May 2024 - Ophtek

The Best Ways to Secure Your Digital Documents

Backup, Data Breach, Data Security, digital documents, Ophtek, password protection, strong passwords, windows encryptionbackup, digital documents, Ophtek, password protection, security, strong passwords, vulnerability, windows encriptionOphtek, LLC

May 2024

Every business relies on digital documents, but the threat of data breaches and cyberattacks mean these documents must be correctly secured.

There are many types of documents a business uses daily such as Word, Excel, PDF, and digital images. All of these can contain sensitive information, and it’s no surprise threat actors want to get their hands on them. Not only can a threat actor use these to compromise other accounts, but they can cause real financial damage with them. Accordingly, it makes sense to secure your organization’s digital documents to keep them safe.

Securing Your Digital Documents

Your business may contain numerous files in different locations, but the good news is that securing all of them is straightforward. Just make sure you follow these best practices:

Password Protection: the simplest way to secure your digital documents is by implementing password protection. A common security measure for decades, passwords put a major barrier in the way of unauthorized access. Not all files can be password protected, but common files such as Microsoft 365 documents and Adobe PDF documents can.
Use Strong Passwords: central to good password protection is strong passwords. Never use passwords which are easy to guess e.g. using “password” or “admin”. Instead, always use passwords which combine upper and lower case characters with numbers and symbols. It’s also recommended that passwords are longer than 8 characters and different passwords should be used for different documents.

Restrict Access: it’s important to remember not every employee needs access to every single file within your organization. Your marketing team, for example, doesn’t need access to your finance team’s documents and vice-versa. Accordingly, you need to restrict access to only those who need it. The best way to achieve this is by setting up ‘restricted’ drives for each team to store their department-specific documents.
Use Windows Encryption: compromised devices present a goldmine of data for threat actors, but it’s possible to avoid this disaster by encrypting your devices. Yes, if you’re running Windows 10/11 Pro or Enterprise versions, it’s possible to encrypt data and provide access only to those with authorization. This is easy to put in place and, if Windows encryption is not available on the device, you may still be able to use BitLocker encryption to encrypt it.
Always Create Backups: in the event of a ransomware attack, your organization could find all of its documents encrypted and inaccessible. This is why creating backups is the surest way to enhance the security of your digital documents. The preferred method for executing this is with the 3-2-1 backup method, as this provides you with multiple copies in different locations. Complete loss of your data is minimized and there’s no need to pay any ransom fees.

Final Thoughts

All it takes is for a single file to be compromised by threat actors to cause major damage, so it’s crucial that you prioritize securing your digital documents. Putting the suggestions above into practice is relatively easy, and it ensures your data remains safe. So, don’t delay, secure your digital documents today and benefit from the peace of mind it provides.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Financial Firms Targeted by JsOutProx Malware

JavaScript Malware, JsOutProx Malware, malicious code, Ophtek, Phishing Email, ScriptSafe for ChromeJavaScript, JsOutProx, malware, Ophtek, phishing, ScriptSafeOphtek, LLC

May 2024

A new phishing campaign, launched in March 2024, has been targeting financial firms all over the world with the JsOutProx banking trojan.

The JsOutProx malware campaign was first detected by Visa, with their Payment Fraud Disruption team sending out security alerts to stakeholders about the threat. So far, the targets of the attack have been based in Africa, South Asia, and the Middle East. The identity of the threat actors behind the attack are currently unknown, but it’s speculated they may be China-based or receiving support from China.

Financial malware always has the potential to cause great damage to organizations and individuals, so it’s important you understand the threat posed by JsOutProx.

The Lowdown on JsOutProx

First detected online in 2019, JsOutProx provides remote access to infected PCs by way of a JavaScript backdoor. This foothold allows threat actors to carry out numerous malicious attacks within the infected system. These include downloading further malware, data harvesting, taking screenshots, executing files, and embedding itself deep within the target. Plugins are utilized to launch these attack methods, an indicator this is a sophisticated piece of malware.

JsOutProx relies on JavaScript to carry out its attacks, and this method has been employed to deceive targets. Whereas many PC users understand the threat of a specific file type – such as a Word document or .exe file – they’re less likely to have knowledge of the threat posed by JavaScript code. Additionally, JavaScript coding is unintelligible to many anti-malware tools, so it has the potential to go undetected by software expected to keep PCs secure.

How is the JsOutProx Attack Launched?

Using phishing email techniques, JsOutProx is distributed through emails purporting to be related to MoneyGram or SWIFT payment notifications. However, far from being from genuine financial institutions, the senders behind these emails only have malicious intentions. Once recipients have fallen for the bait in the phishing emails, the JsOutProx code is activated and allows the threat actors to position themselves within the infected PC. Once installed, JsOutProx adopts a number of functionalities to enhance its position, such as changing DNS settings, editing proxy settings, and bypassing User Account Control detection.

Protect Your PCs from JsOutProx

A significant proportion of internet users have access to online banking services, and this is why JsOutProx has maximized its chances of snaring victims. Thankfully, you don’t have to fall victim to JsOutProx and compromise the security of your PC. All you have to do is make sure you practice the following:

Scrutinize all emails: an email which relates to a payment notification will always grab attention, but it’s vital you scrutinize emails which seem too good to be true. Threat actors will use persuasive and attractive arguments to convince you a suspicious link has to be clicked. However, if you take the time to analyze links in emails – do this by hovering your mouse cursor over them to reveal the true destination of the link – you can quickly minimize your chances of falling victim to malware.

Protect your browsers from scripts: many malware attacks such as JsOutProx rely on scripts to launch their attack within browsers. Therefore, it makes sense to protect your browsers from malicious scripts. Luckily, this is a relatively simple task thanks to ready-made browser plugins such as ScriptSafe for Chrome. These browser extensions protect you by blocking unwanted content and providing alerts against blacklisted sites which are malicious.

For more ways to secure and optimize your business technology, c ontact your local IT professionals.

Monthly Archives: May 2024