What are the Telltale Signs of a Phishing Email?

Ophtek, Phishing, Phishing Email, Security, Security Threats, , ,
21
May 2019

Email is an integral part of business communication for any organization with an IT structure, but there’s a significant danger posed by phishing emails.

When it comes to IT security, you want to make sure your defenses are as strong as possible in order to repel any hackers. However, human error will always play a factor in this and hackers are well aware of this vulnerability. Phishing emails are the latest evolution in the age old scenario of a confidence trick and present a major issue not just to individuals and businesses, but also political parties. Given the damage that phishing emails can cause to your data security and IT infrastructure, it’s important to understand the telltale signs of a fishing email, so let’s take a look.

Four Telltale Signs of a Phishing Email

If you know what you’re dealing with then a phishing email can be quickly identified and deleted from your server within a few seconds. However, understanding what does and doesn’t make a phishing email is a learning curve. In order to get up to speed on what constitutes a phishing email make sure you look out for the following:

  1. A Suspicious Email Address: Although it’s possible to mask the true identity of the original sender of a phishing email, the chances are that the hacker will instead use an email address that appears to be genuine but, upon investigation, is false. A good case in point is when the email address is clearly not official e.g. it’s common to find phishing emails pretending to be from Microsoft, but with a domain name which clearly isn’t Microsoft such as microsoft_support@yahoo.com 
  1. A Vague Greeting: Phishing emails are rarely sent to a single individual. Instead, hackers tend to send the same email to thousands upon thousands of different people. This approach ensures that there’s a higher chance of someone falling for the scam. However, addressing each email to each individual would be incredibly time consuming. Therefore, a sure sign of a phishing email is one that commences with a vague greeting such as “Dear Sir/Madam” or Dear Customer” 

  1. A Fake Link: Phishing emails almost always contain a link that takes users to either an infected website or downloads malicious software. And, often, these links will appear to be genuine. So, for example, there may be a phishing email that lands in your inbox from your bank that asks you to click a link to confirm some security details. However, while that link may read as bankofamerica.com it may be hiding a different destination. The only way to verify this without clicking is by hovering your mouse cursor over the link and verifying the address revealed in the popup box. 
  1. A Sense of Urgency: Hackers want you to click on the fake links contained within their phishing emails, so their approach tends to use fear to encourage clicking the link. Phishing emails, therefore, tend to carry some type of warning in order to trick you into thinking that it’s in your best interests to click the link. This can be as mundane as asking you to enter a survey to win a million dollars or more serious warnings such as the imminent closure of your bank account.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Fileless Malware: The Rise of a New Threat

malware, Phishing Email, Ransomware, Security, , ,
18
Dec 2018

We’re all aware of the dangers of opening suspicious files, but what happens when hackers develop the skills to unleash malware without infected files?

Due to the popularity of file-based attacks, most security software concentrates on combating this particular avenue of hacking. And it’s certainly an effective method of shutting down most malware attacks before they’re able to steal or, in the case of ransomware, encrypt your data. Due to the success of blocking these attacks, hackers have had to go back to the drawing board and evolve their methods of attack in order to become less detectable.

The end result of this evolution has seen a rise in sophisticated hacking methods and, in particular, fileless malware is now beginning to grab headlines. And, due to the lack of knowledge of this development in hacking, attacks have increased in frequency and their success rate has also flourished. As fileless malware could easily hit your organization at any given time, it’s a good idea to educate yourself on the threat.

What is Fileless Malware?

You don’t have to be a security expert to understand that fileless malware is a malware variant which forgoes the use of infected files. Instead, fileless malware takes advantage of trusted Windows components such as PowerShell that are rarely checked for infections. PowerShell is hardly ever used by the average PC user, but it’s an important component that can be used to execute system administration tasks and, therefore, taking control of this is a hacker’s dream.

As mentioned, fileless malware does not involve the use of any files to infect a PC. The most common technique to launch an attack is through spam email which contains a link to an infected website. If that link is clicked then the user is transported to a spoof website where Flash player loads and, at the same time, activates a malicious script that accesses PowerShell on the victim’s PC. Infected PowerShell scripts are then downloaded which allow the hackers to collect sensitive data and transmit it back to a remote location.

How Do You Combat Fileless Malware?

