'World's most dangerous hacker' shared common method used by 'bad guys' that can have major consequences

It's easy to mock those who fall for online scams but as hackers get more advanced, it leaves a lot of people vulnerable to potentially disastrous consequences.

We will probably never forget the story of the poor woman who was being catfished by a bloke pretending to be Gary Barlow, although at least she didn't forgo any of her security details or money in the process. She even got to meet the man himself afterwards.

Handsome older celebrities are clearly the go-to for a lot of scammers, as another person impersonated Brad Pitt to exploit over £700,000 from a French woman.

While there are ways you can identify scammers over the phone, particularly if they use one specific phrase, it's not as easy to do so when they hack into your computer without you knowing.

One of the world's most infamous hackers once revealed a common method used by those in the business, and it's one you definitely want to avoid falling for.

US man Kevin Mitnick - who passed away in 2023 aged 59 - built a life and a business out of his previous hacking exploits, even spending five years in prison for his crimes.

He'd become known for hacking into government websites and corporate networks, including Pacific Bell, to steal company data and credit card information.

At one point, he was even branded the most wanted computer hacker in the world by law enforcement.

Mitnick went on to become a security consultant, and shared some details about one of the primary methods of hacking, known as spearfishing.

Kevin Mitnick was once on the FBI's most-wanted list (Steve Gonzales/Houston Chronicle via Getty Images)

The 'spearfishing' scam explained

In an interview published on his website, Kevin wrote: "The primary method of hacking is called spearfishing, a subsect of social engineering. You manipulate the human into giving access to the bad guy. To spearfish, the bad actor does research on the company, its employees, vendors, research, customers, etc.

"Then, they create a false pretext for an email sent to a specific target with internal access. They impersonate someone the target would trust, in order to get them to click on a hyperlink or download an attachment.

"As soon as they do so, a malicious payload gives the bad actor access to that person’s computer and an initial foothold within a company’s system.

"After that initial access, hackers use technical tradecraft to get further and gain access to the data they’re after."

Scammers are becoming more sophisticated (Getty Stock Photo)

Unless you're smart enough to keep physical copies of things such as money, passwords and security data rather than digital ones, then you might just survive if someone hacks into your computer.

But if you're anything like me and all your passwords are pre-loaded (please don't target me hackers), then you're probably going to be in some serious trouble if someone gets access.

So, next time your boss sends you an email that you don't like the look of, maybe don't click on anything to be on the safe side.