What Is Phishing and How Can You Protect Your Business From an Attack?
Last year in August, staff at MacEwan University, a school in Edmonton, Canada, received an email from a major vendor stating they had recently changed their electronic banking information and needed payments to be sent to a new account.
Assuming their trusted business partner was just going through some changes, the university complied and transferred three payments to the new bank account within a span of 10 days.
But four days later, MacEwan University received a phone call from this same vendor asking them why they hadn’t paid their fees yet. Perplexed by the call, the university told them they had just transferred the payments to their new bank account.
The vendor had no idea what they were talking about.
Unfortunately, this bank account didn’t actually belong to MacEwan’s vendor. It belonged to cyber criminals in Canada and Hong Kong. And MacEwan University had just transferred them $11.8 million.
Eventually, the university discovered the email requesting them to transfer their payments to the new bank account was actually fraudulent and a prevalent form of cyber attack that thousands of businesses fall victim to every year — phishing.
Phishing is the most common type of cyber attack. Criminals impersonate brands, banks, executives, and trusted business partners to manipulate people into downloading malware or ransomware, or visiting fake websites that trick them into handing over confidential credentials, like company passwords, credit card details, bank login information, and social security numbers.
Most cyber criminals deploy phishing attacks through email, like the picture below, but some have also started to exploit social media, messaging apps, and text message to steal people’s personal information.
With over 135 million phishing attacks attempted every single day and 97% of people not being able to identify a phishing email, this cybercrime could wreak havoc on your brand and bottom line.
Last year, the FBI proposed phishing attacks costs U.S. businesses $5 billion per year, and according to Deloitte, 33% of consumers would end their current relationship with businesses who fall victim to cybersecurity breaches, even if they don’t personally affect them.
So how do you defend your customers and employees from phishing without making them your brand’s first line of defense? Here are three shields you can leverage to protect your brand from these prevalent attacks.
How to Protect Your Business From Phishing Attacks 1. Build a DMARC record.
DMARC (Domain-based Message Authentication Reporting and Conformance) is a cutting-edge email authentication protocol that leverages two other authentication protocols, SPF (Sender Policy Framework), and DKIM (DomainKeys Identified Mail) to verify legitimate messages sent from your domain and block fraudulent emails that appear to be sent from your domain.
These email authentication protocols are rather technical, so in a nutshell, SPF is a record of IP addresses that are authorized to send emails on your behalf that email service providers check against, and DKIM is a verification process that leverages cryptographic authentication.
DMARC is the only technology that can ensure your “header from” address (what your users usually look at first when they see your emails), is trustworthy. To do this, they’ll only authenticate email messages that pass SPF authentication and SPF alignment or DKIM authentication and alignment. If an email message fails SPF authentication or alignment and DKIM authentication or alignment, it’ll fail DMARC.
Picture Credit: Return Path
DMARC also allows you to tell email service providers what they should do with any fraudulent mail that appears to be sent from your domain. You can either monitor all of your emails, move unauthenticated messages to users’ spam folders, or decide not to deliver this type of mail at all to inboxes on your server.
Additionally, email service providers will regularly send you forensic DMARC reports, showing you which emails are authenticating, which ones are not, and why. To build your DMARC record in 15 minutes or less, check out this guide from Return Path, an email marketing optimization software.
2. Train customers and employees to spot an attack.
According to PhishMe, a phishing defense solution, companies who train employees to identify and report attempted phishing attacks only have a 5% susceptibility rate to phishing, even though phishing attempts grew 65% last year.
To help employees and customers spot one of these attacks and better defend your business, teach them these common phishing markers:
Poor Spelling, Grammar, or Writing
A lot of amateur cyber criminals don’t take the time to craft clear and convincing emails, which brands always seem to do, and foreign cyber criminals will usually rely on Google Translate to translate their messages. So if you receive a poorly written email from a seemingly legitimate sender, take caution.
Suspicious URLs
Most phishing emails lure people into clicking through to a malicious or fake website. To do this, cyber criminals will usually spoof the website’s URL by creating a lookalike one, or they’ll mask their dodgy URL by shortening it. Whenever you see a weird or shortened URL, make sure you hover your mouse over it to see if the landing page’s web address is different or fake.