Data leaks can be highly damaging not just for your staff and customers, but also your organization’s reputation. Therefore, with the advent of fileless malware, it’s essential that you understand how to protect your business from its malicious activity. To help you keep one step ahead of fileless malware, make sure you action the following:

  • If you don’t use PowerShell in your IT operations then disable it. This nullifies the threat of any PowerShell exploit. Additionally, the same applies to Windows Management Instrumentation which has also been discovered to be vulnerable to fileless malware.
  • Monitor the amount of data leaving your network. If there’s a spike in data leaving your network then it’s possible that this is the result of malware transmitting sensitive data to a remote hacker.
  • Don’t rely on antivirus software alone as this is less effective when it comes to fileless malware. Instead, practice vigilance and monitor any unusual emails.
  • Disable macros at all costs, unless they’re company approved, as macros are another tool employed by hackers as part of a fileless malware attack.
  • As ever, regularly update your software to reduce the chance of known software vulnerabilities being exploited.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Scottish Brewery Hit by the Dharma Ransomware

Dharma, email security, Phishing, Phishing Email, Ransomware, Security, , , ,
23
Oct 2018

Ransomware continues to cause chaos for organizations with the latest story to hit the news concerning a Scottish brewery infected by the Dharma ransomware.

While it has been reported that ransomware attacks have fallen by 30% in the last 12 months, the fact remains that they’re still capable of causing significant disruption. In the case of the Arran Brewery on the Isle of Arran, Scotland, the organization had to accept that they would lose around three months’ worth of sales data due to the effects of the attack. This, of course, is the last thing that any business wants and acts as a fine reminder that we need to be on guard against ransomware.

To help provide a little background and demonstrate how the attack unfolded, we’re going to take a closer look at what happened.

Attacking the Brewery

What’s most interesting about the attack on the Arran Brewery is that it would appear the attackers deliberately targeted the brewery. Instead of a scattershot approach which targeted multiple organizations, the hackers focus was clearly on the Arran Brewery. Just before the attack, multiple adverts for a job at the Arran Brewery (which had already been filled) appeared on recruitment sites all over the globe. Naturally, the brewery received a sharp increase in the number of CVs being emailed in but, unfortunately, one of the emails contained a malicious payload.

The payload was contained with a PDF attachment which, when opened, initiated the attack and infected the entire network. Following the encryption of the Arran Brewery’s files, a ransom demand was issued which advised that the encryption keys would only be released in exchange for 2 bitcoin (roughly $14,000). Thankfully, an IT consultant was able to retrieve a significant amount of the encrypted data from backups and rid the system of the infection. However, certain files couldn’t be restored and, due to it not being economically viable to pay the ransom, the Arran Brewery decided to write off three months’ worth of sales data.

What is Dharma?

Dharma is a strain of ransomware which was first released in 2016 and has regularly been updated ever since due to the emergence of Dharma decryptors. In September 2018, for example, three new variants emerged which are resistant to previous decryptors. When files are encrypted by Dharma they will automatically append a new file extension onto the existing file and these extensions can include:

  • .dharma
  • .cesar
  • .onion
  • .wallet
  • .zzzzz

Final Thoughts

If anything acts as a reminder that organizations need to be vigilant against ransomware then it’s a current and contemporary threat. Dharma could easily hit your organization next, so you need to ask yourself whether you can afford to lose three months’ worth of data. I’ll let you into a little secret: no one wants to lose three months’ worth of data. Therefore, it’s crucial that you reiterate the importance of email security to your employees in order to maintain access to all your data at all times.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

How Do You Reduce the Risk of Phishing Attacks?

email links, Password Security, Phishing, Phishing Email, Security, Security Threats, , ,
16
Oct 2018

Thanks to the power of social engineering, phishing remains a powerful method of hacking organizations. Reducing this risk, therefore, is crucial.

Phishing has been active since the early days of the internet and, unfortunately, it doesn’t appear to be going anywhere soon. Thankfully, you don’t have to fall victim to these deceptive attacks as there is plenty that any organization can do to protect its data. And, don’t worry, it doesn’t involve investing millions in state of the art technology. All it takes is a little bit of common sense and an understanding of how phishing attacks work.

To get you started we’re going to show you how to reduce the risk of phishing attacks.

