Phishing alert: scammers now use encryption

, , , ,

When you visit an encrypted website, the connection between the source of the web page and your browser is secure. Encryption ensures users’ browsing habits are safe from hackers’ prying eyes, but phishing scammers have found a way to adopt it for their own schemes.

How hackers use encryption to carry out phishing scams

According to recent research, 24% of phishing scams in 2017 use web encryption — an astounding increase from last year’s 3%. This means more HTTPS sites may not be truly safe.

Phishing scammers rely on their victims to do what they ask, which is why it’s so effective. And with this new trick, unsuspecting users are more likely to be deceived. What makes this encryption-aided scam even more effective — and dangerous — is that it makes hackers’ phishing email or text that much more authentic-looking.

For example, if you receive an email that purports to be from Amazon and includes a link to an encrypted site, there’s now a slightly higher chance you’d believe this email is the real deal. Clearly, if you’ve never purchased anything from Amazon, you’d know that this is a fake. But then again, there are millions of Amazon customers who could be misled into thinking that that email is legitimate.

Does encryption mean a safer internet?

With organizations like the Internet Security Research Group and Google promoting encryption, the world wide web should be a safer place, but that’s not necessarily the case. In fact, encrypting more legitimate websites could simply result in an increased number of encrypted phishing sites.

It may also be useful to know that not all phishing sites use encryption. Many phishing scams are still carried out using websites that may or may not be encrypted.

What you can do to ensure safety

This isn’t meant to cause panic, and despite this new phishing tactic, encryption is still an essential security tool that every business must implement.

Websites with HTTPS are still much safer than unencrypted ones. This is why it’s more important than ever to be vigilant when visiting suspicious sites and clicking on links. If you receive an email from PayPal asking you to verify your bank account details or password to a seemingly secure link, be wary. Some phishing scams are easy to detect, but some are not.

Practice extreme caution when responding to requests for sensitive data. Consider the source of the message, think before clicking, and don’t hesitate to seek the advice of an expert in case you have doubts. Phishers succeed only if you do what they ask you to do.

Phishing and other cyber scams are constantly getting upgrades, and no single solution can prevent hackers from attacking you. But your business could be much safer with the right cyber security protections in place. If this is exactly what you need, get in touch with our cyber security technicians.

Published with permission from TechAdvisory.org. Source.

HP laptop users beware: keylogger found

, , , , , , , ,

You might be entering credit card details on a website to purchase something online or filling in your personal information to subscribe to a service, thinking you’re safe behind the keyboard. And you probably are — if the computer you’re using doesn’t have a keylogger installed. But for HP laptop users, chances are they aren’t so lucky. Read on to see why.

What are keyloggers?

Keyloggers are hardware devices or software programs that record every key you press on your computer’s keyboard. Most keyloggers can also capture screenshots and send them to a remote computer where someone is waiting to see what you’re up to.

And why does this matter? Because hackers can steal your usernames and passwords, keep track of the messages you send via instant messaging apps or emails, and other personal information you disclose on online forms. Imagine what they can do with all that data.

A keylogger spotted on hundreds of HP laptops

In early December, a security researcher discovered a keylogger pre-installed on an HP laptop. This led to the revelation that more than 460 HP laptop models, including ProBook, Pavilion, EliteBook, and the Envy line include the Synaptics touchpad driver — which can be used as a keylogger.

Even though the keylogger on those HP laptops isn’t activated by default, an attacker who gains access to your laptop can enable it without much difficulty. HP themselves said the keylogger code had been added to the software by mistake and they’ve since released patches to fix the issue.

What should HP laptop users do?

If you own an HP laptop, check whether you’re affected by referring to this full list of affected models. If your laptop model is on the list, click on the link provided on the right side of the model name and download the security patch immediately to remove the keylogger from your computer.

How to protect yourself from keyloggers

The standard security measures — which you should be taking to heart and keeping up to date — can help protect you from keyloggers. You should avoid suspicious websites and never download files from them, and take extra care when opening attachments, text messages, or social media links from unknown senders since they can be embedded with a keylogger.

You should also have antivirus software installed and keep it up to date. Most antivirus software nowadays has already added keyloggers to their databases. It’s also good to be aware of the latest security patches from your hardware manufacturers and software developers since they’re made to fix current vulnerabilities.

