phishing Archives - Page 9 of 13

Coronavirus Malware Spreads Round the World

Ophtek, Phishing, Phishing Email, Security, Security Threatsmalware, Ophtek, phishing, securityOphtek, LLC

Feb 2020

The coronavirus is the latest health scare to be spreading across the globe. Hackers, as clever as ever, are using this fear to spread malware.

Hackers are innovative criminals and are constantly on the lookout for exploits. Sometimes these are software vulnerabilities that leave back door opens. But these exploits can also take the form of social engineering. And this is how hackers are taking advantage of the panic caused by the coronavirus.

It’s always important to safeguard your defenses with the best security software, but this isn’t enough. Threats such as social engineering require a concerted effort to be made by individuals. So that’s why we’re going to take a look at the threat posed by the coronavirus malware.

What is the Coronavirus Malware?

The entire planet is preparing and educating themselves for the fight against the coronavirus. Naturally, this means that millions of people are heading online to learn more about the disease. Now, although the internet poses no threat to your physical health, the same cannot be said for your digital security. And this is because cyber criminals are disguising malware as educational documents on the coronavirus.

These documents, which have been detected as docx, pdf and mp4 variants, promise to be helpful. But, rather than containing useful information on the coronavirus, these documents actually contain a wide range of malware threats. So far, Kaspersky, have identified 10 file variants that include various Trojans and worms. However, given the on-going threat of the coronavirus, it’s likely that the number of malware threats will increase.

The most common method to spread this malware is through phishing emails. And, as with all social engineering, the bait is very convincing. The emails claim to be distributed by the Centers for Disease Control and Prevention, but this is a false claim. If you look a little closer you will discover that the domain these are sent from is incorrect. The official domain for the CDC is cdc.gov but these malicious emails actually originate from cdc-gov.org. These emails contain a link which, rather than taking you to an advice page, takes you to a fake web page that aims to steal your credentials.

How to Protect Yourself Against the Coronavirus Malware

Hackers are using a variety of methods to exploit the coronavirus to cause digital chaos. Infected documents threaten the security of your PC systems and phishing emails have the potential to steal personal information. Therefore, you need to protect yourself by following these best practices:

Only Open Trusted Files: The only files that you should ever open on a PC are ones that come from a trusted source. If there’s even the smallest doubt over the legitimacy of a file you shouldn’t download it. Always check with an IT professional before going any further.

Always Hover Over Links: Emails, and websites, can easily display a web link which disguises its true destination. A link that, for example, claims it will send you to an official government website can easily send you somewhere else. However, if you hover your mouse cursor over a link, this will prompt a popup which displays exactly where it will take you.

Install Security Software: A sure fire way to avoid the wrath of malicious websites is by working with security software. These applications are regularly updated with details of malicious websites and will put an instant block on visiting them.

For more ways to secure and optimize your business technology, contact your local IT professionals.

What Should You Do When Your Network is Hacked?

Hackers, Hacking, malware, Ophtek, Password Security, PC Security, Securityhacking, Ophtek, passwords, phishing, securityOphtek, LLC

May 2019

A hacked network is a disaster for any organization, so keeping things secure is vital. However, sometimes things go wrong and you need to know what to do.

Your IT operations are supported by your IT network, so, if it gets hacked, there’s every chance that all those PCs you have lined up in your offices will be unable to operate. Naturally, this means that productivity will drop off almost immediately and affect not just you, but also your customers. With good IT practices in place, you significantly reduce the risk of this happening. Mistakes, be they caused by hardware or human error, are inevitable, though, and it’s rare that a business can claim to have defenses which are 100% secure.

Therefore, it’s important that you know what to do when your network is hacked. Rather than have you learn the hard way, through experience, we’re going to save you some of the pain with a quick guide on how to cope.

Steps to Take When You’re Hacked

Most importantly, you need to take the following steps when you discover your network has been hacked:

Put Everything On Lock Down: The stealthy nature of hackers means that it’s difficult and time consuming to determine exactly how much of your network the hackers have breached. So, in order to preserve as much as your network as possible, you have to assume the worst: they’ve gained access to everything. And that’s why you need to lock down and change passwords on everything be it folders on a shared drive or your social media accounts. This is the only way to minimize damage.

Run an Anti-Virus: Following a network breach, the next step taken by hackers is most commonly one that involves downloading and executing malware. This can range from helping to set up DDoS attacks, installing keylogger software to facilitate data theft or even executing ransomware attacks. It makes sense, therefore, to run your anti-virus software as a priority to prevent the network attack escalating further.

Understand What Allowed the Hack: Understanding the source of the hack is essential in understanding what has been compromised and also nullifying the security threat. So, for example, if you’re able to pinpoint the network breach to an infected email that was received, then it’s likely that everyone in the address book of that hacked account is at risk. Immediate action such as contacting those at risk can then be taken to help prevent the hack spreading further.

