4 Ways to Tell If You’re Being Phished

Cyber Attack, Hacking, malware, Password Security, Phishing, Phishing Email, Ransomware, Security, Security Threats, , , , ,
25
Sep 2018

Phishing is big business for hackers and you can rest assured that it’s a niche they’re keen to exploit, but how do you know when you’re being phished?

Kaspersky Lab reported around 246 million phishing attempts being executed in 2017, so it’s fairly clear that phishing is taking place on a monumental scale. And, to provide a little perspective, those 246 million phishing attempts are only the ones that were picked up by Kaspersky’s software. If you factor in all the other security providers’ data then you’re left with a staggering amount.

Phishing, therefore, is something that you’re likely to encounter and, the truth is, your organization is likely to receive a significant number of phishing emails every day. Thankfully, protecting your business from the dangers of phishing emails is relatively easy. And, to help boost your defenses, we’re going to show you four ways to tell if you’re being phished.

1.  Analyze the Email Address

While it’s straightforward to mask an email address with a false one, many hackers simply don’t bother. And that’s why you’re likely to find that most phishing emails are sent from unusual email addresses. Say, for example, you receive an email from your bank asking you to provide sensitive information regarding your account, it’s not going to come from a Hotmail address, is it? However, many people fail to check the sender’s email address and, instead, become distracted by the seemingly genuine contents.

2.  How’s the Grammar?

A tell-tale sign of a phishing email is poor grammar and even worse spelling. Hackers, after all, aren’t too bothered about honing their command of the written word. All they want to do is hack and hack big. Accordingly, their emails will fail to contain the type of language you would expect to receive from a work colleague or another organization. So, remember: if they can’t spell your name in their opening introduction then you should be highly suspicious.

3.  Did You Ask For Those Attachments?

Hackers love to catch their victims out with attachments that contain a nasty payload, so any attachments should always be treated with caution. Sometimes these attachments can be easily identified as malicious, but it’s not always simple. First of all, ask yourself whether the attachment is relevant to your job. If you work in the service department and you’ve been sent a spreadsheet relating to company finances then there’s no need for you to open it. Secondly, keep an eye out for file extensions you don’t recognize as opening these could easily lead to executing malware.

4.  Deceptive Links

One of the main objectives of a phishing email is to take the recipient away from the security of their PC and onto dangerous websites which are riddled with malware. And the best way they can do this is through the use of a deceptive link. While a link may look genuine on the surface, it can easily direct you somewhere else altogether. The best way to verify a link’s true destination is by hovering your mouse cursor over the link to reveal the true URL address.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

How Did the DNC Get Hacked by Phishing Emails in 2016?

Cyber Attack, email links, Hacking, malware, Password Security, Phishing, Phishing Email, Security, , ,
18
Sep 2018

You may think that political parties understand the need for good security, but back in 2016 the DNC suffered a major hack due to phishing emails.

Thanks to a sustained attack, Russian hackers were able to infiltrate email accounts of those involved within Hilary Clinton’s campaign to become president of the United States. And, as you know, the rest is history. However, not many people are aware of exactly how the DNC got hacked so extensively that highly sensitive information was obtained and then leaked to the public.

Although not every single detail has been revealed, we know enough that the hack was, in relative terms, a fairly simple execution. Naturally, you’re unlikely to be targeted by the same people who are involved in political attacks, but their methods are likely to be similar. Therefore, we’re going to take a look at how the DNC was hacked by phishing emails, so you can understand how to avoid it.

Phishing for DNC Secrets

The hack began on March 10th, 2016 and involved a batch of heavily disguised emails, which appeared to be sent by Google, being sent to key members of Hilary Clinton’s campaign team. These emails purported to be advising the recipients that their passwords needed changing in order to strengthen their security. However, the links contained within these emails sent users to a malicious website where strengthening security was the last thing on their mind. With these email accounts compromised, the hackers were then able to access private contact lists held within them.

Within a day, the hackers had access to confidential email addresses for key targets within the DNC campaign. And, almost immediately, the hackers began to send phishing emails to these email addresses in order to work their way higher up the chain of command. Despite the presence of two-factor authentication, the hackers’ persistence paid off as they eventually managed to breach the defenses of John Podesta, chairman of the DNC’s campaign. This email account, alone, provided access to 50,000 confidential emails.

