# Administrator rights Large amount of data breaches involves the use of privileged credentials. The best practice is to assign permissions necessary for the specific user. ## Administrative account allows: - Installation of unneccessary software. - Executing potentially malicious programs - Changing Operating system settings intentionally or unintentionally. ## Example scenario Examples scenario is shown below. Screen capture from Win10(users machine) and Linux(scammers machine) are shown in the pictures. - Win10 user downloads legimitate looking program from unknown source and proceeds to install it. Linux machine in the left is listening for incoming connections (Picture 1 & Picture 2.)  #### Picture 1  #### Picture 2 - Now the installation is completed and the program can be run (Picture 3).  #### Picture 3 - As shown in the picture 4, the installation process also executed a reverse https connection to the Linux machine allowing the Linux user access to the Win10 computer.  #### Picture 4