Twitter Learns a Lesson in Spear Phishing

Ophtek, Security, Security Threats, spear phishing, Twitter, , ,
11
Aug 2020

Even the biggest tech companies are at risk of having their networks breached. Twitter, with 330 million users, is huge, but far from immune from hackers.

A recent spear phishing attack on Twitter managed to generate headlines around the world and seriously disrupt the platform’s service. The attack, which was carried out by three young men aged between 17 – 22, was remarkable in its scope and its execution. It was an unexpected breach of Twitter’s defenses and one which defied their technological prowess. But there was more to this attack than just disruption. There was also a financial sting in the tail.

You may not run a social media company, but it’s likely that your organization has a presence in this sphere. Therefore, it’s important to understand what happened.

Twitter is Breached

On the 15th July, a number of high-profile and verified Twitter accounts were taken over by hackers. The hackers used this control to not only access the accounts’ private message systems, but also download their data. Most dramatically, however, the accounts were used to post links to a Bitcoin scam. This scam claimed that if users sent Bitcoins to a specific account they would double their money. But this was far from true. Instead, the hackers made off with more than $100,000 in Bitcoin.

How did this Attack Take Place?

The Twitter breach was a textbook case of spear phishing, a strategy which involves targeting individuals and encouraging them to reveal confidential data. Graham Clark, one of the accused hackers, conducted a social engineering campaign to pass himself off as a member of Twitter’s IT team. A genuine Twitter employee fell for this deceptive ploy and handed over a set of credentials for Twitter’s customer service portal. These credentials allowed Clark and his fellow hackers to gain instant access to accounts such as Joe Biden, Elon Musk and Apple.

Lessons to be Learned

Twitter, upon discovering this attack, took immediate action by suspending all verified accounts. However, the damage had already been done and Twitter was left extremely embarrassed. Social engineering is, of course, a powerful hacking technique. And, if it’s pursued and executed numerous times, it will eventually pay off. But this doesn’t mean you are defenseless. You can easily protect your systems by reinforcing the following points:

  • Use Multi-Factor Authentication: Requesting a set of credentials to gain access to a system is a powerful defense. But requesting multiple sets of credentials is even better. And that’s why multi-factor authentication is so important. Rather than relying on just a username/password combination, it can also request a unique pin number generated to a registered phone number.
  • Understand the Spear Phishing Signs: It’s important to educate your staff on the signs of spear phishing.  Suspicious phone calls and emails requesting confidential information, for example, should immediately be challenged. It only takes a minute or two to contact a user on their direct phone or email to verify the request, so don’t fall victim to rushed demands.
  • Always Patch Your Systems: Operating systems are regularly issuing updates to address new and emerging phishing techniques. Therefore, a network which has all its software fully updated should be secure. However, many firms are guilty of leaving patches to the last minute due to time concerns. And it’s this complacency which allows hackers to get a foothold in your systems.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

How to Protect Yourself against Social Engineering

Hacking, Ophtek, Phishing, Phishing Email, Security Threats, social engineering, , , ,
04
Aug 2020

 

Hackers thrive upon deception and the result of this endeavor is social engineering. It’s a powerful tactic and one you need to protect yourself from.

Social engineering has been used to deploy attacks such as the Coronavirus malware and the recent attack on high profile Twitter accounts. The method is intriguing due to its sophistication and its human element. Rather than relying on complex coding techniques to outwit computer systems, social engineering takes advantage of human naivety. More importantly, however, is the sheer destruction that it can cause.

The world is a perilous place at the best times, but now more than ever we need to make sure we protect ourselves and our businesses. One of the best ways to get started is by reinforcing the barricades against social engineering.

What is Social Engineering?

Manipulation is, in a word, exactly what social engineering is. But you’re going to need a little more information than that, so let’s take a closer look.
Social engineering is a process in which one party seeks to deceive individuals into revealing sensitive information. When it comes to the world of IT this sensitive data tends to relate to login credentials, but can also involve transferring sensitive documents such as employee records. These attacks are commonly executed through the use of phishing emails, but this is not the only technique. It’s possible for hackers to carry out social engineering attacks over the telephone and even face to face.

The Best Ways to Protect Yourself

Protecting yourself against social engineering takes a concerted effort. You can’t rely on software alone to protect you. Luckily, you can strengthen your personal defenses by practicing the following:

Take Your Time: Social engineering relies on a lack of caution on the victim’s part. Therefore, it’s crucial that you always take your time when it comes to any form of communication. A social engineer will do their best to force you into making a quick decision e.g. clicking a link or disclosing your password. To counter this, evaluate all requests and press for answers if you feel even slightly suspicious.

