Phishing, Spear Phishing and Malware, Oh My!

Phishing Scam - WarningPhishing, malware attacks and now spear phishing attacks are becoming more frequent and more difficult to detect.  Is your company safe?

Cybercriminals frequently use phishing attacks to “fish for” confidential information.  Phishing emails often appear to be from reputable companies with which you regularly do business such as UPS, American Express, Wells Fargo, eFax, PayPal and EZ-Pass.  Some emails even get past the best spam filtering technology.  The emails look official, often containing the logo of the company, and they frequently ask you to click on a link to their site to log in and provide information.  The links actually direct the unsuspecting victim to a site which looks similar to the authentic website and collects the login information and any other data that the user enters on the site.

Some fraudulent emails contain attachments that are a zip file (.zip) or an executable program (.exe.) or links to these types of files.  Opening these files will infect your computer with malware.  In a recent fraudulent ADP email scam, the malware caused the infected computer to send spam.  Other phishing attacks delivered payloads which installed ransomware, like CryptoLocker, that encrypts your computer’s data files and demands ransom to provide the decryption key required to access the files.

Hallmark ecard - exe link

eFax - zip file attachment

The first clue that an email is not legitimate is that the email refers to your account or activity with the company when, in fact, you have no account or have not transacted any recent business with that company.  You can be tricked, however, when you did just recently have a transaction with that company (such as expecting a UPS shipment or having just booked an airline flight).

Before you hastily click on the link, check for other signs that the email is not legitimate.  In addition to containing .ZIP and .EXE file attachments, fraudulent emails can frequently be identified because they may contain spelling and grammatical errors.  However, now there are research-driven, authentic-sounding spear phishing emails being sent that are much more difficult to identify.

Spear Phishing, a twist on phishing, is email spoofing that targets a specific organization to gain access to confidential organizational data.  Information that is available online, such as from social networking sites, is used to target specific contacts to steal company information.  These emails are successful because the emails appear to be authentic, usually mimicking normal day-to-day operational activities. The message could be as simple as “I met you at the networking event yesterday.  Here is a whitepaper that might interest you.”  Emails like this appear to come from a known and trusted sender, information within the message make them seem trustworthy, and the request in the email seems logical.

Spear Phishing was recently used to steal insider information from healthcare and pharmaceutical companies, and from their advisers including law firms, investor-relations consultancies and investment banks.  FireEye security firm reported that a group called FIN4 used a combination of spear-phishing and malware to gain insider information from more than 100 companies.  First they collected email usernames and passwords of easily identified staffers.  They used the information that they read in the individual messages to compose credible spear phishing emails to higher-level executives that tricked the execs into opening attachments that contained malware.  The attackers also used the information they gleaned from compromised accounts to infect other companies.  The Fin4 attacks were so effective because their phony messages appeared authentic to the targeted high-level victims.  Their messages used jargon and colloquialisms used on Wall Street and contained documents from actual deal discussions.  By tailoring the emails to their targets, they were successful at compromising the email accounts of high-level executives who communicate about mergers and acquisitions and market-moving, nonpublic matters.

Fraudulent emails are able to bypass your company’s firewall and virus protection software by using a non-technical method of intrusion called social engineering.  This technique tricks people into breaking normal security procedures and voluntarily surrender confidential information or install malicious software.  How do you protect your company from being compromised by phishing attacks and malware?  Stay tuned for part 2 of this blog.


 

America Recycles… Do You?

We’re constantly upgrading our technology.  The old computers can’t run new programs, have giant security holes and simply feel slower.  As bigger, faster, cooler smartphones and TVs are released, we “gotta” have them.  Every year there are new and better computers.  As old versions are no longer supported, upgrading is necessary both to remain competitive…

“Bash Bug” Takes Another Bite Out of Our Security

What is it? The “Bash Bug,” also known as “Shellshock,” is a programming flaw that lets outsiders take control and install programs or run commands on computers and other devices.  This security flaw was assigned the highest severity rating of 10 on a 10-point scale by the National Institute of Standards and Technology. The Bash…

Are You Secure Online? Stop and Think Before You Connect

It seems we spend more time online than we do offline these days.  We’re online at work doing research and using Salesforce, at home shopping and planning vacations, and on the road navigating from here to there and using social media.  Our personal information – from financial information to healthcare information to personal communications – the…

Technically Speaking, Technology Can Improve the Consent Process

Informed Consent is a vital process for protecting doctors against Malpractice claims.  The process involves four steps: 1.  Education of a patient about a medical procedure 2.  Presentation of the informed consent form 3.  A signature by the patient acknowledging consent to proceed with the procedure 4.  Documentation of this process Through education, the patient understands the…

(c) Ulistic Inc. | Search Engine Optimization Calgary | Calgary Small Business Marketing | Calgary Business Networking