Phishing

now browsing by tag

 
 

#cybersecurity | #hackerspace | Coronavirus Scams: Phishing, Fake Alerts and Cyberthreats

Source: National Cyber Security – Produced By Gregory Evans

Wherever you turn for news coverage online, coronavirus alarm bells are ringing louder.

But users should not trust all of those bells, as fake news, phishing scams and even malicious malware is actively being distributed under the coronavirus umbrella.   

Sadly, a perfect storm may be brewing. As government officials and health experts appeal louder for calm, the public is actually getting more worried and searching the Internet for answers. For example:

On Friday, Jan. 31, fears slammed the U.S. stock market, according to Axios. “Stocks saw the worst sell-off in months on Friday: the Dow Jones Industrial Average dropped 603 points (2.1%), while the S&P 500 and the Nasdaq declined 1.7% and 1.5%, respectively. …”

Meanwhile, the BBC reported that the U.S. and Australia have joined Russia, Japan, Pakistan and Italy in closing their borders to all foreign nationals arriving from China. These actions were taken despite conflicting advice from global health officials. “Travel restrictions can cause more harm than good by hindering info-sharing, medical supply chains and harming economies,” the head of the World Health Organization (WHO) said on Friday.

At the same time, Bloomberg news reported that China Virus Cases May Be Undercounted Even With 3,000% Surge. “The number of confirmed cases of the new coronavirus in China has skyrocketed to more than 9,000, surpassing the official count during the SARS epidemic. …”

 
 

Coronavirus Is a Bonanza for Online Scams and Fake News

As expected, the rapid spread of the coronavirus, along with the expanded media coverage of surrounding events related to this global health emergency, has led to hoaxes and the spread of panic. According to CNN, “In Los Angeles County, public health officials warned residents Thursday that a letter claiming a potential coronavirus outbreak in Carson City (Read more…)

Source link

The post #cybersecurity | #hackerspace |<p> Coronavirus Scams: Phishing, Fake Alerts and Cyberthreats <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Coronavirus Scams: Prepare for Phishing Emails, Fake Alerts and Cyberthreats

Source: National Cyber Security – Produced By Gregory Evans

Wherever you turn for news coverage online, Coronavirus alarm bells are ringing louder.

But users should not trust all of those bells, as fake news, phishing scams and even malicious malware is actively being distributed under the Coronavirus umbrella.   

Sadly, a perfect storm may be brewing.  As government officials and health experts appeal louder for calm, the public is actually getting more worried and searching the Internet for answers. For example:

On Friday, January 31, fears slammed the U.S. stock market, according to Axios. “Stocks saw the worst sell-off in months on Friday: the Dow Jones Industrials Average dropped 603 points (2.1%), while the S&P 500 and the Nasdaq declined 1.7% and 1.5%, respectively. …”

Meanwhile, the BBC reported that the U.S. and Australia have joined Russia, Japan, Pakistan and Italy in closing their borders to all foreign nationals arriving from China. These actions were taken despite conflicting advice from global health officials. “Travel restrictions can cause more harm than good by hindering info-sharing, medical supply chains and harming economies,” the head of the World Health Organization (WHO) said on Friday.

At the same time, Bloomberg news reported that China Virus Cases May Be Undercounted Even With 3,000% Surge. “The number of confirmed cases of the new coronavirus in China has skyrocketed to more than 9,000, surpassing the official count during the SARS epidemic. …”

 

Coronavirus is a Bonanza for Online Scams and Fake News

As expected, the rapid spread of the Coronavirus, along with the expanded media coverage of surrounding events related to this global health emergency, has led to hoaxes and the spread of panic. According to CNN, “In Los Angeles County, public health officials warned residents Thursday that a letter claiming a potential coronavirus outbreak in Carson City is (Read more…)

Source link

The post #cybersecurity | #hackerspace |<p> Coronavirus Scams: Prepare for Phishing Emails, Fake Alerts and Cyberthreats <p> appeared first on National Cyber Security.

View full post on National Cyber Security

Phishing for Apples, Bobbing for Links — Krebs on Security

Source: National Cyber Security – Produced By Gregory Evans Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple, whose brand by many measures remains among the most-targeted. Past stories here have examined how scammers working with organized gangs try to phish iCloud […] View full post on AmIHackerProof.com

#cyberfraud | #cybercriminals | Beware of phishing bait, Tech News & Top Stories

Source: National Cyber Security – Produced By Gregory Evans

As you get ready to welcome 2020, be mindful there will be threats aplenty in the coming year.

Topping the threat list are phishing attacks. Phishing is a cybercrime in which scammers send you a malicious message while impersonating someone you know or trust, such as your colleague, relative, bank or telco.

Please subscribe or log in to continue reading the full article. Learn more about ST PREMIUM.

