Netizen Cybersecurity Bulletin 20 February 2019
In This Issue:
In this week’s issue, you’ll find information regarding the most current critical threats and preventative measures to lessen the chances of a breach.
- Phish Tale of the Week
- How Can Netizen help?
Phish Tale of the Week
This week we are featuring another phishing email that was received in our office.
Hackers have been known to send threatening emails to scare users into sending money, most often in bitcoin, to an encrypted address. More recently there has been a spike in what are known as sextortion emails. Sextortion emails begin with an unsolicited message claiming to have photographic or video evidence of the user accessing pornographic material. The user is then blackmailed into sending money, under the fear the hacker will release the photos/videos to the user’s mailing list (including coworkers, relatives, etc.).
An example email follows below:
The good news? It’s a scam. There is no video or photograph; the hacker is relying completely on fear and intimidation. Hackers have, at times, progressed in their scare tactics by enclosing legitimate usernames and passwords within the email. It is likely that the hackers have discovered a stockpile of compromised passwords from previous data breaches and are thus utilizing them to make the threat more believable.
In the above example, the message asks the reader to send a Bitcoin ransom to the hacker’s ‘wallet,’ and in exchange, the hacker promises to delete all incriminating evidence. On its face, this one is easy to spot – particularly if you haven’t engaged in the activities described within the email. Yet these kinds of scams are used widely, simply because they do work.
Combating this kind of Phish:
- Scrutinize your emails. If something does not feel right, it probably isn’t.
- These emails are designed to convey fear and intimidation. Bottom line: don’t panic. If you receive an email that looks anything like the above, it is a scam. You should contact your supervisor or system administrator.
A phishing email will typically direct the user to visit a website where they are asked to update personal information, such as a password, credit card, social security, or bank account numbers. A legitimate company already has this sensitive information and would not ask for it again, especially via email.
- Scrutinize your emails before clicking anything. Did you order or ask for anything for which you’re expecting a confirmation? Did the email come from a store you don’t usually order supplies from or a service you don’t use? If so, it’s probably a phishing attempt.
- Verify that the sender is actually from the company sending the message.
- Did you receive a message or email from someone you don’t recognize? Are they asking you to sign into a website to give Personally Identifiable Information (PII) such as credit card numbers, social security number, etc. A legitimate company will never ask for PII via instant message or email—this is a huge red flag.
- Do not give out personal or company information.
- Review both signature and salutation.
- Do not click on attachments.
- Do not click on unrecognized links. If you do proceed, verify that the URL is the correct one for the company/service and it has the proper security in place, such as HTTPS.
- Be wary of poor spelling, grammar, and formatting. As can be seen with the with this email, there are multiple spelling, grammar, and formatting errors, leading us to believe that the message is illegitimate. If an email is visually unprofessional, the sender is likely not who they say they are.
Many phishing emails pose a sense of urgency or even aggressiveness to prompt a form of intimidation. Any email requesting immediate action or that is addressing you in a threatening manner should be questionable. Also, beware of messages that seek to tempt users into opening an attachment or visiting a link. For example, an attachment titled “Staff Pay Raises 2018” may seem like something you really want to know about, but it could just be a ploy to plant malware on your system or steal your credentials.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is an ISO 27001:2013 (Information Security Management) certified company.