What’s in the news for Phishing/Ransomware email?

What’s in the news for Phishing/Ransomware email?

I have an email folder dedicated to various cybersecurity newsletters I’m subscribed to, and it’s over flowing 🙁 Rather than zoom in on the details of a specific recent attack or compromise, I decided to share a couple high level updates to give you a taste for what’s going on out there. I barely have time to read all the blog posts and videos, and I’m sure you have even less!

Phishers and hackers….

  1. Are latching on to some newer popular technologies, like MS Teams. This is a service for chat/communication/phones/meetings that is included in Microsoft Office 365 subscriptions that is getting a lot more traction recently. So of course the phishers are sending out crafty emails that look like MS Teams invites, password invites, security notifications etc. Watch closely!
  2. Work through the supply chain – so if you get hacked, they will target your vendors and clients, and vice versa.
  3. Will look at current events related to your company so they can send targeted spear phishing attacks. This might include LinkedIn posts, job postings etc – looking for sound bites to make their emails look more relevant and increase the chances of being opened and a link clicked.
  4. Are still scoring with CEO fraud – executives and finance people are still being targeted for bank transfers, approving credit card purchases, or simply snooping for more information.
  5. Use current political news to trick users into clicking.
  6. Are sending real looking SMS text messages, LinkedIn, Facebook and more.
  7. Are protected by Moscow from being extradited.
  8. Have techniques to get around two-factor/multi-factor authentication and still steal money.
  9. Are often targeting organizations with 1-10 employees as they have less protection and awareness.
  10. Are often compromising the Finance & Insurance industries, but everyone is vulnerable.

Some Tips:

  1. Never reply to phishing attacks or spam emails – it’s a bad idea. It just gives more information to phishers to use, such as the info in your email signature. It signals that your email address is active. And, they can determine your general physical location from it.
  2. Remember that anti-virus, anti-malware, and anti-spam software can barely catch ANY of this. Education and awareness is key.
  3. For every employee/team member that tells you about a phishing email they found suspicious, there are probably another 5-10 that they didn’t identify as suspicious.
  4. Watch vendor emails carefully. What might looks like a legitimate shipping notification, password reset etc from a trusted vendor could be compromised.
  5. Watch the FULL link. Hover over the link (or long-press on mobile) to look at the full link. Sometimes the first or last part of it will look OK but the rest is a trap.

Be safe!