This assault is believed to have been organized and orchestrated by the Russian cyber-espionage organization known as Fancy Bear. Despite accessing such a huge amount of emails from Podestra, Fancy Bear intensified their hacking campaign and this led to security experts becoming suspicious of methods being employed to dupe Google’s spam filter into accepting malicious emails into the inboxes of DNC targets. The clean-up operation, however, was too late and Podestra’s breached emails were soon published on Wikileaks.

Be Clever, Don’t Get Phished

The 2016 attack on the DNC is probably the most famous, and damaging, phishing attack in cyber-history. Simply due to a few members of staff clicking malicious links, an entire election campaign was brought to its knees. Reinforcing good email security, therefore, remains a crucial practice for any organization in modern business. Even with millions of dollars of security in place, the DNC fell victim to a simple phishing scam and, next time, it could easily be your organization.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

What Should You Do When You Receive a Phishing Email?

Hacking, malware, Phishing, Phishing Email, Security, Security Threats, , , ,
11
Sep 2018

Phishing emails are the scourge of our inboxes and there seem to be more and more each week, so what should you do when you receive a phishing email?

The aim of phishing emails is for the sender of said emails to obtain sensitive information from the recipient. This goal is realized by cleverly disguising the email to make it look as genuine as possible and, therefore, gain the recipient’s trust. Data targeted by phishing emails usually relates to sensitive details including login details and passwords. And this data leakage can cause serious harm to businesses with the average cost of a phishing attack on a medium sized business costing around $1.6 million.

No organization that wants to remain productive and competitive wants to deal with the chaos of a phishing attack, so we’re going to take a look at what you should do when you receive a phishing email.

Do Not Open Phishing Emails

The best way to avoid the dangers of phishing emails is very simple: Don’t open them! This, of course, is easier said than done as phishing emails have become incredibly sophisticated over the years e.g. spoofing email addresses. However, if for any reason whatsoever you do not recognize an email address or there’s something unusual about the email subject then it’s always best to err on the side of the caution. Instead, move the cursor away and get your IT team to investigate it before going any further.

Leave Links Well Alone

Opening a phishing email isn’t enough, on its own, to activate the malicious payload, but it’s very simple to do so. Phishing emails often contain links which, once clicked, send the user to malicious websites where malware is automatically downloaded to the user’s PC. This malware is usually very discreet and is able to run silently in the background where it is able to log keystrokes or even take control of the user’s PC. So, remember: if you don’t recognize the sender of an email, it’s crucial that you never click their links.

Don’t Respond

Phishing emails will often try to gain your trust by establishing a connection, so you need to be mindful of these deceptive tactics. By hitting the reply button, for example, you’re demonstrating to the hacker that not only is your email account active, but that you’re willing to engage. And, if a phone number is provided, never ever ring it as it will involve further social engineering and potentially a very high phone charge to a premium member. It may be tempting to respond, but always say no and move away from engaging.

Report the Email

Any form of hacking represents a serious threat to the security of your organization, so it should be every employee’s duty to report a phishing email as soon as possible. This allows your IT team to analyze the email and its contents before taking action. This could be as simple as deleting it securely or telling you that, actually, it’s safe to open. Ultimately, shared knowledge allows your entire organization to stay on top of phishing emails, so, even if you’ve clicked something you shouldn’t have, report it immediately.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

4 Questions You Should Ask Before Clicking an Email Link

Cyber Attack, cyber attacks, email links, malware, Phishing, Ransomware, security, Security
14
Aug 2018

We receive so many emails in business now that they’re a keen target for hackers. As a result, your organization needs to be more wary than ever with email.

The most common way for a hacker to take advantage of emails is by loading them with malicious links. These can be used to extract personal information, activate ransomware or send users to dangerous websites. And these emails are more than likely hitting your organization every day. Whilst the majority of emails with links embedded in them are genuine, it only takes one rogue email to cause severe problems.

To help you avoid the wrath of hackers, we’ve put together four questions you should ask before clicking an email link.

  1. Do You Recognize the Sender?

Trust is crucial when it comes to dealing with links contained within emails. If you don’t recognize the sender then the link should definitely be treated with caution as it could easily be a malicious link. Emails from work colleagues should be more trustworthy, but it’s always possible that their email account has been hijacked. So, even if you recognize the sender, there are still plenty of questions you need to ask.