Antivirus Software is Key

One of the best ways to reduce phishing emails is by working with antivirus software. Capable of scanning attachments and analyzing links contained within emails, a good antivirus software can easily target the two main ways that phishing attacks unleash their payload. However, as with all software, it’s important that you update it regularly and install updates immediately. Phishing attacks can spread round the world very quickly, so you need to stay one step ahead of them.

Keep Up to Date with Phishing Attacks

Hackers are constantly developing their techniques and tweaking their methods, so it’s vital that you keep an eye on what’s happening in the world of phishing. New attack methods can be launched very quickly and be in your inbox within a day, so make sure that you’re regularly monitoring IT news sources to prepare yourself for any incoming threats.

Educate Your Employees

The main targets of any phishing attack against your organization will be your employees, so they have to be educated in order to prevent any data breaches. The basics of phishing are relatively simple, so the training doesn’t need to be too in-depth. All you have to do is ensure that these basics are hammered home so that employees know how to spot a phishing email and how to deal with it.

Practice Phishing Attacks

A popular method for reducing the risk of phishing attacks is by running regular exercises to test your employees. For example, fake phishing emails can be randomly emailed to your employees that test whether they are susceptible to phishing scams or not. Usually, these emails will contain a fake link that urges them to complete something on behalf of the company – such as IT training – but the actual URL contained will be a ‘malicious’ one. Those employees that fail to spot the ‘malicious’ link can then be asked to take a refresher training course.

Combine All Your Preventative Methods

The key to reducing the risk of phishing attacks is by combining all of the above into one multi-faceted security approach. An amazing antivirus software solution, for example, isn’t effective enough on its own. Instead, you need a firm knowledge of the phishing landscape, amazing employee training and regular tests to guarantee that you can tackle phishing on all fronts.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

The Basics of How Phishing Works

email links, Phishing, Phishing Email, Security, Security Threats, , ,
09
Oct 2018

You’ve read the headlines and you may even have been a victim of phishing, but what is it and how does it work?

Phishing is a highly dangerous form of hacking which can compromise sensitive data and cause significant disruption to the running of a business. One of the main reasons that phishing has become such a successful method of wreaking digital havoc is down to a lack of knowledge on the behalf of PC users. While phishing is far from the most complex hacking technique, the average PC user is unlikely to know the ins and outs of phishing.

As we know that time and productivity is a valuable asset for your organization, we’re going to take a look at the basics of how phishing works.

What is Phishing?

Let’s get one thing straight, phishing is nothing like sitting by a lake and peacefully fishing. In fact, it’s far from enjoyable, but there is one element that remains the same. And that’s the use of bait. You see, phishing thrives upon the use of bait to obtain information out of an innocent party. The most common way to phish, in the digital landscape, is through an email. And, within this email, will be a piece of bait with which the hackers plan to land a prize catch.

Leaving the world of fishing behind, a phishing email is one which uses a number of deceptive techniques to extract sensitive data such as login details, bank details or even secure data such as customer database spreadsheets etc. Essentially, phishing is one big con and, as with all cons, gaining the trust of the victim is crucial to success. That’s why hackers are so keen to appear genuine when they send their phishing emails.

The classic example of a phishing email is one that claims to have been sent from a bank to verify your login details. A scare tactic will usually be employed, such as a report of unusual activity on the account, in order to encourage a swift response which foregoes any rational thought. A link will be included in the email which the user is advised to click in order to go through a series of security checks. However, clicking this link will take you to a malicious website – even if it looks genuine – where your data will be harvested to help fuel identity theft or, in extreme cases, a loss of funds.

Why Does Phishing Work?

You may be wondering why people fall for phishing scams and the simple truth is that it’s down to a lack of concentration and analysis. Phishing takes advantage of these weaknesses on both individuals and security software. By planting a seed of trust, such as promising to safeguard your personal data, the hacker can, in fact, do the complete opposite and use this trust to harm you.

Key to successful phishing emails is the use of social engineering to convince recipients that the emails are genuine. Phishing emails will be packed full of official company logos and it’s even possible for hackers to spoof official email addresses in the From: section of an email. And, for people busy at work, it’s easy for them to take their eye off the ball for just a fraction of a second. As a result, links are clicked that shouldn’t be clicked and hackers land their prize catch.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 2 3 4 5