What are the Telltale Signs of a Phishing Email?

Ophtek, Phishing, Phishing Email, Security, Security Threats, , ,
21
May 2019

Email is an integral part of business communication for any organization with an IT structure, but there’s a significant danger posed by phishing emails.

When it comes to IT security, you want to make sure your defenses are as strong as possible in order to repel any hackers. However, human error will always play a factor in this and hackers are well aware of this vulnerability. Phishing emails are the latest evolution in the age old scenario of a confidence trick and present a major issue not just to individuals and businesses, but also political parties. Given the damage that phishing emails can cause to your data security and IT infrastructure, it’s important to understand the telltale signs of a fishing email, so let’s take a look.

Four Telltale Signs of a Phishing Email

If you know what you’re dealing with then a phishing email can be quickly identified and deleted from your server within a few seconds. However, understanding what does and doesn’t make a phishing email is a learning curve. In order to get up to speed on what constitutes a phishing email make sure you look out for the following:

  1. A Suspicious Email Address: Although it’s possible to mask the true identity of the original sender of a phishing email, the chances are that the hacker will instead use an email address that appears to be genuine but, upon investigation, is false. A good case in point is when the email address is clearly not official e.g. it’s common to find phishing emails pretending to be from Microsoft, but with a domain name which clearly isn’t Microsoft such as microsoft_support@yahoo.com 
  1. A Vague Greeting: Phishing emails are rarely sent to a single individual. Instead, hackers tend to send the same email to thousands upon thousands of different people. This approach ensures that there’s a higher chance of someone falling for the scam. However, addressing each email to each individual would be incredibly time consuming. Therefore, a sure sign of a phishing email is one that commences with a vague greeting such as “Dear Sir/Madam” or Dear Customer” 

  1. A Fake Link: Phishing emails almost always contain a link that takes users to either an infected website or downloads malicious software. And, often, these links will appear to be genuine. So, for example, there may be a phishing email that lands in your inbox from your bank that asks you to click a link to confirm some security details. However, while that link may read as bankofamerica.com it may be hiding a different destination. The only way to verify this without clicking is by hovering your mouse cursor over the link and verifying the address revealed in the popup box. 
  1. A Sense of Urgency: Hackers want you to click on the fake links contained within their phishing emails, so their approach tends to use fear to encourage clicking the link. Phishing emails, therefore, tend to carry some type of warning in order to trick you into thinking that it’s in your best interests to click the link. This can be as mundane as asking you to enter a survey to win a million dollars or more serious warnings such as the imminent closure of your bank account.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Understanding the Basics of Ransomware

Ophtek, Phishing, Ransomware, Secure Database, Secure Flashdrive, Secure Website, Security, Updates, , , , ,
07
May 2019

Ransomware has been causing trouble for businesses for many years, so it’s clearly a form of hacking which needs greater understanding to avoid its wrath.

The name ransomware sounds a little threatening and, as with all hacks, it’s hardly the friendliest of exchanges. However, whilst most forms of malware – which ransomware is a strain of – tend to disrupt day to day operations of your IT equipment by either stealing data or putting a strain on your network through DDoS attacks, ransomware is different. Not only does it disrupt your IT operations, but it also delivers a financial threat to your organization.

Due to the double whammy contained within ransomware, it’s crucial that you understand the basics of ransomware, so let’s take a quick look.

What is Ransomware?

Believe it or not, but the very first recorded ransomware attack dates back to 1989 when a hacker was able to hide the files of an infected PC on its hard drive and encrypt the file names. And, to be honest, modern day ransomware still operates in a similar, if not more sophisticated, manner.

Ransomware is a form of malware which, when executed on a user’s PC, is able to take over the victim’s system and encrypt their files. Naturally, files are essential for any organization to operate efficiently and to their maximum productivity, so this is clearly a very debilitating attack. However, to add insult to injury, the hackers then demand a ransom fee to release a key which can decrypt the files and return them to a usable state.

How is Ransomware Executed?

The most common method employed by hackers to execute ransomware on a user’s PC is through phishing emails. These emails, which appear to be genuine, are highly deceptive methods of communication which convince the recipients that they need to open an attachment bundled with the email. However, these attachments are far from genuine and the most likely result of clicking them is that malicious software such as ransomware will be executed.

How Can You Combat Ransomware?

