4 Ways to Tell If You’re Being Phished

Cyber Attack, Hacking, malware, Password Security, Phishing, Phishing Email, Ransomware, Security, Security Threats, , , , ,
25
Sep 2018

Phishing is big business for hackers and you can rest assured that it’s a niche they’re keen to exploit, but how do you know when you’re being phished?

Kaspersky Lab reported around 246 million phishing attempts being executed in 2017, so it’s fairly clear that phishing is taking place on a monumental scale. And, to provide a little perspective, those 246 million phishing attempts are only the ones that were picked up by Kaspersky’s software. If you factor in all the other security providers’ data then you’re left with a staggering amount.

Phishing, therefore, is something that you’re likely to encounter and, the truth is, your organization is likely to receive a significant number of phishing emails every day. Thankfully, protecting your business from the dangers of phishing emails is relatively easy. And, to help boost your defenses, we’re going to show you four ways to tell if you’re being phished.

1.  Analyze the Email Address

While it’s straightforward to mask an email address with a false one, many hackers simply don’t bother. And that’s why you’re likely to find that most phishing emails are sent from unusual email addresses. Say, for example, you receive an email from your bank asking you to provide sensitive information regarding your account, it’s not going to come from a Hotmail address, is it? However, many people fail to check the sender’s email address and, instead, become distracted by the seemingly genuine contents.

2.  How’s the Grammar?

A tell-tale sign of a phishing email is poor grammar and even worse spelling. Hackers, after all, aren’t too bothered about honing their command of the written word. All they want to do is hack and hack big. Accordingly, their emails will fail to contain the type of language you would expect to receive from a work colleague or another organization. So, remember: if they can’t spell your name in their opening introduction then you should be highly suspicious.

3.  Did You Ask For Those Attachments?

Hackers love to catch their victims out with attachments that contain a nasty payload, so any attachments should always be treated with caution. Sometimes these attachments can be easily identified as malicious, but it’s not always simple. First of all, ask yourself whether the attachment is relevant to your job. If you work in the service department and you’ve been sent a spreadsheet relating to company finances then there’s no need for you to open it. Secondly, keep an eye out for file extensions you don’t recognize as opening these could easily lead to executing malware.

4.  Deceptive Links

One of the main objectives of a phishing email is to take the recipient away from the security of their PC and onto dangerous websites which are riddled with malware. And the best way they can do this is through the use of a deceptive link. While a link may look genuine on the surface, it can easily direct you somewhere else altogether. The best way to verify a link’s true destination is by hovering your mouse cursor over the link to reveal the true URL address.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

How Did the DNC Get Hacked by Phishing Emails in 2016?

Cyber Attack, email links, Hacking, malware, Password Security, Phishing, Phishing Email, Security, , ,
18
Sep 2018

You may think that political parties understand the need for good security, but back in 2016 the DNC suffered a major hack due to phishing emails.

Thanks to a sustained attack, Russian hackers were able to infiltrate email accounts of those involved within Hilary Clinton’s campaign to become president of the United States. And, as you know, the rest is history. However, not many people are aware of exactly how the DNC got hacked so extensively that highly sensitive information was obtained and then leaked to the public.

Although not every single detail has been revealed, we know enough that the hack was, in relative terms, a fairly simple execution. Naturally, you’re unlikely to be targeted by the same people who are involved in political attacks, but their methods are likely to be similar. Therefore, we’re going to take a look at how the DNC was hacked by phishing emails, so you can understand how to avoid it.

Phishing for DNC Secrets

The hack began on March 10th, 2016 and involved a batch of heavily disguised emails, which appeared to be sent by Google, being sent to key members of Hilary Clinton’s campaign team. These emails purported to be advising the recipients that their passwords needed changing in order to strengthen their security. However, the links contained within these emails sent users to a malicious website where strengthening security was the last thing on their mind. With these email accounts compromised, the hackers were then able to access private contact lists held within them.

Within a day, the hackers had access to confidential email addresses for key targets within the DNC campaign. And, almost immediately, the hackers began to send phishing emails to these email addresses in order to work their way higher up the chain of command. Despite the presence of two-factor authentication, the hackers’ persistence paid off as they eventually managed to breach the defenses of John Podesta, chairman of the DNC’s campaign. This email account, alone, provided access to 50,000 confidential emails.

