DuckDuckGo search engine: https://duckduckgo.com/
- Brave browser: https://brave.com/
- Vivaldi browser: https://vivaldi.com/
- Tor browser: https://www.torproject.org/
- Proton email: https://proton.me/cs/mail
- Mullvad VPN and browser: https://mullvad.net/en
- Session (anonymous messenger with encryption): https://getsession.org/
How much is our data worth (available on the Darknet)
- Internet banking login details cost an average of $40
- Credit card details, including related data, cost $14–30
- Hacked Facebook account: $35