With the average ransom fee demanded by ransomware totaling around $12,000, it’s clearly an irritation that your organization can do without. Thankfully, there are a number of actions you can take to protect your business:

  • Regularly Backup Your Data: As long as your data is regularly backed up, there should be no need to pay the ransom fee. With a comprehensive backup route in place you will be able to easily retrieve your files from an earlier restore point when they weren’t encrypted. 
  • Work with Anti-Malware Software: Most ransomware can be detected by anti-malware software, so it stands to reason that installing this software should make a significant difference to your defenses. Updating this software as soon as any patches or upgrades become available, of course, should be made a priority as it could make a real difference to falling victim to newly released ransomware. 

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

What is the Difference Between Malware, Ransomware and a Virus?

Cyber Attack, Cyber Security, email security, Hackers, Hacking, malicious code, Ophtek, Ransomware, Security, Security Threats, , , , ,
26
Mar 2019

The terminology used to describe various hacks and security threats usually includes the terms malware, ransomware and virus, but what exactly are these?

It can get a little confusing when discussing the various security concerns that are floating around and this confusion can lead to a lapse in security. After all, if you’re reading about malware, but don’t know exactly what it is you’re reading about, then you’re going to be unable to act against it. And that’s why we’re going to take the time today to explore each particular category in a little more detail.

What is Malware?

Malware is very much an all-encompassing term for any form of malicious software, so this can include ransomware and viruses. However, we’re going to cover those two categories in depth later, so for now we’ll look at some other types of malware:

  • Spyware: Installed on a user’s PC without their knowledge, spyware is software that can be used to track user activity and then transmit this to a remote server e.g. keystrokes can be recorded to determine and steal login details.
  • Bots: Capable of bringing entire networks to a halt, bots are a particularly troubling form of malware that can easily harness the power of an infected PC to carry out spam email campaigns or DDoS attacks.
  • Rootkits: Highly conspicuous and deceptive, rootkits allow hackers to take control of infected PCs from a remote location. Usually installed at a root level, hence the name, rootkits provide privileged access to the victim’s PC.

What is a Virus?

Much like the common cold, a computer virus is an infection which can spread quickly and effectively. Exposure to a computer virus usually occurs when the PC encounters an infected website or file. Following this exposure, the virus is downloaded to the PC and executed. And this can generate the following results:

  • The PC startup process can become corrupted and leave users unable to log on to their workstation.
  • Performance levels can suddenly drop as your PCs processing power is handed over to the virus’ tasks.
  • PCs can find themselves spammed by numerous popup adverts which, if they’re particularly virulent, can soon crash the computer or slow it down significantly.

What is Ransomware?

Ransomware has grabbed countless headlines over the last few years and it remains a pressing concern for any business. Most commonly spread through phishing emails, ransomware’s main objective is to extort a ransom in exchange for the release of files it has encrypted.

Once the ransom has been paid then the hackers should, in theory, supply a key to decrypt the files. However, it’s becoming increasingly common for hackers to take the ransom, which is usually demanded in untraceable cryptocurrency, and leave the compromised files encrypted.

Final Thoughts

Whether you find your PCs affected by malware, a virus or ransomware, it’s clear that they spell danger for your organization. It may sound a little clichéd, but when it comes to malicious software then prevention is the best cure. And one of the best ways to prevent your PCs from falling foul of infection is by educating yourself on exactly what you’re up against.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Cybersecurity in 2018: A Review

cyber attacks, Cyber Security, Security, Security Threats, , , ,
08
Jan 2019

2018, just like 2017 before it, was a year packed full of cyber-security threats that our network defenses constantly tried to keep at bay.

However, the sheer number of attacks that were launched throughout 2018 meant that it was inevitable that breaches would take place. Perhaps your organization was one of the lucky ones, perhaps you were just too late to get on board with good security practices and found yourself hacked. Either way, it’s almost certain that you encountered at least one form of hacking during the year. And, hopefully, your organization managed to, at the very least, learn from the situation and improve your defenses.

With 2018 coming to a close, I decided it was a good time to take a look back over the major threats we experienced to see what we could learn and how we can prepare for 2019.

Ransomware

2017 is known by many security insiders as ‘The Year of Ransomware’ as it appeared to be in the headlines constantly. However, in 2018 there was a sharp drop in ransomware activity. By the end of Q2 2018, Malwarebytes reported that ransomware had fallen out of favor with hackers and was now only ranked as the sixth most popular form of malware. It’s suspected that this drop in activity can be put down to a rise in user awareness of ransomware scams and, perhaps most importantly, the fact that organizations rarely paid any ransom fees. The threat of ransomware, of course, still remains albeit much reduced and vigilance remains key to avoid disruption.