Learn from the Experience: As we’ve stated, it’s likely that your network will, at some point, experience a security disaster. However, while in the short term this may feel like nothing but non-stop chaos, there’s an important set of learning to be absorbed for the long term. Mistakes are what allow us to evolve and make better decisions in the future, so make sure you take the opportunity to analyze exactly what went wrong and the steps you can take to prevent it happening again.

Final Thoughts

A hacked network represents every IT professional’s worst nightmare, but it’s important that you understand the best steps to take in this situation. Not only does it prevent network hacks from escalating into more devastating hacks, but there’s also the chance to learn and strengthen for the next time hacker aims an attack at your network.

For more ways to secure and optimize your business technology, contact your local IT professionals.

What are the Telltale Signs of a Phishing Email?

Ophtek, Phishing, Phishing Email, Security, Security ThreatsOphtek, phishing, security, virusOphtek, LLC

May 2019

Email is an integral part of business communication for any organization with an IT structure, but there’s a significant danger posed by phishing emails.

When it comes to IT security, you want to make sure your defenses are as strong as possible in order to repel any hackers. However, human error will always play a factor in this and hackers are well aware of this vulnerability. Phishing emails are the latest evolution in the age old scenario of a confidence trick and present a major issue not just to individuals and businesses, but also political parties. Given the damage that phishing emails can cause to your data security and IT infrastructure, it’s important to understand the telltale signs of a fishing email, so let’s take a look.

Four Telltale Signs of a Phishing Email

If you know what you’re dealing with then a phishing email can be quickly identified and deleted from your server within a few seconds. However, understanding what does and doesn’t make a phishing email is a learning curve. In order to get up to speed on what constitutes a phishing email make sure you look out for the following:

A Suspicious Email Address: Although it’s possible to mask the true identity of the original sender of a phishing email, the chances are that the hacker will instead use an email address that appears to be genuine but, upon investigation, is false. A good case in point is when the email address is clearly not official e.g. it’s common to find phishing emails pretending to be from Microsoft, but with a domain name which clearly isn’t Microsoft such as microsoft_support@yahoo.com

A Vague Greeting: Phishing emails are rarely sent to a single individual. Instead, hackers tend to send the same email to thousands upon thousands of different people. This approach ensures that there’s a higher chance of someone falling for the scam. However, addressing each email to each individual would be incredibly time consuming. Therefore, a sure sign of a phishing email is one that commences with a vague greeting such as “Dear Sir/Madam” or Dear Customer”

A Fake Link: Phishing emails almost always contain a link that takes users to either an infected website or downloads malicious software. And, often, these links will appear to be genuine. So, for example, there may be a phishing email that lands in your inbox from your bank that asks you to click a link to confirm some security details. However, while that link may read as bankofamerica.com it may be hiding a different destination. The only way to verify this without clicking is by hovering your mouse cursor over the link and verifying the address revealed in the popup box.

A Sense of Urgency: Hackers want you to click on the fake links contained within their phishing emails, so their approach tends to use fear to encourage clicking the link. Phishing emails, therefore, tend to carry some type of warning in order to trick you into thinking that it’s in your best interests to click the link. This can be as mundane as asking you to enter a survey to win a million dollars or more serious warnings such as the imminent closure of your bank account.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Understanding the Basics of Ransomware

Ophtek, Phishing, Ransomware, Secure Database, Secure Flashdrive, Secure Website, Security, UpdatesOphtek, phishing, ransomware, security, updates, vulnerabilityOphtek, LLC

May 2019

Ransomware has been causing trouble for businesses for many years, so it’s clearly a form of hacking which needs greater understanding to avoid its wrath.

The name ransomware sounds a little threatening and, as with all hacks, it’s hardly the friendliest of exchanges. However, whilst most forms of malware – which ransomware is a strain of – tend to disrupt day to day operations of your IT equipment by either stealing data or putting a strain on your network through DDoS attacks, ransomware is different. Not only does it disrupt your IT operations, but it also delivers a financial threat to your organization.

Due to the double whammy contained within ransomware, it’s crucial that you understand the basics of ransomware, so let’s take a quick look.

What is Ransomware?

Believe it or not, but the very first recorded ransomware attack dates back to 1989 when a hacker was able to hide the files of an infected PC on its hard drive and encrypt the file names. And, to be honest, modern day ransomware still operates in a similar, if not more sophisticated, manner.

Ransomware is a form of malware which, when executed on a user’s PC, is able to take over the victim’s system and encrypt their files. Naturally, files are essential for any organization to operate efficiently and to their maximum productivity, so this is clearly a very debilitating attack. However, to add insult to injury, the hackers then demand a ransom fee to release a key which can decrypt the files and return them to a usable state.