Enjoy unlimited access to ST’s best work

  • Exclusive stories and features on multiple devices
  • In-depth analyses and opinion pieces
  • ePaper and award-winning multimedia content

Source link

The post #cyberfraud | #cybercriminals | Beware of phishing bait, Tech News & Top Stories appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Pollies to face phishing tests after Parliament breach – Strategy – Security

Source: National Cyber Security – Produced By Gregory Evans Parliamentarians and their staff will be subject to phishing email simulations in the wake of the state-sponsored cyber attack against Parliament House earlier this year. The Department of Parliamentary Services will conduct the simulations as part of a new program to test the cyber security awareness […] View full post on AmIHackerProof.com

#cybersecurity | #hackerspace | But Their Emails: Many 2020 Campaigns Still Risk Phishing Attacks

Source: National Cyber Security – Produced By Gregory Evans

Phishing is still a vector to attack presidential campaigns. Many 2020 candidate organizations still aren’t using best practice by implementing a proper DMARC policy.

It seems they’ve not learned from the hack on Hillary’s campaign. In 2016, John Podesta got tricked by a crude phish—and it easily could happen again.

Things are better now, but there’s still acres of room for improvement. In today’s SB Blogwatch, we dig their DNS records.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: a decade in three minutes.


Can You Spell DMARC?

What’s the craic, Zack? Mister Whittaker reports—“Only a few 2020 US presidential candidates are using a basic email security feature”:

 DMARC, an email security protocol that verifies the authenticity of a sender’s email and rejects spoofed emails … could prevent a similar attack that hobbled the Democrats during the 2016 election. … Only Elizabeth Warren … Joe Biden, Kamala Harris, Michael Bloomberg, Amy Klobuchar, Cory Booker, Tulsi Gabbard and Steve Bullock have … improved their email security.

The remaining candidates, including … Donald Trump, are not rejecting spoofed emails. … That, experts say, puts their campaigns at risk from foreign influence campaigns and cyberattacks.

In the run-up to the 2016 presidential election, Russian hackers sent an email to Hillary Clinton campaign manager John Podesta, posing as a Google security warning. [It] tricked Podesta into … allowing hackers to steal tens of thousands of private emails.

Or perhaps you prefer a different topical angle? G’day, David Braue—“You may be targeting Black Friday bargains, but cybercriminals are targeting you”:

 Security firms are warning shoppers to be careful online as cybercriminals increase their activity in the runup to [the] retail season. … Shoppers need to be particularly wary of online scams and malware propagated through emails spoofing legitimate retailers.

Despite efforts by the Australian Signals Directorate to promote the use of next-generation DMARC email anti-fraud tools … research suggests that just 45 percent of Australia’s biggest online retailers have actually begun implementing DMARC – and just 10 percent have adopted the strictest level of security.

Returning to this hemisphere, Agari’s Armen Najarian claims, “2020 Presidential Candidates Remain Vulnerable”:

 The kinds of email attacks that helped derail Hillary Clinton’s candidacy in 2016 are only getting more sophisticated. [But some] campaigns are not taking the threat as seriously as they should.

Meanwhile, we’re seeing new trends in how cybercriminals execute … advanced threats, which are liable to throw an entire candidacy off-course. After all, it only requires one campaign employee or volunteer to click on one link in a malicious email.

It’s likely only a matter of time before the unthinkable happens once again. … The Mueller Report … squarely pointed to spear phishing as the primary attack vector for Russian hackers seeking to gain access.

Unfortunately, candidates must not only be concerned about email directed to them and their campaign staff. … Imagine the damage that can be done by emails that appear to come from the legitimate domain of the candidate, but actually come from a malicious criminal who uses that domain to spread false information to potential … donors, voters, and the media.

This is entirely possible, and likely even probable, unless candidates take the steps they need to protect against it by implementing DMARC with a p=reject policy.

DMARC: HOWTO? Chad Calease obliges—“A Definitive Guide”:

 This is the time of year we’re all too aware how much phishing really sucks. … While technology isn’t able to catch all of it 100% of the time, DMARC is one of these important layers of defense that helps to dramatically minimize the amount of phishing emails that get through to our inboxes.

DMARC stands for Domain-based Message Authentication, Reporting & Conformance. [It] is a set of 3 DNS records that work together to ensure email is sent only from authorized … mail servers, thereby helping block fraudulent messages.

DMARC sets a clear policy for what to do if a message hasn’t been sent from an authorized source. … DMARC helps prevent criminals from spoofing the “header from” or “reply-to” address: … First it checks that the DKIM … digital signature is a match. Then it checks the SPF record to ensure the message came from an authorized server. If both DKIM and SPF pass these checks, DMARC delivers the message.

But if one or more of these tests fails, DMARC behaves according to a policy we set:

‘none’ [which] doesn’t impose any actions …
‘quarantine’ [which] Flags messages … to be directed to the recipients’ spam or junk folders …
‘reject’ [which] outright refuses messages that fail … (this is the end goal of a good DMARC configuration).

OK, so why aren’t all the candidates on board? Here’s lostphilosopher:

 I see this as a reflection of the candidates ability to find and listen to experts. I don’t expect a candidate to understand how to do tech “right” – I’m in the industry and still get half of it wrong! However, when you’re running a multi million dollar campaign you can afford to bring in experts to set this stuff up and audit your practices.

