4 Questions You Should Ask Before Clicking an Email Link

Cyber Attack, cyber attacks, email links, malware, Phishing, Ransomware, Security, security
14
Aug 2018

We receive so many emails in business now that they’re a keen target for hackers. As a result, your organization needs to be more wary than ever with email.

The most common way for a hacker to take advantage of emails is by loading them with malicious links. These can be used to extract personal information, activate ransomware or send users to dangerous websites. And these emails are more than likely hitting your organization every day. Whilst the majority of emails with links embedded in them are genuine, it only takes one rogue email to cause severe problems.

To help you avoid the wrath of hackers, we’ve put together four questions you should ask before clicking an email link.

  1. Do You Recognize the Sender?

Trust is crucial when it comes to dealing with links contained within emails. If you don’t recognize the sender then the link should definitely be treated with caution as it could easily be a malicious link. Emails from work colleagues should be more trustworthy, but it’s always possible that their email account has been hijacked. So, even if you recognize the sender, there are still plenty of questions you need to ask.

  1. Does the Link Look Genuine?

If you received an email advising you to visit the Ophtek website then it would look something like www.ophtek.com or ophtek.com. However, if a hacker is trying to trick you into visiting a malicious website then the link may read slightly different e.g. ophtek.org or ophteksupport.com. If you’re ever unsure about the URL listed in a link then try Googling the URL and see whether it brings up a genuine website.

The other factor to look out for is whether the link written in the email is genuine. While the link could say www.ophtek.com the actual destination contained within the link could be completely different. Thankfully, you can double check this by hovering your cursor over any email link to display a popup window that lists the genuine destination.

  1. Do You Even Need to Click the Link?

A high number of malicious links prey on our worries, so, for example, emails that claim your bank account has been hacked are very common. The email will usually contain a link that promises to start an authentication process to secure your account, but these links are never genuine. More often than not, the email will reference a bank that you don’t even have an account with, so there’s absolutely no need to click any links inside it.

  1. Why is it a Shortened Link?

Shortened links may save space in emails, but there’s no reason why they should be used in business emails. More importantly, shortened links – provided by platforms such as Bit.ly and Goo.gl – are yet another way that hackers can disguise the destination of a link. Shortened links are particularly difficult to judge as, even if you hover your cursor over them, it’s impossible to tell where they will send you. Help is at hand, though, from platforms such as CheckShortURL which can expand shortened links to show their true destination.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

The 5 Most Important IoT Security Concerns Coming in 2018

Cyber Attack, Hacking, Internet of things, IOT, IoT Attacks, malware, Phishing, Ransomware, Security, Security Threats, , , ,
20
Feb 2018

If you want to keep the IoT (Internet of Things) secure in 2018 then you’re going to have your work cut out due to the number of threats on the horizon.

Significant progress has been made in the last couple of years when it comes to understanding the security concerns presented by IoT devices, but this is only encouraging hackers to become more innovative. And 2018 is going to deliver more IoT security threats than ever before, so you’re going to need to be ready for this surge in activity and the new hacking methods employed.

Let’s take a look at the most pressing IoT security concerns coming in 2018.

  1. IoT Attacks Being Undetectable

Many IoT attacks take place on a micro scale compared to large scale attacks such as Distributed Denial of Service Attacks. The problem with micro attacks is that conventional security systems are unlikely to recognize them as a threat, whereas major attacks are likely to ring alarm bells very quickly. Therefore, investing in highly sensitive security systems and manual monitoring may become vital to any organization using IoT devices.

  1. Automation Will Become More Important

Some organizations can have thousands of IoT devices operating on their network at any one time, so manually monitoring this activity is virtually impossible. And that’s why automation and artificial intelligence could prove highly popular in 2018 when it comes to providing a front line defence against IoT attacks e.g. installing crucial firmware upgrades immediately.