How is Ransomware Executed?

The most common method employed by hackers to execute ransomware on a user’s PC is through phishing emails. These emails, which appear to be genuine, are highly deceptive methods of communication which convince the recipients that they need to open an attachment bundled with the email. However, these attachments are far from genuine and the most likely result of clicking them is that malicious software such as ransomware will be executed.

How Can You Combat Ransomware?

With the average ransom fee demanded by ransomware totaling around $12,000, it’s clearly an irritation that your organization can do without. Thankfully, there are a number of actions you can take to protect your business:

Regularly Backup Your Data: As long as your data is regularly backed up, there should be no need to pay the ransom fee. With a comprehensive backup route in place you will be able to easily retrieve your files from an earlier restore point when they weren’t encrypted.

Work with Anti-Malware Software: Most ransomware can be detected by anti-malware software, so it stands to reason that installing this software should make a significant difference to your defenses. Updating this software as soon as any patches or upgrades become available, of course, should be made a priority as it could make a real difference to falling victim to newly released ransomware.

Educate Your Staff: The main line of defense between your network and hackers are the staff that regularly connect to your network. It only takes one mistake by your staff for ransomware to take hold of your entire network, so it’s vital that your staff is regularly refreshed on the dangers of ransomware.

For more ways to secure and optimize your business technology, contact your local IT professionals.

What is the Difference Between Malware, Ransomware and a Virus?

Cyber Attack, Cyber Security, email security, Hackers, Hacking, malicious code, Ophtek, Ransomware, Security, Security Threatsmalware, Ophtek, phishing, ransomware, security, vulnerabilityOphtek, LLC

Mar 2019

The terminology used to describe various hacks and security threats usually includes the terms malware, ransomware and virus, but what exactly are these?

It can get a little confusing when discussing the various security concerns that are floating around and this confusion can lead to a lapse in security. After all, if you’re reading about malware, but don’t know exactly what it is you’re reading about, then you’re going to be unable to act against it. And that’s why we’re going to take the time today to explore each particular category in a little more detail.

What is Malware?

Malware is very much an all-encompassing term for any form of malicious software, so this can include ransomware and viruses. However, we’re going to cover those two categories in depth later, so for now we’ll look at some other types of malware:

Spyware: Installed on a user’s PC without their knowledge, spyware is software that can be used to track user activity and then transmit this to a remote server e.g. keystrokes can be recorded to determine and steal login details.
Bots: Capable of bringing entire networks to a halt, bots are a particularly troubling form of malware that can easily harness the power of an infected PC to carry out spam email campaigns or DDoS attacks.
Rootkits: Highly conspicuous and deceptive, rootkits allow hackers to take control of infected PCs from a remote location. Usually installed at a root level, hence the name, rootkits provide privileged access to the victim’s PC.

What is a Virus?

Much like the common cold, a computer virus is an infection which can spread quickly and effectively. Exposure to a computer virus usually occurs when the PC encounters an infected website or file. Following this exposure, the virus is downloaded to the PC and executed. And this can generate the following results:

The PC startup process can become corrupted and leave users unable to log on to their workstation.
Performance levels can suddenly drop as your PCs processing power is handed over to the virus’ tasks.
PCs can find themselves spammed by numerous popup adverts which, if they’re particularly virulent, can soon crash the computer or slow it down significantly.

What is Ransomware?

Ransomware has grabbed countless headlines over the last few years and it remains a pressing concern for any business. Most commonly spread through phishing emails, ransomware’s main objective is to extort a ransom in exchange for the release of files it has encrypted.

Once the ransom has been paid then the hackers should, in theory, supply a key to decrypt the files. However, it’s becoming increasingly common for hackers to take the ransom, which is usually demanded in untraceable cryptocurrency, and leave the compromised files encrypted.

Final Thoughts

Whether you find your PCs affected by malware, a virus or ransomware, it’s clear that they spell danger for your organization. It may sound a little clichéd, but when it comes to malicious software then prevention is the best cure. And one of the best ways to prevent your PCs from falling foul of infection is by educating yourself on exactly what you’re up against.

For more ways to secure and optimize your business technology, contact your local IT professionals.

« Previous 1 … 7 8 9 10 11 … 13 Next »

Tag Archives: phishing

What is the Coronavirus Malware?

How to Protect Yourself Against the Coronavirus Malware

Steps to Take When You’re Hacked

Final Thoughts

Four Telltale Signs of a Phishing Email

What is Ransomware?

How is Ransomware Executed?

How Can You Combat Ransomware?

What is Malware?

What is a Virus?

What is Ransomware?

Final Thoughts