Mismatched Sender Address
Even if a cyber criminal can perfectly imitate your brand’s voice, formatting, logo, address, and contact email address in their phishing email, there’s still a trait of yours they can’t copy — your sender address.
Cyber criminals will usually create a lookalike sender address or just use a string of characters in hopes that you won’t check it. To verify a brand’s sender address, check out the sender’s domain in the email’s “from” header and see if it matches the brand’s domain.
Here’s a legitimate email from HubSpot to help you see where the sender address can be found in Gmail:
3. Invest in email security software.
If your company has the funds, email security software like Proofpoint and Barracuda are the most reliable and effective lines of defense against phishing. Well-versed employees can still fall victim to cleverly-crafted phishing emails and cyber criminals constantly refine their malicious tactics, like sending phishing emails from the legitimate domains of compromised websites.
But since email security software can identify unusual traffic patterns and monitor fishy URLs, it can effectively detect, block, and respond to these sophisticated threats before they reach your customers and employees’ inbox.
Don’t Get Snagged
76% of organizations experienced phishing attacks last year, so it’s likely that cyber criminals will try to lure your brand in, too. But if you can arm yourself with DMARC, thorough employee training, and the best-fit email security software for your specific systems and situation, you can shield your customers, employees, and brand from these attacks, no matter how enticing the bait is.
Read more: blog.hubspot.com
The FBI is Warning You to Reboot Your Router to Prevent a New Attack – Here’s everything you need to do
Linksys
On May 25, the FBI warned that anyone who uses a router to connect to the internet should reboot their routers.
The warning comes amid a Russian malware (malicious software) called VPNFilter that can secretly install itself onto internet routers and collect data from an unsuspecting user. So far, it’s estimated that 500,000 devices – mostly from the Ukraine – have been affected.
Rebooting internet routers will “temporarily disrupt the malware and aid the potential identification of infected devices,” according to the FBI. The agency also recommends to disable your routers’ remote management settings, and update the password you use to access your router’s settings.
If there’s an update available for your router, you should install that update, too.
I’ll be using my Netgear router to show you to disable your router’s remote management feature, reboot your router, and install updates if they’re available. Router settings will look different on routers from different companies, so this might not look the same if you have a router from a different company. Still, the settings on your router should be pretty similar, and you can always pull out your router’s manual or search online how to do these things on your own router.
Check out how to access your router’s settings and update its firmware:
1. Access your router’s settings. Business Insider
To access your router’s settings, type in these numbers into your web browser’s search bar without the quotes: “192.168.1.1”
You’ll be asked to provide an account name and password. If you haven’t added your own account name and password to your router when you first set it up, it’s most likely the default username and password:
Username: admin
Password: password
If your router has different default login credentials, check your router’s manual or do a quick online search, like “[Your router brand, your router model] default login.”
If you’re still using the default login credentials, you should add your own password. I’ll show you how later in this post. If you did add your own credentials, use them.
2. Change your login credentials for your router settings. Business Insider
Head to the Advanced settings on your router > Administration > Set Password > follow the steps > click Apply.
3. Disable the remote management settings suggested by the FBI. Business Insider
Some brands like Netgear have the remote-management feature disabled by default, but it’s easy to check and worth doing while you’re in your router’s settings.
On my Netgear router, I go to the Advanced tab > Advanced Setup > click Remote Management > and make sure it’s disabled.
If it’s enabled, I uncheck the box next to Turn Remote Management On and click apply.
See the rest of the story at Business Insider
See Also:
The rise and fall of Elizabeth Holmes, who started Theranos when she was 19 and became the world’s youngest female billionaire before it all came crashing downAndy Rubin, the father of Android, has reportedly cancelled his next big smartphone and might sell the company after raising $300 millionBefore-and-after images show how an abandoned Kmart was transformed into a high school
Read more: feedproxy.google.com
Google, Microsoft Discover a New CPU Vulnerability
Google and Microsoft researchers have discovered a new computer processing unit vulnerability that’s a variant of the Meltdown and Spectre bugs uncovered earlier this year. Fortunately, the issue known as Speculative Store Bypass will soon be patched via a firmware update. Unfortunately, that patch will likely slow your machine down.
