Netizen Cybersecurity Bulletin (October 11th, 2021)

Overview

  • Phish Tale of the Week
  • Twitch reports data breach of over 128 GB
  • Google announces new two step verification initiative
  • How can Netizen help?

Phish Tale of the Week

Phishing attempts can often target specific groups that can be exploited by malicious actors. In this instance, we see a phishing scam targeting unsuspecting employees that may be expecting an invoice to be paid or just someone who doesn’t check their email rigorously. This email appears to be a notification saying we have won $750 on Cash App. This email contains Cash App’s branding and a convincing message saying my $750 reward expires soon? Unfortunately, there’s plenty or reasons not to click that email right away.

Take a look below:

  1. The first red flag on this email is the sender address. Always thoroughly inspect the sender address to ensure its from a trusted sender. In the future, check all suspicious emails from companies against previous correspondences you’ve received and make sure the sender address is the same.
  2. The second warning sign in this email is the inconsistent messaging. The image in the email shows that I can win $750, however the message says I have already won the money. Look for consistency throughout emails with companies. Most companies will also provide a lengthy terms and conditions section for prizes and competitions.
  3. The final warning sign for this email is the callouts at the bottom. This message says that my reward is expiring soon although this is the first notice we’ve received about this payment. An easy way to spot a scam email is to reference previous emails you’ve received from the company. When compared to other correspondences from Cash App, this email immediately looks different.


General Recommendations:

A phishing email will typically direct the user to click on a link where they will then be prompted to update personal information, such as a password, credit card, social security, or bank account information. A legitimate company already has this sensitive information and would not ask for it again, especially via email. 

  • Scrutinize your emails before clicking anything. Have you ordered anything recently? Does this order number match the one I already have? Did the email come from a store you don’t usually order supplies from or a service you don’t use? If so, it’s probably a phishing attempt.
  • Verify that the sender is actually from the company sending the message.
  • Did you receive a message or email from someone you don’t recognize? Are they asking you to sign into a website to give Personally Identifiable Information (PII) such as credit card numbers, social security number, etc. A legitimate company will never ask for PII via instant message or email.
  • Do not give out personal or company information over the internet.
  • Do not click on unrecognized links or attachments. If you do proceed, verify that the URL is the correct one for the company/service and it has the proper security in place, such as HTTPS.

Many phishing emails pose a sense of urgency or even aggressiveness to prompt a form of intimidation. Any email requesting immediate action should be vetted thoroughly to determine whether or not it is a scam. Also, beware of messages that seek to tempt users into opening an attachment or visiting a link. For example, an attachment titled “Fix your account now” may draw the question “What is wrong with my account?” and prompt you to click a suspicious link.

For Cash App specific recommendations and tips check out this link to their fraud detection center here.

Cybersecurity Brief

In this week’s Cybersecurity Brief:

Twitch reports data breach of over 128 GB.

Last week, an unknown actor released the entirety of video streaming company Twitch’s source code in an over 128 GB heap of data. Video Games Chronicle initially broke the story on Wednesday with reports that an anonymous hacker gained access to a large amount of Twitch’s private data containing user payout information and Twitch’s source code among the stolen data. The hacker posted a torrent link to the trove of data on 4chan, citing the intent to “foster more disruption and competition in the online video streaming space” and that “their community is a disgusting toxic cesspool” as reasons for the leak.

“Jeff Besos paid $970 million for this, we’re giving it away FOR FREE. #DoBetterTwitch,” the hacker added.

Representatives from Twitch were quick to confirm the breach giving this response to the press. “We can confirm a breach has taken place. Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available. Thank you for bearing with us.”

Analysts everywhere have begun to sift through the leaked data, finding everything from encrypted passwords to financial payouts to some of Twitch’s top streamers. Twitch account holders are recommended to change their passwords and enable two-factor authentication in the meantime to deter any unauthorized sign-ons. This breach comes after a large portion of Twitch’s community took to social media with the #DoBetterTwitch campaign seeking a more inclusive and tolerant community.

To read more about this article, click here.

Google announces new two-step verification initiative.

Recently, Google announced plans to automatically sign up almost 150 million users into their new two-factor authentication program by the end of the year. This effort is part of Google’s ongoing initiatives to prevent unauthorized access to user accounts and increase organizational security. Google will also test this program with over 2 million Youtube creators, enabling the two-step verification (2SV) setting to better protect their channels from potential breaches.

One of Google’s product managers AbdelKarim Mardini, and director of account security and safety, Guemmy Kim, had this to add “2SV is strongest when it combines both something you know (like a password) and something you have (like your phone or a security key)”. This rollout follows announcements made by Google in May where the company detailed the desire for a simpler and safer future. You may not realize it, but passwords are the most significant threat to security. They are easily stolen, and many users often use duplicate passwords for multiple sites, allowing one key to unlock limitless doors. Experts believe that as more companies push towards multifactor authentication, security will increase overall, reducing the number of data breaches and unauthorized account sign-ons.

Google also announced plans to add a feature into its Google search app to allow users to access all of their saved passwords from Password Manager right from the opening menu. This focus on passwords and security by Google follows developments from Microsoft earlier this week detailing a new passwordless way to access user accounts.      

For more information check out the rest of the article here.

How Can Netizen Help?

Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time. 

We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type. 

Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.

Netizen is a CMMI V2.0 Level 3, ISO 9001:2015, and ISO 27001:2013 (Information Security Management) certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans. 

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.