Posts

Phishing Emails - Don't Get Hooked!

social engineering

Spear Phishing

What is spear phishing?

Spear phishing is an email scam targeting a specific individual, business or organizations. It’s like a standard phishing scam except the emails are personalized to target one group or person.

Cyber criminals use these types of attacks with the intention of accessing and selling confidential data to governments and private organizations.

The cyber criminals use individualized methods of social engineering to create a sense of legitimacy to the email. The objective of social engineering is to get anyone from a company or government agency to open a malicious link or visit a virus ridden website.

At that point the cyber criminals can steal the data they need in order to critically affect the target’s networks.

Spear Phishing Could Cost Millions

The city of Naples, Florida lost $700,000 in a spear phishing attack on Monday, August 5.

The money was sent to a fake bank account provided by an attacker posing as a Wright Construction Group representative contracted to work on an infrastructure project in downtown Naples, according to one of their news releases.

The city manager Charles Chapman said the cyber attack was an isolated incident and did not affect their data systems.

Other cities throughout Florida were also targeted in cyber attacks.

How Spear Phishing Works

Phishing and social engineering in general is increasingly becoming a popular method of hacking for cyber criminals, however spear phishing is particularly difficult to detect because they’re designed to appear legitimate and safe. It’s the same with counterfeit dollar bills. The more advanced the counterfeit is, the harder it is to recognize it as fraudulent or fake.
In a spear phishing attack, the hacker gets specific information about their victim to create a sense of trust and security. Like the cyber criminal in Naples who used the information concerning the contract between the city and Wright construction group to his or her advantage. They usually acquire this information through internet research, a previous phishing attempt, maybe a hacked account from within the organization and even social media.

Typical phishing attempts will ask you give some personal information. Sometimes hackers ask for a phone number, other times a credit card or bank account number. Spear phishing attempts follow a similar strategy only more specific. You might be manipulated to click on a link that downloads malware or led to a site that asks for a password or a social security number.

Whaling

There are other forms of spear phishing called “whaling”. Whaling involves targeting institutions posing as a company executive requesting an employee wire money to an account belonging to the hacker. The Naples attack is a modified version of whaling. Instead of posing as the CEO of Wright Construction Group targeting an employee, the cyber criminal posed as a representative of the company targeting one of its clients.

Like phishing, a successful whaling attempt involves coercing someone with a high profile or reputation. The intention can vary but it’s usually all about money. This could mean initiating a wire transfer as in the Naples case or installing malware that infects company servers and steals sensitive data.

Targets of whaling are executives, department heads, spokespeople. This means that they likely have information available to the public that other targets might not. Having importance within a company or an industry means that person is in the public eye. This might limit the pool of targets, but it also raises the reward.

Threats to Businesses

Because of what we’ve mentioned above, spear phishing is not only among the most common types of cyber-attacks, but probably the most dangerous. Most phishing attacks try to cast a wide net, hoping that a handful of email recipients unknowingly give them access to their business and data. All it takes is one person to click and the entire enterprise is at the mercy of a cyber criminal.

Phishing Email Statistics

The Naples example coupled with these statistics are indicative of how effective phishing scams are. It’s important to be aware of how volatile one of these attacks can be and prepare your business against them.

Red Flags of Phishing

The important thing is to avoid clicking on anything until you know what it is and who it’s from with certainty. If someone you know shares a link or a document with you and it’s out of the ordinary that’s a sign it may be malicious.

If the email has a strange address with too many numbers or letters, it’s probably a phishing scam. Another give-a-way is the vernacular contained in the email.

Here’s an example: Let’s say you live in the US and you receive an email from your boss who also lives in the US and was raised in the US. If the email says something like, “Hey, I need you to run some errands for me this afternoon. Send me your mobile.” Mobile is a phrase commonly used in the UK not in the US and could be an indicator of a fake email. A lot of the time cyber attacks will overlook these small but telling details.

This requires a bit of deduction on your part, but if you’re familiar with the person who allegedly sent the email, then it should use this as a way of catching any abnormalities in their word-usage. A little research goes a long way also. If you’re receiving an email from a company, look it up and message them. If things don’t check out, report it through your email provider like Google or Outlook.

When successfully  identifying an email as a phishing scam, alert anyone and everyone in your department. Raise awareness with as many people you can. This puts people in high alert and makes it less likely they fall for the same trick.