And to make things even more secure, consider using one-time passwords and two-step verifications when you need to log in to important online services, such as those related to personal finance or services that require sensitive personal data.

Need more tips and tricks on how to protect yourself and your business from cyber espionage? Talk to our security experts today. They will be more than happy to explain IT security issues to you in plain English!

Published with permission from TechAdvisory.org. Source.

Steer clear from these types of malware

, , , , , , ,

Did you know that viruses, ransomware, spyware, and trojans are all categorized as types of malware? Having been around for decades, these cyber threats have grown both in number and intensity. Needless to say, it pays to know how each of them works as well as how to protect your business.

Viruses

Once created to annoy users by making small changes to their computers, like altering wallpapers, this type of malware has evolved into a malicious tool used to breach confidential data. Most of the time, viruses work by attaching themselves to .exe files in order to infect computers once the file has been opened. This can result in various issues with your computer’s operating system, at their worst, rendering your computer unusable.

To avoid these unfortunate circumstances, you should scan executable files before running them. There are plenty of antivirus software options, but we recommend choosing one that scans in real-time rather than manually.

Spyware

Unlike viruses, spyware doesn’t harm your computer, but instead, targets you. Spyware attaches itself to executable files and once opened or downloaded, will install itself, often times completely unnoticed. Once running on your computer, it can track everything you type, including passwords and other confidential information. Hackers can then use this information to access your files, emails, bank accounts, or anything else you do on your computer.

But don’t panic just yet, you can protect yourself by installing anti-spyware software, sometimes included in all-purpose “anti-malware” software. Note that most reputable antivirus software also come bundled with anti-spyware solutions.

Adware

Are you redirected to a particular page every time you start your browser? Do you get pop ups when surfing the internet? If either situation sounds familiar, you’re likely dealing with adware. Also known as Potential Unwanted Programs (PUP), adware isn’t designed to steal your data, but to get you to click on fraudulent ads. Whether you click on the ad or not, adware can significantly slow down your computer since they take up valuable bandwidth. Worse still, they’re often attached with other types of malware.

Some adware programs come packaged with legitimate software and trick you into accepting their terms of use, which make them especially difficult to remove. To eradicate adware, you’ll need a solution with specialized adware removal protocols.

Scareware

This type of malware works like adware except that it doesn’t make money by tricking you into clicking on ads, but by scaring you into buying a software you don’t need. An example is a pop up ad that tells you your computer is infected with a virus and you need to buy a certain software to eliminate it. If you fall for one of these tactics and click on the ad, you’ll be redirected to a website where you can buy the fake antivirus software.

Scareware acts more like a diversion from the other malware that often comes with it. A good antivirus solution will help scan for scareware too, but you should patch your operating systems regularly just to be safe.

Ransomware

Ransomware has become increasingly common and hostile. It encrypts your computer files and holds them hostage until you’ve paid a fee for the decryption code. Because ransomware comes with sophisticated encryption, there aren’t many options unless you have backups of your data.

There are some tools that can protect against ransomware but we recommend that you backup your data and practice safe web browsing habits.

Worms

Similar to viruses, worms replicate themselves to widen the scope of their damage. However, worms don’t require human intervention to replicate themselves as they use security flaws to transmit from one computer to the next, making them far more dangerous than your typical virus. They often spread via email, sending emails to everyone in an infected user’s contact list, which was exactly the case with the ILOVEYOU worm that cost businesses approximately $5.5 billion worth of damage.

The easiest ways to protect your network from worms is to use a firewall to block external access to your computer network, and to be careful when clicking on unknown links in your email or unknown messages on social media.

Trojans

Usually downloaded from rogue websites, Trojans create digital backdoors that allow hackers to take control of your computer without your knowledge. They can steal your personal information, your files, or cause your computer to stop working. Sometimes hackers will use your computer as a proxy to conceal their identity or to send out spam.

To avoid trojan attacks, you should never open emails or download attachments from unknown senders. If you’re skeptical, use your antivirus software to scan every file first.

In order to keep malware at bay, you need to invest in security solutions with real-time protection and apply security best practices within your office. If you have any questions or concerns, or simply need advice on how to strengthen your business’s security, just give us a call and we’ll be happy to help.

Published with permission from TechAdvisory.org. Source.

