Posts Under Tag: Email

Strengthening the Weakest Link – The Ultimate Spear Phishing Defense

Not convinced your employees need the training?

Late in 2012 Trend Micro reported that 91% of targeted online attacks involved spear phishing, making this the most favored type of APT (Advanced Persistent Threat) attack. When spear phishing, attackers make use of information about prospective victims to increase their credibility, and the likelihood that recipients will “bite” (click a URL) in an e-mail or social media post. That’s why spear phishing attacks yield a 70% open rate because people extend trust to the putative source, if not to the actual attacker. Because of the portability and ease of spear phishing, its popularity will only continue to grow. Traditional methods don’t stop spear phishing because individual employees and customers open the doors to attackers. In these circumstances, the employee/victim becomes the weak link in IT security.

Today’s employees need next-generation security awareness training on a regular basis to keep them informed and your network protected.

“A staggering 91 percent of targeted attacks begin with a spear phishing email”

 

Introduction

Spear phishing is a CSO’s worst nightmare because it is the most di cult attack to protect against. The use of targeted social engineering, practically undetectable malware and zero-day exploits are just some of the reasons why this is so. Clever hackers use legitimate-looking emails from organizations like the IRS, local banks, or Internet portals, targeted directly at CEO’s and other executives and employees.

One such incident occurred in 2012 when business executives received personalized emails informing them that their company was under investigation for criminal fraud. The email looked like a legitimate email from the IRS, and the link in that email directed the recipient to a website that looked exactly like an IRS webpage. But when the target clicked on a link, a Trojan was loaded into their computer which would steal everything interactive in the person’s email account before it could be securely encrypted. The result of such attacks is that customers are 42% less likely to do business with a company that has fallen victim to spear phishing and a resulting data breach. Even worse, phishing costs brands and corporations more than 98 billion dollars a year.

A Sorry Security Situation

CSOs are responsible for a company’s entire security. As such they oversee network security and are the first person everyone turns to whenever there is a breach. People expect CSOs to protect the company and prevent such breaches, but spear phishing makes even a CSO more likely to be blindsided. Once a breach occurs it is up to CSOs to act quickly and protect the company before any damage is done. Hackers count on this and act quickly to get every ounce of information they can before a breach is closed. Those who don’t understand how spear phishing works may blame the CSO or the security software in use. However, even the best CSO and best security software on the planet can’t stop an intelligent and motivated hacker.

If CSOs are to do their jobs well, then not only must they have the best security hardware and software, they also need the support of well-educated staff, and the ability to test their staff and find any weak links in need of strengthening. With all possible ‘defense-in-depth’ components properly in place, an organization becomes a very hard target, causing hackers to move on to pursue easier game.

The Missing Link

Several missing components can prevent employees from unwittingly opening the door to hackers:

How do you make sure your employees are getting the best education?

How do you make sure after your employees are educated that they don’t make security mistakes anyway?

If you could find out if they might be vulnerable to spear phishing, how can you enlighten them?

If existing methods for educating employees were effective, then spear phishing wouldn’t remain problematic for so many companies. Thus, it is obvious that a different approach is called for.

Hackers aren’t just looking to get at a company’s financial records and information. They are also after source code and intellectual property. In fact, they are literally trying to steal the future of your company. Years of work in your R & D department could end up in the hands of a Chinese competitor thanks to a single click of a mouse from an untrained employee.

Spearphishing has become so endemic in corporate and government networks that there is a joint government operation in effect to counteract it. Per the FBI: “Instead of casting out thousands of e-mails randomly hoping a few victims will bite, spear phishers target select groups of people with something in common—they work at the same company, bank at the same financial institution, attend the same college, [or] order merchandise from the same website. The e-mails are ostensibly sent from organizations or individuals the potential victims would normally get e-mails from, making them even more deceptive…

Law enforcement takes this kind of crime seriously, and we in the FBI work cyber investigations with our partners, including the U.S. Secret Service and investigative agencies within the Department of Defense.”