Cryptomining

One of the main reasons for ransomware’s fall in popularity during 2018 is down to the increase in popularity of cryptomining malware. Kaspersky revealed that while ransomware infections have dropped by 30%, cryptomining infections rose by 44.5% over the same 12 month period. And this change in fortunes shouldn’t come as a big surprise. All ransomware guarantees is that a ransom demand will be issued, no incoming funds are guaranteed as organizations often refuse to pay due to having backups. With cryptomining, however, once the infection is in place, the hackers can begin to reap small financial benefits fairly soon.

Phishing Emails

Despite the crude appearance and execution of phishing emails, they remain one of the most deceptive threats out there to organizations. Capable of extracting highly sensitive data, phishing emails have continued to enjoy popularity with scammers and hackers. Data from Kaspersky demonstrates that the proportion of spam in email traffic reached 53.49% in September 2018 – up from 47.7% in April 2018. And, through Kaspersky’s defenses alone, just over 137 million attempts to direct users to scam websites were carried out through phishing methods.

Preparing for 2019

There’s never time to rest on your laurels in cyber-security and the data above clearly underlines this fact. While the recent horror stories of ransomware may, to a degree, be muted, this method of hacking has very quickly been replaced with the more discreet techniques of cryptomining. And this is all without mentioning the gargantuan risk posed from phishing emails which remain as popular as ever. Going into 2019, it’s crucial that your organization is aware of the signs, symptoms and ramifications of all the major hacking techniques they may encounter while at work. Only then will you stand your best chance of being protected.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Fileless Malware: The Rise of a New Threat

malware, Phishing Email, Ransomware, Security, , ,
18
Dec 2018

We’re all aware of the dangers of opening suspicious files, but what happens when hackers develop the skills to unleash malware without infected files?

Due to the popularity of file-based attacks, most security software concentrates on combating this particular avenue of hacking. And it’s certainly an effective method of shutting down most malware attacks before they’re able to steal or, in the case of ransomware, encrypt your data. Due to the success of blocking these attacks, hackers have had to go back to the drawing board and evolve their methods of attack in order to become less detectable.

The end result of this evolution has seen a rise in sophisticated hacking methods and, in particular, fileless malware is now beginning to grab headlines. And, due to the lack of knowledge of this development in hacking, attacks have increased in frequency and their success rate has also flourished. As fileless malware could easily hit your organization at any given time, it’s a good idea to educate yourself on the threat.

What is Fileless Malware?

You don’t have to be a security expert to understand that fileless malware is a malware variant which forgoes the use of infected files. Instead, fileless malware takes advantage of trusted Windows components such as PowerShell that are rarely checked for infections. PowerShell is hardly ever used by the average PC user, but it’s an important component that can be used to execute system administration tasks and, therefore, taking control of this is a hacker’s dream.

As mentioned, fileless malware does not involve the use of any files to infect a PC. The most common technique to launch an attack is through spam email which contains a link to an infected website. If that link is clicked then the user is transported to a spoof website where Flash player loads and, at the same time, activates a malicious script that accesses PowerShell on the victim’s PC. Infected PowerShell scripts are then downloaded which allow the hackers to collect sensitive data and transmit it back to a remote location.

How Do You Combat Fileless Malware?

Data leaks can be highly damaging not just for your staff and customers, but also your organization’s reputation. Therefore, with the advent of fileless malware, it’s essential that you understand how to protect your business from its malicious activity. To help you keep one step ahead of fileless malware, make sure you action the following:

  • If you don’t use PowerShell in your IT operations then disable it. This nullifies the threat of any PowerShell exploit. Additionally, the same applies to Windows Management Instrumentation which has also been discovered to be vulnerable to fileless malware.
  • Monitor the amount of data leaving your network. If there’s a spike in data leaving your network then it’s possible that this is the result of malware transmitting sensitive data to a remote hacker.
  • Don’t rely on antivirus software alone as this is less effective when it comes to fileless malware. Instead, practice vigilance and monitor any unusual emails.
  • Disable macros at all costs, unless they’re company approved, as macros are another tool employed by hackers as part of a fileless malware attack.
  • As ever, regularly update your software to reduce the chance of known software vulnerabilities being exploited.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 8 9 10 11 12 13