  1. Does the Link Look Genuine?

If you received an email advising you to visit the Ophtek website then it would look something like www.ophtek.com or ophtek.com. However, if a hacker is trying to trick you into visiting a malicious website then the link may read slightly different e.g. ophtek.org or ophteksupport.com. If you’re ever unsure about the URL listed in a link then try Googling the URL and see whether it brings up a genuine website.

The other factor to look out for is whether the link written in the email is genuine. While the link could say www.ophtek.com the actual destination contained within the link could be completely different. Thankfully, you can double check this by hovering your cursor over any email link to display a popup window that lists the genuine destination.

  1. Do You Even Need to Click the Link?

A high number of malicious links prey on our worries, so, for example, emails that claim your bank account has been hacked are very common. The email will usually contain a link that promises to start an authentication process to secure your account, but these links are never genuine. More often than not, the email will reference a bank that you don’t even have an account with, so there’s absolutely no need to click any links inside it.

  1. Why is it a Shortened Link?

Shortened links may save space in emails, but there’s no reason why they should be used in business emails. More importantly, shortened links – provided by platforms such as Bit.ly and Goo.gl – are yet another way that hackers can disguise the destination of a link. Shortened links are particularly difficult to judge as, even if you hover your cursor over them, it’s impossible to tell where they will send you. Help is at hand, though, from platforms such as CheckShortURL which can expand shortened links to show their true destination.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Hide ‘N Seek Botnet Threatens the Internet of Things

Cyber Attack, Hacking, Internet of things, IOT, malware, Password Security, Security, Security Threats, , ,
08
Mar 2018

The Internet of Things (IoT) has a new security threat and this time it uses peer-to-peer communication to spread, infect and compromise devices.

In January 2018, security researchers working for Bit-defender discovered a new botnet which, although not related, has similarities to the Reaper botnet. Originally infecting just 12 IoT devices, the Hide ‘N Seek botnet had soon amassed over 32,000 IoT devices by the end of the month. With the ability to steal data, take control of the device and run malicious code, Hide ‘N Seek represents a serious threat.

Understanding new and emerging threats to IoT devices is crucial if you want to protect your organization’s network, so it’s time to investigate Hide ‘N Seek a little closer.

Hide ‘N Seek is No Game

A brand of IP camera manufactured in South Korea appears to be the initial infection source for Hide ‘N Seek, but the botnet is actively attacking other IoT devices. Using randomly generated IP addresses, Hide ‘N Seek attempts to connect to any devices listed against these addresses. If the botnet succeeds in connecting then it either uses default login/password combinations to gain access or performs a brute force attack using a dictionary list to crack the login credentials.

With access obtained, Hide ‘N Seek analyses the device to discover any potential vulnerabilities such as the ability to download malware or launch DDoS attacks. The remote botnet hacker also has the option of executing any command they wish on the infected device; this option provides them with the chance to steal any files they wish. The capabilities of Hide ‘N Seek are clearly advanced and innovative, but what’s even cleverer is that it appears to be constantly redesigning itself to minimize detection.

Communication between the infected devices is made possible by the peer-to-peer network at the heart of Hide ‘N Seek. Using peer-to-peer software for hacking is nothing new, but previous methods have always involved modifying existing torrent software. Hide ‘N Seek is taking hacking to a new level by using completely custom built peer-to-peer software which has no central command unit; therefore, closing this network down is virtually impossible.

Combating Hide ‘N Seek

The advanced design of Hide ‘N Seek is proof that it’s the work of highly skilled hackers, but, once again, the vulnerability being exploited is the use of default passwords. Let’s face it, giving a hacker a key to a locked door is the worst form of security you can imagine, but this is exactly what default passwords are. And this is why password security remains the number one priority for any devices within your network, whether they’re connected to the IoT or otherwise.

By changing these default passwords while devices are on isolated networks, your organization can seriously increase the strength of their defenses. Otherwise, you’re leaving your networks at the mercy of malicious botnets such as Hide ‘N Seek. And, believe me, just as Reaper wasn’t the last IoT botnet, neither will Hide ‘N Seek be the final word in hacking in this new IoT landscape.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 16 17 18 19