Inside the Mind of the World’s Most Dangerous Hacker: The Simple Trick Cybercriminals Don’t Want You to Know

Oh, the internet—where your next chatty online crush might just be a hacker in desperate need of a hobby! We’ve all chuckled at those poor souls duped by scams as outrageous as a bloke impersonating Gary Barlow (yes, that unforgettable catfish who actually led to a face-to-face with the real deal). But hey, as cyber tricksters get slicker, it’s not just embarrassing fuzzballs falling into their traps anymore; we’re talking about people losing life-changing sums—like a French woman who got conned out of over £700,000 by a Brad Pitt impersonator. Charming, right? Sure, you can spot some scams by that telltale phone phrase (you know the one), but when they slip quietly into your computer, it’s a whole new ballgame. Enter Kevin Mitnick—once the FBI’s most wanted hacker, a man who turned his hacking past into a security consult gig and spills the tea on “spearfishing,” a crafty method that’s less about fishing poles and more about phishing emails designed to fool even the savviest among us. So, before you click anything fishy in your inbox—even if it’s “from” your boss—maybe pause and think: could this be the cyber equivalent of a bad date? Because, trust me, you don’t want to be the catch of the day. LEARN MORE

It’s easy to mock those who fall for online scams but as hackers get more advanced, it leaves a lot of people vulnerable to potentially disastrous consequences.

We will probably never forget the story of the poor woman who was being catfished by a bloke pretending to be Gary Barlow, although at least she didn’t forgo any of her security details or money in the process. She even got to meet the man himself afterwards.

Handsome older celebrities are clearly the go-to for a lot of scammers, as another person impersonated Brad Pitt to exploit over £700,000 from a French woman.

While there are ways you can identify scammers over the phone, particularly if they use one specific phrase, it’s not as easy to do so when they hack into your computer without you knowing.

One of the world’s most infamous hackers once revealed a common method used by those in the business, and it’s one you definitely want to avoid falling for.

US man Kevin Mitnick – who passed away in 2023 aged 59 – built a life and a business out of his previous hacking exploits, even spending five years in prison for his crimes.

He’d become known for hacking into government websites and corporate networks, including Pacific Bell, to steal company data and credit card information.

At one point, he was even branded the most wanted computer hacker in the world by law enforcement.

Mitnick went on to become a security consultant, and shared some details about one of the primary methods of hacking, known as spearfishing.

Kevin Mitnick was once on the FBI’s most-wanted list (Steve Gonzales/Houston Chronicle via Getty Images)

The ‘spearfishing’ scam explained

In an interview published on his website, Kevin wrote: “The primary method of hacking is called spearfishing, a subsect of social engineering. You manipulate the human into giving access to the bad guy. To spearfish, the bad actor does research on the company, its employees, vendors, research, customers, etc.

“Then, they create a false pretext for an email sent to a specific target with internal access. They impersonate someone the target would trust, in order to get them to click on a hyperlink or download an attachment.

“As soon as they do so, a malicious payload gives the bad actor access to that person’s computer and an initial foothold within a company’s system.

“After that initial access, hackers use technical tradecraft to get further and gain access to the data they’re after.”

Scammers are becoming more sophisticated (Getty Stock Photo)

Unless you’re smart enough to keep physical copies of things such as money, passwords and security data rather than digital ones, then you might just survive if someone hacks into your computer.

But if you’re anything like me and all your passwords are pre-loaded (please don’t target me hackers), then you’re probably going to be in some serious trouble if someone gets access.

So, next time your boss sends you an email that you don’t like the look of, maybe don’t click on anything to be on the safe side.