Beware: Nyetya is worse than WannaCry

, , , , , ,

The cyber community hasn’t fully recovered from the WannaCry ransomware attacks, which struck businesses and organizations in May. Now, a Petya ransomware variant named Nyetya is poised to join its ranks as one of the worst cyber attacks in history. Like WannaCry, its attackers exploited unpatched Microsoft vulnerabilities and demanded a $300 ransom in Bitcoins. But there are key differences between the two that are worth taking a look.

Worse than WannaCry

Nyetya is deemed worse than WannaCry mainly because it spreads laterally, meaning it targets computers within networks and affects even systems that have been patched. Because it also spreads internally, it needs to infect only one device to affect several others within a single network.

Cyber researchers trace its origins to a tax accounting software called MEDoc, which infected 12,500 systems in Ukraine. Since the initial infections in June, it has spread to thousands of networks in 64 countries. And although it hasn’t spread as fast as WannaCry, it might have a wider reach soon because it uses three attack pathways to infect a system. It hasn’t made as much money as WannaCry, which is why cyber researchers are concluding that the attacks are not economically motivated.

Don’t pay the ransom

Cyber security firms and researchers strongly recommend affected businesses to avoid paying the ransom. According to them, paying the ransom would be a waste since the infected user won’t be able to receive a decryption key to unlock their files or systems. This is because the email provider has blocked the email address on the ransomware message.

Although it operates like a ransomware — locking hard drives and files and demands a $300 ransom in Bitcoin — it functions more as a wiperware that aims to permanently wipe out data and/or destroy systems. So far, it has affected big-name multinationals in various industries, including Merck, Mondelez International, and AP Moller-Maersk, among others.

Perform backups and update outdated security patches

The only way businesses can be protected is by performing backups and staying on top of patch updates.

It’s safe to say that in case of a Nyetya attack, there’s no chance of getting back your data. In such a scenario, you would have only your backup files — whether on an external storage or in the cloud — to fall back on. But backing up is not enough; you should also ensure that your backups are working, which you can do by testing them regularly. Given the nature of Nyetya, you should also make sure that your backups are stored off-site and disconnected from your network.

Like its predecessor, Nyetya exploited vulnerabilities in unpatched Microsoft-run computers. As a business owner, make it a part of your cyber security routine to update your systems with the latest security patches, or risk having your files or systems permanently corrupted.

As a business owner whose operations’ lifeline depends on critical files, your backups are your insurance. If your systems’ network security needs another layer of protection, get in touch with us today.

Published with permission from TechAdvisory.org. Source.

Outdated firmware is worse than you realize

, , , , ,

2017April18Hardware_CAs workplace IT gets more and more hi-tech, the average user gets further from the building blocks that keep it running. At times that seems like a good thing, but if you aren’t aware of the most basic aspects of your hardware, you could be vulnerable to a nasty cyber attack. Make sure you’re secure with the help of our firmware advice.

What is firmware?

Firmware is a very basic type of software that is embedded into every piece of hardware. It cannot be uninstalled or removed, and is only compatible with the make and model of the hardware it is installed on. Think of it like a translator between your stiff and unchanging hardware and your fluid and evolving software.

For example, Windows can be installed on almost any computer, and it helps users surf the internet and watch YouTube videos. But how does Windows know how to communicate and connect with your hardware router to do all that? Firmware on your router allows you to update and modify settings so other, more high-level, pieces of software can interact with it.

Why is firmware security so important?

Firmware installed on a router is a great example of why addressing this issue is so critical. When you buy a router and plug it in, it should be able to connect devices to your wireless network with almost zero input from you. However, leaving default settings such as the username and password for web browser access will leave you woefully exposed.

And the username and password example is just one of a hundred. More experienced hackers can exploit holes that even experienced users have no way of fixing. The only way to secure these hardware security gaps is with firmware updates from the device’s manufacturer.

How do I protect myself?

Firmware exploits are not rare occurrences. Not too long ago, a cyber security professional discovered that sending a 33-character text message to a router generated an SMS response that included the administrator username and password.

Unfortunately, every manufacturer has different procedures for checking and updating firmware. The best place to start is Googling “[manufacturer name] router firmware update.” For instance, if you have a DLink of Netgear router, typing “192.168.0.1” into a web browser will allow you to access its firmware and update process, assuming you have the username and password.