In January, security researchers unveiled a pair of security flaws that affected nearly every modern processor, from smartphones to desktop computers. Dubbed Meltdown and Spectre, the critical security vulnerabilities could render memory on your computer readable by outside parties, leaving sensitive information such as passwords, security keys, and files open to hackers. The problem affected virtually all x86 Intel CPUs shipped over the past 23 years, as well as CPUs from Arm and other chipmakers.
The latest CPU vulnerability functions similarly to Spectre, the Verge reported. Microsoft discovered Speculative Store Bypass back in November and has been working with Intel and Advanced Micro Devices since then to determine its impact on PCs, as well as a fix. Luckily, most modern browsers—including Edge, Safari, and Chrome—were patched for Meltdown earlier this year, and they are already protected against this new threat.
For firmware, however, the update isn’t so peachy. Intel has shipped beta microcode updates for Speculative Store Bypass to manufacturers, which should ship over the next few weeks.
Protection against the CPU vulnerability will be switched off as a default—users will need to actively enable it—but doing so could slow computers down anywhere from 2 to 8 percent, according to the Verge. Thus, users will need to choose between extra security for their machine or continued performance levels.
Thankfully, this variant of Spectre and Meltdown doesn’t seem to be as insidious as the originals. As for the future, Intel is working to redesign its processors—including its chips shipping later this year—to protect against all these bugs.
H/T the Verge
The post Google, Microsoft discover a new CPU vulnerability appeared first on The Daily Dot.
<h3>More About This Vulnerability</h3>
Read more: dailydot.com
UPDATE: Equifax Filing Reveals Hack Was Somehow Even Worse Than Previous Estimates
The 2017 hack of Equifax, already among the largest ever recorded, just got bigger. Well, they’re admitting that it was bigger than they had previously, which amounts to the same thing. Documents filed with the SEC reveal that more people, more IDs, and more info in general was stolen when the company utterly failed to protect its “users,” many of which didn’t even know they were in the database.
The company revealed various numbers around the time it disclosed the hack, though one it neglected to include was how many millions of dollars in stock were sold by executives before publicly disclosing it. But let’s not linger on their past crimes. I’m sure they’re very sorry!
Today’s information was filed with the Securities and Exchange Commission as part of the company’s disclosures regarding the hack. It provided first a handy table listing what was stolen as raw strings of data from Equifax’s inadequately protected databases:
Full name: 146.6M Date of Birth: 146.6M Social Security number: 145.5M Full address: 99M Gender: 27.3M Phone number: 20.3M Driver’s license number (incl. 2.4M partials): 17.6M Email address: 1.8M Credit card numbers (with expiration dates): 209,000 Individual Tax Identification Number (ITIN/Tax ID): 97,500 Driver’s license state: 27,000
Previous estimates of driver’s license numbers leaked were around 10.9 million, and total affected put at 143 million. Sure, the difference between 143 million and 146.6 million is relatively small, but it’s still 3.6 million people.
Secondly the filing includes a table listing images stolen by the attackers. These were “uploaded to Equifax’s online dispute portal by approximately 182,000 U.S. consumers,” the document says.
Driver’s license: 38,000 Social Security of Taxpayer ID Card: 12,000 Passport or Passport Card: 3,200 Other: 3,000
It’s unclear why these don’t add up to 182,000, but the images could also have been non-valuable things like forms or pictures of assets.
Imagine the kind of havoc you could wreak with even a few isolated data points from this set. Phishing teams and other scammers must be having the time of their lives: with so much official data to use, it’s that much easier to convince someone that a service or email is legitimate. Images of licenses and passports could lead to more sophisticated fraud at borders or in other government situations as well.
<a href=”https://techcrunch.com/tag/equifax-hack/” target=”_blank” rel=”noopener”><img src=”https://techcrunch.com/wp-content/uploads/2017/09/eq-uifax-hack-banner.png” /></a>
<h3>What Should You Do if You are Concerned About This Hack?</h3>
Read more: feedproxy.google.com