Protect Yourself

Phishing and spear phishing specifically might be difficult to spot, but that doesn’t mean you’re helpless against it.
Training employees and raising awareness is the first line of defense against phishing attacks. And with spear phishing becoming more selective, training should expand to clients, vendors and upper management.

Training

Just as we saw with the Naples attack, cyber-attacks are becoming more ingenious and varied. The city of Naples was a client of a construction company and rather than target the company, they targeted the vulnerable client. While employees might protect themselves from phishing attacks by implementing measures put in place by internal IT or a cloud provider, clients might not have these same advantages.

There needs to be a comprehensive training curriculum focused on educating as many people within an industry. Whether it’s clients of a financial firm or the firm itself, for example, there’s no telling who a hacker will target.

Mock tests

Simulating a phishing attack is a helpful tool to assess how employees behave under those circumstances. This would also help in gauging how aware your employees are of phishing attempts.
Spam filters: Once upon a time, spam was just annoying inconveniences that at worst lowered productivity. Now, spam is a useful tool for cyber attackers to target potential victims. Luckily, most spam filters work, and most companies have one.

Be aware of the kinds of information shared on social media. Useful details like birthdays and favorite activities can be found easily in today’s social media culture. Upcoming events can also be used to make spear phishing emails seem more legitimate. Be weary during a big conference or networking event of any strange requests in your inbox.

The Cloud

Cloud service providers often provide the protection and security to prevent a successful spear phishing attack. Nerds Support, for example, advises all its partners to send in any suspicious emails they receive to be analyzed and verified as safe to open. This is a simple technique that comes a long way in safeguarding against these kinds of attacks.
Going back to two factor authentication for a moment,

If an organization moves to the cloud, phishing risks must also be considered. If your company is using a public cloud, you’re accessing any and all relevant applications through the internet. Phishing is most successful when the apps are exposed to the internet, which is standard for a public cloud.

Private cloud hosted apps, like Nerd Support’s have the added security of a VPN (Virtual Private Network). VPN’s simply allow you to establish a secure connection with another network over the internet. However, hacker can always try and find the URL of a cloud service. That allows them to execute targeted phishing attacks on employees of the company.

Two-Factor Authentication

One of the best ways to fight against phishing attacks is a two-factor authentication. This is when you log in and the app or site requires you to log in through another device or apply another password. People see this usually with social media. Instagram and Facebook sometimes ask you to input a code sent to your phone or email. If a user inside a company is compromised in a phishing attack, the attacker won’t be able to access the organization’s IT if the second factor is constantly changing.

Two-factor authentication isn’t typical of most cloud services. Nerds Support offers this feature when you adopt its cloud system but it’s one of few exceptions. Dropbox is another cloud-based h

osting service that adopted a two-factor authentication.

We’re here to help

At the end of the day, its about adopting culture of verification and caution. Nothing is sacred to cyber attackers. They will exploit personal information that appeals to your emotions or they will use a recent tragedy in the news to increase the chances that you “donate” to their cause.

Calling and investigating the sender before replying, double checking with colleagues, making sure that no one is isolated or left out of the loop are all things that make a huge difference.

Hopefully you’ve learned enough to recognize a potential spear phishing attempt so that Naples story doesn’t turn into your own.

To learn more about cyber attacks, phishing and social engineering visit the Nerds Support website or feel free to call and we’ll be happy to answer any questions. Also, check out our video on tips against phishing right here.

If you need any help making your company  safer, feel free to fill out the form here or call us at 305-551-2009.

A business owner working on her laptop

3 Big Security Lessons for Growing Your Business

Ransomware is rapidly becoming the most pervasive cyber threat in the world today. It’s affected large companies like Arizona Beverages and FedEx to government institutions like police departments and schools across the US.

Although many of these organizations are large is size and scope, you don’t have to be a multinational bank or the National Health Service to become a victim of ransomware and other types of malware. As a matter of fact, small and medium-sized businesses are just as likely, if not more, to be attacked by ransomware because in many cases they’re more vulnerable and less likely to recover.

What is ransomware? Ransomware is a computer program or virus that encrypts and freezes your data files unless you pay the perpetrator a fee. These are some things to consider when navigating a business in today’s world. There are the dangers everyone faces.

3 big security concerns for business owners

1.You’re never too small to get hacked

About 70 percent of ransomware attacks in 2018 target small businesses, according to a March report from Beazley Breach Response Services.