Remember that routers are just one example of how firmware affects your cyber security posture. Hard drives, motherboards, even mouses and keyboards need to be checked. Routinely checking all your devices for firmware updates should be combined with the same process you use to check for software updates.

It can be a tedious process, and we highly recommend hiring an IT provider to take care of it for you. If you’re curious about what else we can do to help, give us a call today!

Published with permission from TechAdvisory.org. Source.

Popular printer brands are prone to attacks

, , , , ,

2017February23_Hardware_CDo you have security measures in place for your office’s printers? By “security,” we don’t mean locked doors or watchful guards; we’re referring to security against hackers that use printers as a weapon. Despite many companies going paperless, printers are still essential in most offices. And based on recent reports, popular printer brands are targeted for corruption.

Which printers are prone?

Based on the study made by Ruhr University Bochum researchers, printer brands such as Hewlett Packard (HP), Brother, Dell, Samsung, and several others are prone to different types of cyber attacks. Online printers from these brands could serve as cyber criminals’ path in which to steal credentials, corrupt a printer, or leak sensitive data from printed documents obtained through a printer’s memory.

Printers serve the basic purpose of turning computer documents into paper and have never been a typical entry-point of hackers’ attacks. Government and corporate offices, business establishments, non-profit organizations, and homes own one, and when you think about the fact that most printers are linked to computer owners’ internal networks, this expansion of cyber theft to printers begin to make even more sense.

How can attacks be made?

Researchers identified security vulnerabilities that would enable hackers to corrupt common printer languages such as PostScript and PJL, which they could then use to launch Distributed Denial-of-Service attacks or reset the corrupted printer to its factory defaults, also termed as ‘protection bypass.’ Other ways in which hackers could exploit their access are through print job manipulations, which could lead to minor cases of printing corruptions or persistent printing distortions, and information disclosure, the leaking of sensitive information.

What safety measures are being developed?

The researchers who discovered the vulnerabilities developed the PRinter Exploitation Toolkit (PRET), a program designed to determine if a printing device is a likely target. This toolkit ‘connects to a device via network or USB and exploits the features of a given printer language, and is complemented by a wiki page that documents attacks made. It’s worth noting that more printer models and brands haven’t been tested due to the team’s lack of resources. But with this open-source toolkit, vulnerabilities of many brands and models may soon be identified.

Stealing information online is far from being a novelty in cyber security. But to do so through printers requires a special set of skills. It’s too soon to tell whether this form of cyber thievery is going to pose serious threats in the future, but regardless of how further studies progress, failing to implement security protocols for your network can cost you dearly. Get ready for any security threat by contacting our security experts now.

Published with permission from TechAdvisory.org. Source.

The ransomware that makes you sell your soul

, , , ,

2016december28_security_cRansomware has become a fast-track for making money for some hackers this holiday season. But instead of just demanding a small payment for the decryption code that will unlock their computers, some hackers are demanding that victims sacrifice two other friends to ensure they receive the code they need. Read more to find out what makes Popcorn Time such a devious program and how you can avoid becoming one of its victims.

Ransomware is nothing new. Cybersecurity miscreants have been taking advantage of online users for years by requiring payment to “unlock” a victim’s computer. What Popcorn Time does differently is give users the option to spread the virus to two other victims in the hopes that they will pay the ransom — a tactic that promises to double their money at the expense of your sense of morality (and at the expense of your friendships as well).

The Cost of Popcorn

When you inadvertently download this ransomware, you will be met with a screen that explains that your files have been hijacked/encrypted, and that to get them back you will need to pay one Bitcoin for a decryption key that they keep stored remotely. The Bitcoin fee is usually more than $700, a hefty price to pay during any season but particularly difficult for those infected during the holiday season.

Spread the “Holiday Cheer” and Hope they Bite

What makes Popcorn Time unique is the option victims have to take their cost away by allowing the ransomware to affect two of their friends for a chance to get a free decryption code. Of course, it works only if both friends pay the ransom, which leaves you looking (and feeling) like the Grinch.

Avoiding Popcorn Time this Season

The easiest way to avoid downloading ransomware is to stay off of sites that might contain questionable files. However, this is nearly impossible for modern users, and many hackers are getting good at making their files look legitimate. Limit your exposure to potential ransomware by keeping your software up-to-date and your computer protected with a security program from a reputable company (for example Norton or Symantec). If you need to learn more about how to avoid running into ransomware while you’re online, give our professional cybersecurity consultants a call. We’ll keep you away from the popcorn this season.