Use Email Filters: There have been great advances made in email filters over the course of the last 20 years. Where these junk filters once had relatively little use they are now highly intelligent. Enabling your email filters will enhance your security and prevent the majority of phishing emails making their way into your inbox. This reduces your risk and stops you from engaging with a social engineer.

Too Good to Be True: As with all areas of life, if something sounds too good to be true then it makes sense to be suspicious. After all, it’s unlikely that a representative for an African prince wants to deposit millions of dollars into your bank account. And, if they did, why would they require your social security number? And your workplace login credentials? As a rule of thumb, if it sounds like a scam then it probably is and should be deleted.

Is the Source Genuine: If an email says that it’s from your bank then this doesn’t mean it’s from your bank. Likewise, a phone call from your HR team isn’t necessarily genuine. Hackers specialize in trickery and deception, so they won’t shy away from such blatant and direct approaches. Always check every request for details such genuine URL details (by hovering over a link) and only transmitting sensitive data to internal email addresses.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Major Spyware Risks Found Within Google Chrome Add-ons

extensions, Ophtek, Security, Security Threats, , ,
07
Jul 2020

Google’s Chrome is the most widely used browser on the internet, but this dominance also makes it a major target for hackers.

The popularity of Chrome means that it’s a vital asset for PC users and this applies to both domestic and business settings. One of the major advantages of Chrome is that it’s supported by a vast database of add-ons. These add-ons, which are coded by official developers or third-party coders, can be installed within seconds and provide an enhanced browsing experience. But the ease with which these add-ons can be released makes them a security risk.

This risk has been brought into sharp focus by a security lapse which has led to 32 million downloads of malicious spyware. And this startling figure is why we’re going to take a closer look at the situation.

What is a Chrome Add-on?

You may be wondering what a Chrome add-on is and it’s a good question which we will quickly cover. Add-ons, also known as extensions, allow users to modify Chrome in a way which adds extra features and accessibility e.g.  Save to Google Drive. The add-ons are built using web technologies such as JavaScript and are embedded into the user’s browser where they can be turned on and off.

How Has Spyware Infiltrated Chrome Add-ons?

Security researchers have discovered that a number of Chrome add-ons have not been delivering the benefits they promise. These particular extensions, available for free, advertise themselves as providing services which include converting files to different formats and warning about malicious websites. However, these add-ons contain a nasty surprise in the form of spyware. And this spyware has been used to record browsing data and login credentials. Around 70 suspicious add-ons, all uploaded with fake contact details, have been identified and since removed by Google.

How Can You Protect Yourself Against Malicious Add-ons?

The busy digital age we live in means it’s easy to lose focus with what’s happening on our screens. But vigilance is crucial when it comes to threats such as malicious add-ons. Therefore, it’s important that you practice the following when working with extensions:

  • Check Permissions: Whenever you install an add-on it will detail the permissions that it requires to run. These could range from asking for permission to access your hard drive through to analyzing your browsing data. An add-on which asks for a large number of permissions should immediately ring alarm bells. Most important, however, is the nature of these permissions. Anything which feels too invasive should be declined and an alternative sought. 
  • Audit Your Add-ons: It’s always a good idea to monitor the add-ons you have installed in your browser. Any that you deem as no longer necessary should be removed; auditing your add-ons should be carried out every month. This will ensure that your browser does not become bloated with add-ons and minimizes the risk of rogue extensions being present. 
  • Ask a Professional: If in doubt, always reach out to an IT professional before installing an add-on. Their experience of identifying malicious software will allow them to quickly determine whether it is safe or not. And, don’t forget, only ever consider an add-on which provides an invaluable benefit. Otherwise it is recommended to continue without it.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Make Sure Your Software is Updated and Secure

Ophtek, Security, Security Threats, Software, Software Security Patches, Updates, , , ,
14
Apr 2020

It’s vital, if you want your PC to remain safe and secure, to install all software updates and patches. The alternative is, of course, that you get hacked.

Now, no one wants their PC to get hacked. The fallout from such a scenario can only spell disaster for a business. We’re talking stolen data, disrupted IT operations, financial damage and a major drop in productivity. And no one wants that. Certainly not a business and certainly not their customers. But hacking is a major threat in today’s digital workplace. In the first half of 2019 alone, a total of 4.1 billion records were compromised. It’s a figure which is clearly huge, but it’s also one that could be significantly reduced if organizations updated their software regularly.