Ransomware finds its way into your system by exploiting flaws in your security perimeter, but, more likely, it gets downloaded by an unsuspecting user through an ostensibly harmless email or file. It can infect not only the machine that opened the corrupted file, but all the programs it shares throughout the network, spreading like a dangerous contagion, encrypting all the files on that network.  If the initially infected machine has access to back-up files, it’ll encrypt them as well.

It’s easy to assume big businesses would be the main targets of something like this, but cyber criminals go after small, lower risk payments instead of one large payment. Smaller attacks are likelier to keep them under the radar. It’s also important to know that one cybercriminal alone can target thousands of businesses with little to no difficulty. They use social engineering to manufacture a huge email list and infect countless links and files before sending them off to as many people as possible. All it would take is one staff member or employee in the office to click on a single link. Some businesses may avoid this kind of attack but it’s a numbers game. All it takes is patience and eventually a cyber-hacker will get what they want.

2. Paying Won’t be Easy

So what if you pay the ransom? That’s always an option.  You can pay, get your files back and move on. Well, not exactly.

Hackers and cybercriminals don’t use traditional bank accounts when conducting “business”. They’ll want to be paid in Bitcoin to an anonymous account on the Dark Web. It’s untraceable and easy to manage for even the most novice of hackers. Adding insult to injury, you’ll have to spend time you may not have trying to get your hands on crypto currency you need to make payments to someone that’s extorting you. Even if you go through this strenuous process and pay the hacker their fee, it’s not a guarantee you’ll get your data back.

3. Hacking is a reality that cannot be avoided

Most businesses and even government institutions haven’t taken cyber security as seriously as they should. 43% of all cyber-attacks are aimed at small businesses, according to cyber defense magazine. Small businesses have minimal security and are therefore easier to breach.

In South Florida, it’s reasonable to assume you’ll experience a hurricane at some point. The environment in which you’re in often produces conditions favorable to those types of storms. In today’s world, with ever increasing reliance on technology and computer software in almost every industry, there will always be those looking to exploit vulnerability for profit. If you want to mitigate risks and continue to operate and grow your business, you’ll need to assume that getting hacked is inevitable. Prepare for the worst and you’ll have nothing to fear.

A Nerds Support partner, for example, has all of their files backed-up daily and monitored by our team of experienced engineers and IT professionals at all times. If there’s a questionable email, we can analyze it to ensure it’s safe and legitimate. Nerds Support has can help its partners establish a continuity plan in the case of an attack and snuff out potential risks before they become large vulnerabilities in your system.

A cloud based-infrastructure offers a level of security that is cost efficient and practical for any business. Contact us Today to Start Securing Your Business!

Riviera Beach Got Hacked : Forced to Pay 600K in Bitcoin

Cyber-attacks are becoming ever more frequent, affecting local business, schools and even cities.

Most recently, it was reported that Riviera Beach had to pay 65 bitcoins, which is the equivalent of $600,000, to hackers after a government employee clicked on a malicious email link three weeks ago.

This was a classic case of ransomware. A hacker uses social engineering to attack unsuspecting people to click on a link or an email attachment. Once they click, malicious software encrypts files, making them inaccessible until the victim pays to get it encrypted, hence the name ransomware. Ransomware, like in the case of Riviera Beach, is delivered through email via links, downloading attachments and in some cases social media messaging. Many Nerds Support partners who receive suspicious emails, send them to our IT and Software experts to analyze and vet to determine whether the email is safe to open or not. This is just one way to prevent a situation like the one in Riviera Beach.

According to a report by The Council of Economic Advisers, malicious cyber activity cost the US economy between $57 billion and $109 billion in 2016 and since then, cyber-attacks have become far more common. Juniper Research, a cyber-security firm, projected cybercriminals will steal an estimated 33 billion records by 2023. Juniper expects more than half of all data breaches globally to occur in the US by 2023 as well.

Having Backups are Key!

The most important thing businesses can do is back-up their data regularly and consistently. Here at Nerds Support, we provide our partners with daily automated back-ups, for example, and filter out potential malicious websites and emails. Also having cyber security measures in place to mitigate the risks is a big step. Training staff in yearly, quarterly, or semi annual trainings is an effective strategy. Should your business suffer a ransomware attack, at the very least you’ll be able to access your important information, mitigating the impact of the attack. As an organization, you can also employ anti-ransomware software to prevent ransomware from successfully launching. Nerds Support has IT engineers along with sophisticated security software, monitoring suspicious activity 24-7 and alert our partners of any potential threats including strange files, email links, or attachments.