This assault is believed to have been organized and orchestrated by the Russian cyber-espionage organization known as Fancy Bear. Despite accessing such a huge amount of emails from Podestra, Fancy Bear intensified their hacking campaign and this led to security experts becoming suspicious of methods being employed to dupe Google’s spam filter into accepting malicious emails into the inboxes of DNC targets. The clean-up operation, however, was too late and Podestra’s breached emails were soon published on Wikileaks.

Be Clever, Don’t Get Phished

The 2016 attack on the DNC is probably the most famous, and damaging, phishing attack in cyber-history. Simply due to a few members of staff clicking malicious links, an entire election campaign was brought to its knees. Reinforcing good email security, therefore, remains a crucial practice for any organization in modern business. Even with millions of dollars of security in place, the DNC fell victim to a simple phishing scam and, next time, it could easily be your organization.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

What Should You Do When You Receive a Phishing Email?

Hacking, malware, Phishing, Phishing Email, Security, Security Threats, , , ,
11
Sep 2018

Phishing emails are the scourge of our inboxes and there seem to be more and more each week, so what should you do when you receive a phishing email?

The aim of phishing emails is for the sender of said emails to obtain sensitive information from the recipient. This goal is realized by cleverly disguising the email to make it look as genuine as possible and, therefore, gain the recipient’s trust. Data targeted by phishing emails usually relates to sensitive details including login details and passwords. And this data leakage can cause serious harm to businesses with the average cost of a phishing attack on a medium sized business costing around $1.6 million.

No organization that wants to remain productive and competitive wants to deal with the chaos of a phishing attack, so we’re going to take a look at what you should do when you receive a phishing email.

Do Not Open Phishing Emails

The best way to avoid the dangers of phishing emails is very simple: Don’t open them! This, of course, is easier said than done as phishing emails have become incredibly sophisticated over the years e.g. spoofing email addresses. However, if for any reason whatsoever you do not recognize an email address or there’s something unusual about the email subject then it’s always best to err on the side of the caution. Instead, move the cursor away and get your IT team to investigate it before going any further.

Leave Links Well Alone

Opening a phishing email isn’t enough, on its own, to activate the malicious payload, but it’s very simple to do so. Phishing emails often contain links which, once clicked, send the user to malicious websites where malware is automatically downloaded to the user’s PC. This malware is usually very discreet and is able to run silently in the background where it is able to log keystrokes or even take control of the user’s PC. So, remember: if you don’t recognize the sender of an email, it’s crucial that you never click their links.

Don’t Respond

Phishing emails will often try to gain your trust by establishing a connection, so you need to be mindful of these deceptive tactics. By hitting the reply button, for example, you’re demonstrating to the hacker that not only is your email account active, but that you’re willing to engage. And, if a phone number is provided, never ever ring it as it will involve further social engineering and potentially a very high phone charge to a premium member. It may be tempting to respond, but always say no and move away from engaging.

Report the Email

Any form of hacking represents a serious threat to the security of your organization, so it should be every employee’s duty to report a phishing email as soon as possible. This allows your IT team to analyze the email and its contents before taking action. This could be as simple as deleting it securely or telling you that, actually, it’s safe to open. Ultimately, shared knowledge allows your entire organization to stay on top of phishing emails, so, even if you’ve clicked something you shouldn’t have, report it immediately.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Hide ‘N Seek Botnet Threatens the Internet of Things

Cyber Attack, Hacking, Internet of things, IOT, malware, Password Security, Security, Security Threats, , ,
08
Mar 2018

The Internet of Things (IoT) has a new security threat and this time it uses peer-to-peer communication to spread, infect and compromise devices.

In January 2018, security researchers working for Bit-defender discovered a new botnet which, although not related, has similarities to the Reaper botnet. Originally infecting just 12 IoT devices, the Hide ‘N Seek botnet had soon amassed over 32,000 IoT devices by the end of the month. With the ability to steal data, take control of the device and run malicious code, Hide ‘N Seek represents a serious threat.

Understanding new and emerging threats to IoT devices is crucial if you want to protect your organization’s network, so it’s time to investigate Hide ‘N Seek a little closer.

