Where should you focus your cybersecurity efforts?
These top five threats are a good place to start:
Don’t let phishing scare you, this is an easily avoided cyber threat avoided by changing bad habits, learn more about it in our article here.
Ransomware worries? Discover personalised methods of attack to watch out for and everything else you need to know here.
Keep an eye out for the rest of our in-depth articles covering all five cyber threats individually.
Phishing is when you receive an email that tricks you into clicking on a link to a fraudulent website and then sharing private information, or opening a malicious attachment on your phone, tablet or computer.
If you trust the link you could be giving away your user names, passwords, Social Security numbers, bank details or installing malware, like viruses, spyware or ransomware on your device and at work you could be handing over access to your company and all their sensitive data.
Phishing is the top cybercrime in the US. In 2019, the FBI reported that it had claimed nearly 115,000 victims with victim losses at $57.8 million, an average of $507 per victim.
Spotting the phishing attack
Don’t get complacent, the top branded security software (e.g. Norton, Bitdefender etc) are very good at taking out phishing emails before they hit your inbox. But, it’s a false sense of security as some still get through. In fact, in your personal life and as an employee, the next 100 emails you receive, possibly three or four will be phishing scam emails.
The most important golden rule. Change your mindset. Don’t trust emails and don’t click on a link in an email. I’m purposefully, stressing this as the golden rule, even though you think it to be too onerous and impractical. Nonetheless, for the next seven days examine every email (see tips below) and learn to change your mindset and start spotting phishing attempts. The extra time you spend on examining your inbox will build your confidence and you will feel much more confident about email management.
The only time you can trust an email is if it comes from an email address you recognise and the email doesn’t seem out of the ordinary. Even here, if it contains an attachment don’t click on it yet.
Make sure you double check the email address and not just the name. Give the sender a call if you are unsure. Malware is commonly passed between compromised emails accounts so even if the email address is correct that doesn’t mean someone else isn’t sending fraudulent emails from their account.
How to check for the signs of phishing. There are five signs:
If all are followed with the instruction to click on the link to learn more and/or correct the problem. Be super-cautious.
Ransomware is a digital crime where your computer files are ‘stolen’ and encrypted, blocking you from your computer. To gain access to your files you usually have to pay a ransom, normally in bitcoin.
It takes an average of 3 seconds after clicking an infected link for ransomware to start encrypting your files at lightning speed according to Arctic Wolf Networks.
There are three steps:
Whatever, the screenshot wording says, the message is GOTCHA!
Ransomware is an international phenomenon. Although the majority of cases are heavily focused in the US.
53% of Ransomware detections came from the US in June 2018 – 2019
Canada receives 10% and the UK 9% following the trend of targeting English speaking countries according to Malwarebytes’ global detection statistics.
46% of SMBs have been targeted by ransomware, 73% have paid the ransom.
Shocking figures from Infrascale, highlighting that smaller sized businesses are certainly not targeted less because of their size.
Ransomware has changed its nature in the last few years. About ten years ago, ransomware was a simple scam based on fake antivirus apps leading to a payment to ‘fix’ the problem.
Then, the fashion changed to ‘blockers’ or ‘lockers’ that locked the user out of their computers asking for payment to be unlocked.
Now, the fashion is for ‘crypto-ransomware’ that not only locks you out of your files but also encrypts your files. You will likely have to pay a ‘ransom’ in bitcoins to get your files back.
Bitcoin has significantly increased the success and profitability of ransomware of criminals. By using a bitcoin ‘wallet’ for each attack, then moving these wallets through chains of wallets, the movement of money is outside the traditional financial system and anonymous.
Crypto-ransomware is very effective. It generally uses unbreakable encryption and if the user has no file backups then the only solution may be to pay the ransom.
Even if you pay you may not get your files back – don’t forget you are dealing with anonymous criminals!
The near-majority of people pay the ransom. However, a significant minority of payers do not get their files restored or the restoration instructions are not complete or do not work.
The cost is also rising dramatically according to the Coveware Q2 Ransomware Marketplace Report and this trend is what we expect to continue seeing.
The average ransom payment increased by 184% from Q1 to Q2 this year, nearly tripling the cost from $12,762 to $36,295
Spam campaigns hit millions of users daily. Just 0.001% of these spams finding a victim still means high profits to the criminals.
A click-rate of only 0.001% (and lower) is still very profitable to the criminal – they sent out 10m spam emails. At 0.001% click-through rate, that’s over $100,000 of ransom returns!
The most common way of infection is by a person(s) simply clicking on a link in a botnet-delivered email. Some of these emails will be categorised as spam and others deleted by the recipient, however, the criminal plans on these deletions.
Ransomware criminals are now becoming more expert, innovative and audacious with their tactics.
They are finding ways to stay out of the spam folder to increase their click rate by creating more believable personalised campaigns with a higher ransom cost.
1.) Social media
The newer trend is to ‘personalise’ the email using data from social media sites. The criminal collects data from sites like Facebook or LinkedIn and searches for potential candidates.