 The DOJ reported an average of 4,000 ransomware attacks occurred per day in 2016 with over a billion dollars in ransoms paid. These numbers have increased since. A Beazley Breach Response study revealed, about 70 percent of ransomware attacks in 2018 targeted small businesses with an average ransom demand of over $100,000, the highest demand topping at $8.5 million.

Ransomware is becoming increasingly lucrative because it offers cyber-criminals a low-risk, high reward method for monetizing malware.  The malicious software typically isn’t very complicated because most businesses are underprepared to deal with ransomware anyway, which appeals to even the most amateur cybercriminal. In March, Albany New York, the state capital, admitted being hit with ransomware on a Saturday. There are minimal to no IT staff on Saturday’s. Neither the private nor public sectors are adequately prepared to handle even the most primitive malware attack precisely because IT security has traditionally been a minimal concern, only now are we seeing the damaging consequences of underappreciating it.

Nerds Support is working hard to protect medium and small businesses from experiencing any cyber breach, including ransomware with its dedicated team of engineers and IT professionals.

Contact us today at 305-551-2009 and hacker proof your firm!

IT technician secures his device from data breaches

Should I get Cyber Insurance? Is Cyber Insurance worth it?

Cyber attacks, ransomware and new disruptive technologies are making it difficult for small and medium size businesses to protect their information.

According to a Ponemon Institute study conducted in 2017,  only 21% of companies rated their ability to mitigate cyber risks, vulnerabilities and attacks as highly effective. Businesses have to adjust to the realities of an ever more expanding digital landscape. If a company’s information is accessed through a cyber-security breach, it could costs millions of dollars.

The study reported the global average cost of a data breach is $3.86 million. A number that would bankrupt many small and medium sized businesses. If a business or company processes online payments, uses cloud systems or stores company information and customer data it’s best to invest in cyber insurance.

Cyber insurance is designed to help organizations and businesses lessen the risk of exposure to cyber security breaches. The policies cover a variety of liability and property losses that result from a business engaging in various electronic activities, such as selling on the Internet or collecting data within its internal electronic network. If breached, companies may have to reimburse other companies for expenses relating to the data breach. This includes things like legal counsel, a digital forensics team and notification costs.  

It isn’t just large companies and corporations that are victims to hacking and phishing, small businesses are frequently targeted also. The Ponemon Institute study also reported that 61% of small businesses experienced a cyber attack last year.

And data breaches are only getting bigger.

The average size of breaches, based on the companies surveyed in the study, increased 2.2% every year on average and according to U.S Capital, 60% of small businesses go out of business within six months of an attack. Cyber insurance sometimes referred as cyber liability insurance has become essential in managing risk and mitigating damages caused by cyber attacks.

While looking into cyber insurance, it is important that any business understand how much coverage they need and that they’re taking actions to prevent breaches from happening all together. If you’re interested in learning more about cyber insurance coverage, plans, and pricing you can visit Fit Small Business to compare plans and get quotes

Encrypting your information, training staff members on how to identify phishing attempts and installing anit-virus software can dramatically improve a company’s ability to prevent a breach. A cyber insurance provider will also be looking for these as indicators to determine whether a business qualifies for coverage.

USA today reported on a breach that had occurred in 2016 to five sheriff and police departments in Maine. They were all victims of ransomeware attacks. One of the Sheriffs in Lincoln County didn’t want to pay the ransom but gave in after two days because of the huge risk losing their data would pose. Not every business needs millions of dollars of coverage, however, and for those who don’t usually access sensitive data, the cost can outweigh the risks.

Cyber Liability insurance can be tailored to meet the specific needs of a company and offers a variety of benefits that include: Data Breach Coverage, Business Interruption Loss Reimbursement, Forensic Support, Legal support and more. By having a trusted IT Partner, you can both develop a business continuity plan that can handle all disasters. And by having a disaster plan and a data protection plan you can rest easy knowing your information is safe.

When choosing a Managed IT Service Provider be sure to ask if they have cyber insurance and a disaster plan in place that meets your specific needs.

With Nerds Support, our clients have never been hacked, so you can have peace of mind knowing that your information is safe from hackers. We do the worrying for you so you can focus on growing your business and team. Be a happy client knowing your information is safely stored.

Contact us today for your FREE IT Cyber Audit!

Find out if your company is next for hackers: 305-551-2009