During a recent Microsoft TechEd conference, held in June 2012, Proofpoint surveyed 339 IT professionals about their concerns regarding targeted phishing attacks and enterprise data loss risks. Half of all respondents (51%) believed that their organization were targeted by a phishing email in the past year designed specially to compromise their users.

Dramatic examples of recent spear phishing attacks include:

The White House – China-based hackers breached a network used by the White House Military Office. According to their website, this office provides military support for White House functions, including food service, presidential transportation, medical support and hospitality services. There is no clear report on what the hackers were trying to access. An Obama administration national security official simply said: “This was a spearphishing attack against an unclassified network.”

Google, Inc. – A US official says that the same group that attacked the White House also broke into Google. Among those targeted were people who work at the White House. It is presumed that they were hoping these people would discuss secure information or conduct administrative business using their personal Gmail accounts.

South Carolina Department of Revenue – According to an official report, “A malicious email was sent to multiple Department of Revenue employees. At least one Department of Revenue user clicked on the embedded link, unwittingly executed malware, and became compromised. The malware likely stole the user’s username and password.” These attackers then gained access to “millions of Social Security numbers, bank account information and thousands of credit and debit card numbers” SearchSecurity’s coverage notes that, “In addition to the 3.8 million people whose data were exposed, the breach included information on 1.9 million dependents. It also included data on 699,900 businesses. Information on 3.3 million bank accounts were also stolen.”

The New York Times – The same China-based hackers who have wreaked havoc on the White House, Google, and others have been named as the responsible parties for this breach, too. In this particular case, the newspaper blames Symantec’s antivirus software for not foiling a malware installation.

Attacks against Google, Adobe and at least a dozen other advanced persistent threats (APT) that have been publicly documented have been initiated at least in part through targeted spear phishing emails. By itself, software alone is not a completely effective defense.

SC Magazine reports:

“Researchers have noted an increase in spear phishing targeting numerous industries, primarily in the United States, where malware evades detection by hiding inside Windows help (HLP) files attached to emails. The HLP files are embedded in attachments that appear to users to be ZIP files. Once the ZIP files are opened, however, one of several backdoors will be downloaded, allowing an attacker to carry out a range of feats – from changing users’ passwords to logging keystrokes to capturing screenshots or a number of other information-stealing tactics sent from the command-and-control server.”

Strengthening the Weakest Link

There is an important conclusion to be drawn from all this recent news. Security products continue to become more advanced and sophisticated, and that will certainly help. But to cope with the current situation and future attacks, end-users must be educated and informed. The more knowledge they possess, and the better informed those users are about attacks, the less likely they are to fall prey to scammers, online or off.

We are also starting to see an increase of social engineering over the phone. Hapless users are being called on behalf of ‘Microsoft’ or well-known security software companies and directed to allow access to their computers. Educated end-users do not fall prey to such scams.

But how do you train jaded users? Users who think they know everything. Users who have heard it all and are more sophisticated than average users. It’s not good enough that the trainer is a highly regarded security expert. You need that training to come from someone who understands hacker culture and how hackers think.

Contact us to learn how you can protect yourself from these types of phishing scams. Call 920-885-0141.

Office 365 Email

The Benefits of Moving Email to Office 365

Benefits of Office 365 Migration

It is vital to have a reliable email system for your business in order to sustain communication aspects such as client contact, supplier contact, in-house communication, and sending of invoices among more. Without this essential aspect of communication, your business could easily be crippled. As technology advances, more reliable email solutions and systems such as the cloud hosted Office 365 from Microsoft have been developed to take over the traditional, on-premise Microsoft Exchange servers.

The Office 365 migration (that is the shift from the common Microsoft Office to Office 365) holds in store many benefits to your business. It gives you online access to your email, presence/communication, collaboration, and office web apps.<?p>

Here are the major benefits of Office 365 migration:

1. Enhanced accessibility (at any place and time)

With office 365, you can be able to access your email and any other office apps from any place and at any time. Cloud hosting enables easy access to mails, files and apps at the workplace, home or even when on the move. You no longer have to specifically sign in to your work desktop or laptop to view your email securely. Use your PC, tablet, Mac or even smartphone to view your emails even while on-the-go.

