Protect yourself by being aware
Online and cyber security is a massive issue currently and will likely increase into the future. The changes to the Australian Privacy Act to included Notifiable Data Breach scheme (NDB) laws and General Data Protection Regulation (GDRP) are two examples of a legislative response by government. If you’re an Australian business – you’re a target. If it hasn’t happened already, statistically at some point, you will be impacted by a malicious attack. It could be ransomware, phishing or a virus. At Qamba, our professional IT team ,often see organisations reacting to an incident which, at the end of the day, costs them significantly more than implementing proactive security measures.
Whilst this blog post may not convince you that a compelling event is imminent, it may help you understand that being a cyber criminal is a JOB for some people. Yes, you read that right, a job. No doubt it carries the same sort of characteristics as your given profession. Think about that for a moment, and take in the fact that someone out there is as skilled as you are in your field, at trying to exploit your people and technology for money. Cyber criminal activity is serious enough for the government to legislate on it.
Phishing is by far the biggest risk around recently. Hopefully, you have the time to read this blog and find it informative – although if you’re as busy as I am, just read the next sentence – the “TL;DR:” version.
Unless you are expecting the content you have received, in the context that you have received it, from the contact you received it from – it is probably malicious. It’s okay to trust, but you must verify.
Like most iterations of viruses, exploitation of software vulnerabilities and other malware; these cyber criminals and organisations are always working on new ways to achieve their goals. As such, there is a lot of different techniques and methods that we commonly see, although the following are most common and it’s worth being aware of them.
1. Spear Phishing
An extremely targeted method of attack that is often researched and personalised by the cybercriminal to appear as genuine content and trick the person. The most common method that we have seen of spear phishing is an impersonation of a CEO/CFO sending an email to the accounts person requesting an urgent bank transfer. The other is asking to purchase iTunes gift vouchers, scratch the codes and send a photo.
2. Email & Spam
Emails and Spam are becoming less effective due to filtering technology;. however, they can be so successful due to the ability to automate the delivery of malicious content to so many individuals with relative ease. Often content is from an official source such as Australia Post, the Australian Federal Police or utility companies suggesting that you have a package, a fine or an outstanding account.
3. Phishing Websites
It takes minimal effort to spin up a web server full of dodgy code to make a phishing website. Often this code can be fed through from emails appearing to be an official source. Another method is a web-based man ‘in the middle’ type of attack that occurs between the original, genuine site and the phishing website[R1] . Often they will collect information as the user continues to fill it in, or will prompt you to log in – continually failing your attempts to obtain a number of your passwords.
4. Deceptive Website Links
Often when you receive an email, it may have a link to a website. The text of the link can be configured differently to the actual link that opens when you click on it – sending you to an unexpected site. If in doubt – hover over the link text and make sure it matches. Pay particular attention to the domain (e.g. www.qamba.com.au).
When you visit a website, it will often load content from a lot of different sources. This could be harmless (but annoying) advertisements, or other additional content (think embedded YouTube videos). These sites can sometimes inadvertently be impacted by dodgy advertising running scripts, or even vulnerabilities from Adobe PDF or Flash embedded content.
Keyloggers are less frequent due to the complexity of getting it onto a machine, although it’s often delivered via malware and keyloggers essentially log every keystroke that you make on the keyboard, and send the information back to a central store. So if you got to log in to your email, it could track the web URL, the username and password being entered.
Trojans horse malware will allow unauthorised access to your machine or user account to collect more details before being transmitted to the cybercriminals. Often the malware is delivered through a series of misleading actions or other malware.
8. Phishing via Search Engines
Website rankings are designed to try and weed out these sites, but it is possible to structure a website so that it climbs search engine rankings to mislead users. It could be slightly different website links that have pages that look very similar. The most common ones will be targeting popular search terms for maximum impact.
Vishing is the telephone equivalent of phishing, where scammers call on your home or mobile phone. This has become increasingly popular in recent times, with examples of Telstra calling and saying they will cut off internet connections and asking people to verify their identity. Microsoft technical support is another common one. A rather amusing revenge video against a vishing scam on YouTube from “Nicole Mayhem” is a good watch.
SMS based phishing, often containing a link that we may innocently click on which launches an attack on our mobile phones. Malware is designed to then infiltrate vulnerabilities on mobile devices for various reasons.
Ransomware can be delivered by a number of the previously mentioned attacks and encrypts all your personal and network data to demand a monetary sum to decrypt your data. These attacks are becoming more sophisticated, some even being manually run by hackers with backups being paused or deleted prior.
There are plenty more different methods and techniques, but these are some of the common ones. We hope you find this information useful, and should you want to check, upgrade or have your IT security managed by Qamba, contact us today.