Published with permission from TechAdvisory.org. Source.

2016’s possible security problems

0 Comments , , , , , , ,

Organizing business and personal tasks and meetingsAs shown by recent high-profile hacking scandals – targeting everyone from Sony Entertainment to the extramarital-affair-facilitating website Ashley Madison – cyber crime shows no sign of disappearing any time soon. In fact, experts predict that 2016 is going to be an even busier year for cyber criminals, hackers and scammers. So what do you need to know in order to be able to keep your small or medium-sized business safe next year? Here we take a look at what could be in store.

If you think that only big corporations and prominent organizations are targeted by cyber criminals, you are making a deadly mistake. It might be tempting to sweep cyber crime under the carpet and assume that you are flying below the average hacker’s radar, but that simply isn’t true. In fact, it’s the polar opposite, since smaller enterprises are actually far more likely to be at risk than larger ones, owing to their typically less sturdy security postures.

So where does that leave you as a small or medium-sized business owner or manager? Does it mean you need to be taking your cyber security even more seriously? You can bet your bottom dollar it does, as industry experts predict that 2016 is only going to become more of a minefield when it comes to online crime.

The headline trend that IT security professionals pinpointed this year was that no longer were criminals hacking into websites purely to bolster their bank accounts. 2015 has seen the emergence of another strain of hackers, launching cyber attacks as part of a moral crusade. These people are not purely after money although in some cases this may also be a contributing factor – instead, their claimed motivation is revenge, or righting what they perceive as wrong. It is this diversification in the hacking community that has led security watchers to predict that, as we enter 2016, we are likely to see some different behavior from hackers.

Among the unpleasant predictions being made, a number of experts agree that hacks of a destructive nature will be on the rise. The fact that hackers are using attacks for retribution rather than simple monetary gain means that a wider cross-section of organizations may well find themselves being preyed upon, all the way from government agencies – traditionally ignored by hackers – to online retailers and other commercial websites.

Remember when Snapchat got hacked back in October 2014, and the hackers threatened to make public as many as 200,000 photos? Well, the bad news is that apps are going to continue to be targeted. In particular, those mobile apps that request access to your list of contacts, emails and messages can, in the wrong hands, be used to create the kind of portal that enables a cyber criminal to steal data or gain access to a company’s entire network. All this means that in 2016, hackers could be taking advantage of apps to do more than just steal your social media photos – they might have in mind the takedown of your entire company.

As a local business owner, social engineering – a means of tricking an individual into disclosing revealing or personal information about themselves or their company – is something you definitely need to be concerned about. You might pride yourself on being too savvy to fall for a cyber criminal’s tricks, but what about your employees? Can you be sure that each and every one of them exhibits the same amount of self control, cynicism, and wariness that you do? Not only that but, as we enter a new era of online threats, the criminals that use social engineering are growing in confidence and creativity. Dodgy emails from a bizarrely named sender containing a link to an unheard-of website are yesterday’s news. Modern social engineering is highly evolved and extremely cunning, and has the potential to convince even the most streetwise internet user.

How confident are you that your entire team of employees would be completely infallible in the face of a stealth attack from a seemingly innocent source? Could you trust them to restrain from divulging not only their personal details but also information pertaining to your company? Multiply the number of employees in your company by the number of phone apps they potentially use, and add to that the fact that any one of them could at any time be targeted by a social engineering scam, and the end result is a less-than-perfect security posture.

The sad fact is that there are people who want to do you harm – regardless of whether you hold confidential information about celebrity salaries, or are privy to a database full of cheating spouses. People, no matter how well meaning or vigilant, are the weakest link in any security chain, which means that ensuring your business’s safety necessitates educating your staff and ensuring that your network is impenetrable.

Professional training and a vulnerability assessment are two great places to start, so why not get in touch with us? We’ll make sure your business is as hack-proof as it can be.

Published with permission from TechAdvisory.org. Source.

6749 S. Westnedge Ave

Suite K, #128

Portage, MI 49002-3556

Southwest Michigan: (269) 290-7137

St. Louis: (314) 558-0623

Toll Free: (877) 288-5527

© 2022 Brain Trust Technologies, LLC. All Rights Reserved