So, to help you keep your software updated, we’re going to run through the basics of updating and securing your software.

What are Software Updates?

It’s difficult to create a flawless piece of software. The complexity of coding means that, even when developers feel their application is finished, it’s likely that minor problems will remain. And, in most cases, the only impact of these errors will be felt in the application’s functionality. However, on occasion, these minor flaws can represent major security issues. Hackers, if they are to be commended on anything, are highly persistent. And, if they can find a vulnerability in a piece of software, you can rest assured that they will exploit it.

This is why software updates and patches are crucial. The most common update that most PC users will encounter is an operating system update. These are regularly released by developers in order to counter security issues which have been discovered. These updates, in their simplest terms, patch the software. Following the patch process, your operating system will be considered more secure and functional. Unfortunately, many organizations are either too busy to worry about updates or they fail to understand their importance. And that’s why you need to know the best ways to keep your software updated.

How Do You Update Your Software?

Updating software on a PC is straightforward and simple, but only if you know how. Therefore, it’s important that you practice the following:

  • Allow Automatic Updates: The sheer number of updates that are required for multiple applications is mind-boggling. And the time taken to action these updates is significant. But, with this in mind, most pieces of software allow you to select an automatic update option. This takes the pain out of authorizing and conducting every new update and patch. The setting is most commonly found in the updates section of an application’s control panel. 
  • Visit Developer’s Websites: It’s good practice to regularly visit the websites of developers to make sure you’re working with the latest updates. Adobe Flash Player and JavaPress, for example, can both be verified by visiting their respective websites. The relevant software is quickly analyzed to determine which version it is. And, if any updates are outstanding, the user will be prompted to install these or upgrade to a new version. 

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Government Websites Compromised in Armenia

anti malware, Cyber Attack, Cyber Security, Hackers, malicious websites, Plugins, Security Threats, , , ,
07
Apr 2020

You would like to think that governments know a thing or two about cyber security. But a recent hack in Armenia has proved otherwise.

European security experts ESET have confirmed that numerous websites belonging to the Armenian government have been targeted and compromised by hackers.   The compromised websites have been infected with malware and pose a nasty security risk to visitors. It’s suspected that the hackers behind this attack are Turla, a Russian hacking group.

We’ve discussed malicious websites before, but this latest attack is a little different. Therefore, it’s crucial that you understand the unique methods behind the infection.

What’s the Story?

The suspected hackers have targeted several websites that come under the control of the Armenian government, but the same fingerprints have also been found on a few non-government websites. Regardless of which website is infected, the methods employed are the same. However, where this attack differs from normal is its selective nature. Rather than attacking every visitor that accesses the infected websites, the malware only targets high-ranking visitors. So, for example, a civilian visitor is likely to remain uninfected, but a government official will not be so lucky.

It’s intriguing that the malware is only interested in high-ranking officials and indicates that there could be a political angle to the attack. Speculation aside, what is known for certain is how the attack unfolds. Once a visitor has been established as ‘high-value’ a command-and-control server generates a malicious JavaScript code. This code is used to deliver a popup window prompting the user to download a Flash update. But while this does, in fact, install a genuine version of Flash, it also contains PyFlash. And this backdoor application allows hackers to gain full access to the infected PC.

How Do You Protect Yourself?

Naturally, the security risk of compromised government PCs is considered high. And, while it is unlikely to affect smaller organizations at present, the selective nature of the attack is troubling. Therefore, it’s important that you safeguard your business against similar attacks. This can be achieved by following these best practices:

  • Use Website Filters: One of the best ways to protect your organization from infected websites is by integrating website filters into your IT setup. These filters are backed up by huge databases, which are regularly updated, and will prevent your users from accessing websites considered a security risk. 
  • Prevent Software Installation: The majority of applications that your employees will want to install are likely to be genuine and safe. But, as with fake Flash updates, this is not always the case. And this is why it makes sense to enforce a complete blanket ban on unauthorized installs. Accordingly, any install requests should be submitted to an IT professional who can evaluate the risk of each proposition.
  • Block Popup Adverts: It’s rare that any PC user welcomes the appearance of a popup advert. And, with the risk of malicious popups so prevalent, it’s the last thing that an IT professional wants to see as well. Therefore, it makes sense to minimize this risk by installing a popup blocker. Not only will this reduce the risk of malware being installed, but it will also provide your PC users with an enhanced experience.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 2 3 4 12