Hide ‘N Seek is No Game

A brand of IP camera manufactured in South Korea appears to be the initial infection source for Hide ‘N Seek, but the botnet is actively attacking other IoT devices. Using randomly generated IP addresses, Hide ‘N Seek attempts to connect to any devices listed against these addresses. If the botnet succeeds in connecting then it either uses default login/password combinations to gain access or performs a brute force attack using a dictionary list to crack the login credentials.

With access obtained, Hide ‘N Seek analyses the device to discover any potential vulnerabilities such as the ability to download malware or launch DDoS attacks. The remote botnet hacker also has the option of executing any command they wish on the infected device; this option provides them with the chance to steal any files they wish. The capabilities of Hide ‘N Seek are clearly advanced and innovative, but what’s even cleverer is that it appears to be constantly redesigning itself to minimize detection.

Communication between the infected devices is made possible by the peer-to-peer network at the heart of Hide ‘N Seek. Using peer-to-peer software for hacking is nothing new, but previous methods have always involved modifying existing torrent software. Hide ‘N Seek is taking hacking to a new level by using completely custom built peer-to-peer software which has no central command unit; therefore, closing this network down is virtually impossible.

Combating Hide ‘N Seek

The advanced design of Hide ‘N Seek is proof that it’s the work of highly skilled hackers, but, once again, the vulnerability being exploited is the use of default passwords. Let’s face it, giving a hacker a key to a locked door is the worst form of security you can imagine, but this is exactly what default passwords are. And this is why password security remains the number one priority for any devices within your network, whether they’re connected to the IoT or otherwise.

By changing these default passwords while devices are on isolated networks, your organization can seriously increase the strength of their defenses. Otherwise, you’re leaving your networks at the mercy of malicious botnets such as Hide ‘N Seek. And, believe me, just as Reaper wasn’t the last IoT botnet, neither will Hide ‘N Seek be the final word in hacking in this new IoT landscape.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

4 IoT Security Vulnerabilities You Need to Know About

Hacking, Internet of things, IOT, Network, Security, Security Threats, , , , ,
27
Feb 2018

The Internet of Things (IoT) is amazing, but it’s not perfect and, in particular, there are plenty of security vulnerabilities that you need to know about.

You can barely move without bumping into an IoT device now and, whilst this allows you to be more productive, it also means that the security risk to your organization’s network is increasing. We’ve all heard about how coffee machines can get hacked and it’s these types of stories that demonstrate the extent of IoT security concerns.

Whilst you may rely on a humble kettle rather than a fancy Wi-Fi controlled coffee machine, there are still plenty of IoT security vulnerabilities you need to be aware of. Let’s take a look at of the most important ones you should be aware of.

  1. Network Services Present a Back Door

IoT devices often come with diagnostic and debugging services built in to help facilitate troubleshooting tasks, but these are often operating on ports which are not secure. Now, maintenance services are probably one of the least likely to be secured pieces of code to be found on an IoT device, so this scenario is highly attractive to hackers. Therefore, you need to make sure that you investigate all potential security concerns on new IoT devices you install.

  1. Lack of Transport Encryption

When data is transported across the internet or your local network, it needs to be encrypted to thwart any external parties who are listening to your data traffic. However, many IoT devices fail to employ transport encryption in their data transmissions when sending data – this is estimated to be around 41% of all IoT devices. And this is why you need to make sure that your organization only works with highly secure IoT devices to protect data security.

  1. Weak Password Protection

The lack of strong password protection is a major security vulnerability when it comes to IoT devices. A good password should incorporate more than 8 characters and these should include numbers, symbols and mixed case letters – more often than not, though, these can often be nothing more than four digits such as an iPhone’s default password protection. And, as we all know, the weaker a password, the quicker and easier it can be hacked by brute force.

  1. Different Computer Languages Prevent Security

PCs all speak a common language, so getting a network full of PCs to operate on the same network in the same manner is not too big a problem. However, a smart photocopier running on a code all of its own is going to struggle to communicate effectively with the rest of your network. And this means that guaranteeing a secure connection between network devices is more difficult than ever. You also need to consider the fact that many IoT devices fail to receive regular updates, so this has the potential to be a long term security risk.

We’re all still learning about the security vulnerabilities that the IoT is bringing to the security table, so a firm knowledge of the potential pitfalls is vital. By taking note of the above you should be able to improve your security just enough to prevent being hacked.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 20 21 22 23 24 31