2. Save heavily on costs with the pay-as-you-go pricing

Office 365 is the ultimate platform for running cost-effective email solutions. With it you get to pay as you go, meaning you get more predictability and flexibility in the service. You can therefore buy as many licenses as you want and be able to scale up or scale down in a much simpler way than with the case of an on-premise server. This can save you huge up-front costs.

3. Automatic backing up of files

No one enjoys losing a file because it had not been saved early enough. It results in time wastage and too much hassle writing or creating another piece of the same. Office 365 takes away the hassle of saving these files from you. It automatically saves your files and provides back-up, ensuring that your latest version of any file is automatically updated and never lost.

4. Trusted source and high-end security

Office 365 is created by Microsoft, a trusted name in the tech industry. They have invested a lot of money in to the creation and running of the hosted service to ensure it’s the best in its category. This guarantees that the email solutions on Office 365 have more up-time, geo-redundancy, powerful security, and disaster recovery options.

5. Better communication through collaboration

Mis-communications can slow down your business operations or completely hamper them. Improve the efficiency of your business by moving your email to Office 365 and enhance collaboration within your business network. Everyone can have access to the same document at the same time, hence creating no room for mis-communications or misunderstandings.

6. Online conferencing

This is the age of online meetings and connections. Office 365 offers you the perfect conferencing tool to connect with your colleagues as you take notes, screen-share, and video chat through one application.

If you haven’t moved your email to Office 365 already, join the train now! Don’t let your competitors enjoy the benefits of email migration as you watch. Find out more on how Office 365 email migration can work for you.

Email Scams

10 Easy Ways to Spot Email Scams

The Dangers of Email Scams

Email scams continue to be a problem for both personal and professional email users for one simple reason – it’s an easy way for fraudsters to infiltrate even advanced IT security systems. Scam artists use email spam to spread viruses, commit identity theft, and even take control of entire businesses.

Here’s the top 10 ‘red flags’ that you can use to improve your email security and avoid falling prey to email-based scams:

Unknown Sender

Only open emails from senders who you are familiar with, or those who you would expect to get an email from. For example, if you suddenly start getting emails from a company you’ve never had any contact with, it could be an email scam.

ALL CAPS

Everyone knows that using all-caps is the online equivalent of shouting – it’s also a tactic used by scammers to entice you to open up a scam email.

No Subject

No subject on an email? Don’t open it – chances are good it’s an email scam.

Bad Grammar

Glaring problems with spelling and grammar can mean an email scam, as can words that contain characters (like #, @, or $) in the place of letters.

Odd Time Stamp

Unless your contacts include a number of known night-owls, you should be wary of opening emails that arrive at odd hours, especially if the sender isn’t familiar to you.

‘Link Only’ Content

If the body of the email is nothing more than a hyperlink (or hyperlinked text), don’t open the email.

Most Internet browsers let you hover your mouse cursor over linked text to reveal the hyperlink without actually opening the link. So, when in doubt, be sure to ‘preview’ every link.

Requests For Passwords

Some of the most sophisticated threats to email security that look like they’ve come from legitimate sources such as banks, e-commerce sites, and utility companies. These emails often have convincing text that explains an IT security breach has been detected, and you need to click on the embedded link to confirm your information and password. DON’T DO IT.

Unknown Attachments

Scammers often spread viruses by attaching a corrupt file to an email, and compelling the reader to open the attachment in order to gain access to important information.

High-Pressure Content

If the content of an email threatens immediate, serious consequences (such as a lawsuit or impending foreclosure on your home) you should be very, very suspicious that there’s a email scam involved.

Mismatched URLs

One good sign of email scams is mismatched URLs. Mismatched URLs means the hyperlinked sender address doesn’t match the URL that’s displayed when you hover your mouse over the address. This a strong sign the email is either a fraud or a threat to your IT security.

For More Information

While anyone can fall prey to an email scams, by learning how to spot these 10 tell-tell signs, you can reduce the chances that you’ll become a victim.

To learn more about how to protect yourself and your business against email spam, contact one of our IT security experts here at Inter-Quest, your full-service tech partner.