Or, they may buy or hire email lists of individuals in a certain target industry and/or profession. Sure, the criminal is spending time and money but they will get a higher click-through rate.
On a much-reduced spam email volume, they might net $250,000 or more.
2.) Impersonation of the government or a business
Further variations are emails from well-known organizations such as a delivery note from UPS, an alert from the IRS (Internal Revenue Service), a family post on social media and so on.
3.) Downloads
These infections depend on spam emails getting through. A more reliable method for criminals is to get the recipient to download an infected work-relevant file containing a macro, which in turn delivers the ransomware.
Within the download is a macro that may initiate the ransomware at a later date.
As the criminals say ‘‘job done’’, and then they wait to receive their $250,000 returns.
4.) Exploit kits
Another mechanism, now becoming more common, is the trend of ‘exploit kits’. Typically, these are fake notifications to update a piece of software from a reputable software supplier, such as JavaScript or Adobe Flash.
Although seemingly reliable as a source, the download leads to the ransomware being installed.
5.) Iframes
Further variations are ‘iframes’ installed on web servers and the web pages on the server. The ’iframe’ directs website visitors to the exploit server, which downloads the ransomware. Variations are particularly harmful. For example, an advert placed on a popular website is an advert that directs to the exploit kit.
Simply put, it’s based on one inadvertent and simple action. Someone clicks on an infected link on an email and/or website – stop this and you stop ransomware.
We understand that it’s not always that clear cut which is why we provide educational materials to our insureds and educational content to our followers in the hope that we can contribute to the creation of a cyber-risk aware world.
We’re back with another episode of Node Chats, your podcast for all things cybersecurity.
Neil Gurnhill talks to Gabriel Friedlander, Founder of Wizer, about citizen cyber training in the second episode of Node Chats.
We cover remote job scams, how to teach your children to stay safe online and much more.
“You really have to educate people if you want to have a chance in fighting cyber crime.”
Gabriel Friedlander, Founder of Wizer
Wizer is a full security awareness platform with 1-minute videos, phishing simulation and gamification. Offering both free and optional paid add-ons for the community and employees alike.
Here are some quick tips on how to be cyber smart:
If you prefer just audio, make sure to check us out on other platforms:
Hit the follow button to be the first to know about the latest cybersecurity news.
If you’d still like to know more, comment or drop us a message, we’d love to hear what you think.
We are very excited to be welcoming our first clients onto Cyberman365!
We strongly believe everyone should have the opportunity to improve and secure their digital wellbeing, and now you can!
Cyberman365 IDNotify – What is it?!
PROTECT your identity and so much more with our comprehensive monitoring of your personal data, whether financial, medical or social.
ALERT receive instant alerts via text or email if your data is used fraudulently.
RESOLVE with our ID Restoration and Insurance coverage when you need it most.
Some of our favourite features:
– Lost Wallet Protection
– Social Media Monitoring
– Dark Web Monitoring
Cyberman365 HomeSafe – What is it?!
PROTECT – Our system will simulate possible cyber attacks allowing us to uncover vulnerable access points for the connected devices in your home. HomeSafe monitors 24/7 for potential cyber threats.
ALERT – We will provide step by step instructions for you to improve your home network to further reduce your chances of a cyber incident.
RESOLVE – In the event of a security incident an expert human response team is on hand to take over the network and stop the attack. If damaged, HomeSafe will restore your device, network and data.
Our favourite feature has got to be how it finds vulnerable access points and tells you how to fix them at home! No additional costs or experts needed.
After months of hard work, we can’t wait to hear what you think about our service and hope you love it as much as we do.
Check out our brand new website: www.cyberman365.com
If you have any questions, drop us a message.
We are proud to announce the launch of Node Chats, your podcast for all things cybersecurity.
Neil Gurnhill kicks us off with a hot topic, inviting David Kruse, Director of Business Development at Tetra Defense, to discuss the evolving nature of ransomware.
Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.
A new organisation will fall victim to ransomware every 14 seconds in 2019, and every 11 seconds by 2021. (Source: Cyber Security Ventures)
This is a current, very real issue that affects large companies, small business and the everyday person.
Learn how to spot early signs that ransomware is on your network before encryption.
David talks about the factors that can influence early detection such as the level of information security systems that your company has in place to flag the invasion and the quality and skill of the person who compromised that network.
If you have a hacker that’s just a bull in a china shop and hasn’t quite figured out how to be more stealthy, you’ll see indicators of compromise all over the place.
David Kruse, Director of Business Development at Tetra Defense
Listen to the podcast for answers on everything ransomware, drop us a comment if you have any more questions and we’ll be happy to get back to you.
Don’t forget to subscribe to Node Chats and be the first to know about the latest cybersecurity news.
Find us on:
Copyright © 2021 Node International
All Rights Reserved
One Minster Court
Mincing Lane
London
EC3R 7AA
Recent Comments