  1. The Irresistible Allure of Cryptocurrency

You only have to take a quick look at the financial headlines to understand just how valuable cryptocurrencies are at the moment. And, to a hacker, the financial rewards on offer are hard to resist. The Satori botnet, for example, takes control of IoT devices and also allows the hackers to exploit Bitcoin mining software. So, if your organization is involved with cryptocurrencies in any capacity, it’s going to pay to monitor your activity very closely.

  1. More and More Devices Will Be Targeted

Automobiles, security cameras and baby monitors are just a small selection of the IoT devices which have been hacked in the last couple of years, but this is set to increase further in 2018. In particular, devices which come with weak passwords (or even no password) are constantly being scouted by hackers. And, when they discover one, this can easily be leaked online, so the need to enforce a strong password culture remains essential.

  1. Privacy Concerns

Trusting IoT devices to transmit and receive personal and sensitive data is going to come under serious scrutiny in 2018. Due to the recent IoT attacks which have exploited weak passwords and poor security protocols in IoT devices, the public concern is growing over how their data is handled. Naturally, hackers are excited by the prospect of being given a free run at such a huge number of vulnerable devices without adequate security frameworks in place. 2018, therefore, is going to find organizations having to soothe customer concerns by only working with secure hardware and software.

For more ways to secure and optimize your business technology, contact your local IT professionals.

 

Read More

Phishing Scams Target the End of Tax Year

Phishing,
25
Jul 2017

thumb_shutterstock_79924000_1024

The tax season is a stressful time of year for businesses, but now hackers are targeting this period in order to steal employee data and funds.

Using a social engineering approach, hackers are able to trick businesses into relinquishing highly sensitive information and, in particular, W-2 details such as individual employees’ wages and salary. And with this form of social engineering becoming more and more active, it’s affecting an increasing number of businesses.

Seeing as every business has to deal with their taxes in a responsible manner, this is an area of hacking which needs to be closely guarded against; this need for security is even more necessary as it can affect individual employees. Therefore, we’re going to take a closer look at this increasing threat.

Tax Season Hacking

290x195cybercrime99Tax fraud has, traditionally, been a form of hacking reserved for only the most advanced hackers, but with the rise of relatively simple social engineering methods, this hacking technique has steadily become more accessible.  Many smaller businesses are now being targeted and these can include non-profit organizations, restaurants and schools.

And with tax themed spam traps increasing by over 6000% between December 2016 to February 2017, it’s a highly worrying time of year and businesses need to be on their guard. What form, though, do these attacks take?

Well, there are a number of attack methods and these are:

  • Processed Tax Refund – Spam emails which claim to originate from the IRS have been appearing in email inboxes and advise that they are due a tax refund which has now been processed. All the recipient needs to do is open an attachment to get started, but this attachment actually contains infected macros which can give hackers remote access to your PC.
  • W-8BEN Phishing Scam – the W-8BEN form is used by Non-US citizens to clarify their tax exemption details and involves passport and personal information. As this type of data is highly sensitive and valuable, hackers are now targeting this information by sending emails purporting to be from the IRS and requesting copies of the recipients’ completed W-8BEN form and scans of their passport.
  • W2 Data Theft – Due to the valuable data contained in W2 forms (wages, taxes etc), many cybercriminals are targeting these. Copies are sent to businesses for all their employees, so hackers are actively trying to breach network security to procure these forms and any associated tax databases in order to sell this information on the dark web.

Combatting Cyber Tax Crime

tax_id_theft-small

The most important factor to bear in mind with this form of cybercrime is that the IRS will NEVER email you to request personal information. Although this seems like common sense, many people are tricked by this approach and willingly give out information when they’re promised tax refunds. The main things to look out for and consider with these types of scam are:

  • Emails with poor grammar and spelling – Government agencies tend to have their emails thoroughly proofread before being sent out to the general public en masse.
  • Dubious links – Although links contained within phishing emails may appear genuine, if you hover your mouse cursor over these links then the true destination of the link will be revealed; if this address is different to the one written in the email then it’s highly likely this is a dangerous link.
  • Common sense – If you’ve already filed your tax reforms and aren’t expecting a tax refund then you should be highly suspicious of any emails regarding these issues.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 7 8 9