I assume these candidates are already doing this and that if they are still not following some basic best practices it’s because they are actively ignoring the experts. … That’s what worries me: If they can’t find or listen to these people now, what makes me think they’ll be able to in office?

And this Anonymous commentator agrees:

 Think about this for a second! If the … candidates don’t care enough about their own email traffic, why would anyone vote for them to secure this nation? If your own private info is easily up for grabs, what do you honestly think national security would be like under any of them?

But gl4ss spots an oint in the flyment:

 If you rely on DMARC … and just trust it blindly then you know what? You’re gonna get ****ed by someone on whthouse.org.co.uk.acva.com.

Sure the email is sent from that domain, but so what? The domain isn’t right.

It was ever thus. Ryan Dunbar—@ryandunbar2—looks back:

 In 1980 we knew internet email was not secure.
2003 get email SPF
2007 get email DKIM
2012 get DMARC
2019 get ARC, BIMI
2025 get QUIC, yet email will still not be secure.
2050 get internet3
Why does it look like the ones running the internet don’t want a secure internet?

Meanwhile, El Duderino knows who to blame:

 This is Al Gore’s fault because he invented the internet.

And Finally:

10 Years; 100 songs; 3 minutes

Previously in And Finally


You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites… so you don’t have to. Hate mail may be directed to @RiCHi or sbbw@richi.uk. Ask your doctor before reading. Your mileage may vary. E&OE.

Image source: Tia Dufour (public domain)

Source link

The post #cybersecurity | #hackerspace |<p> But Their Emails: Many 2020 Campaigns Still Risk Phishing Attacks <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Dropbox Phishing Scam: Don’t Get Fooled by Fake Shared Documents

Source: National Cyber Security – Produced By Gregory Evans

Hackers use familiar brands like Dropbox to steal login
credentials and spread malware

It’s funny how hackers, phishers, and scamsters can be blatantly obvious and inexplicably unpredictable at the same time. I’m saying obvious because they target the most widely used services/platforms and lots of users know what they’re up to — not just security professionals, but many ordinary users know about these phishing scams and what to look for. Phishers might be predictable in going after big names but it’s the unpredictability in their approaches that makes them tick. Time after time, they come up with new ways that help them achieve exactly what they want and make them “successful.” The Dropbox phishing scam is a perfect illustration of this.

The Dropbox phishing scam surfaced around a
year ago and made headlines in many popular publications. It hasn’t gotten as
much attention recently, but even after a year, attackers are still targeting
users using this same-old trick. And therefore, you need to know about it.

Let’s hash it out.

Dropbox Phishing: It All Starts
with a Simple Email

This is how it all starts: You receive an
email (either text or HTML-based) from a person saying they have shared an
important document with you. The email looks a lot like an official Dropbox
email and has a link to access the document. To make it look authentic, some of
these emails include actual links to Dropbox in the footer of the email. These
are links to Dropbox’s Terms of Service, Privacy Policy, and Help Center.

Here’s a pretty simple example:

Check the “From” Details Carefully

As you can see in the screenshot above,
this phish email has “Dropbox” as its sender’s name. It’s easy to fall prey to
this as the sender name and the email style make it look like an actual Dropbox
email.

However, if you look closely, you’ll see
that the from email address and the embedded link are clearly not Dropbox.

However, if you’re skimming through your
email (as many of us do), it’s easy to fall for this Dropbox phishing scam.
Once you click the link, the URL takes you to a web page that looks almost
exactly like an actual Dropbox login page.

More advanced Dropbox phishers take the
scam to the next level…

Check URLs Carefully — Even If They Include “Dropbox”

Some Dropbox scammers are carefully picking
URLs that look official at first glance.

For example, they will include common keywords such as “Microsoftonline” or “Dropbox” in the domain or subdomain to make it look like a genuine domain:

  • dropbox.secure.somedomain.com
  • login.microsoftonline.com.someotherdomain.com
  • secure.dropboxsharing.somethingelse.com
Email Security Best Practices - 2019 Edition

Don’t Get Phished.

Email is the most commonly exploited attack vector, costing organizations millions annually. And for SMBs, the damage can prove fatal: 60% fold within 6 months of falling victim to a cyber attack. Don’t be one of them.

HTTPS URLs Aren’t Always Safe

And the cherry on the top is how phishers
use fake HTTPS URLs. So, the link that you’re being redirected to isn’t an
HTTPS link. It has HTTPS in the link text, but not as the protocol. If an SSL
certificate protects a website, it will look like this: https://www.(website name).com/. The
fake Dropbox URL looks like www.https-(fake website
name).com. See the difference?

Another trick that phishers have recently adopted is using an HTTPS website. No, the previous sentence doesn’t contain any technical error; it’s a fact that most phishing websites feature HTTPS now. In such cases, users are more likely to fall for it as they’re trained to look for that secure padlock.

Phishers are a Poor Man’s Magicians: Here’s How to Catch Them

What do magicians and phishers have in common? Well, they both take advantage of our psychological limitations to distract us and make us look where they want us to.

However, the silver lining here is that the
phishers are far from good magicians. A great magician can take their secrets
with them to the grave. But with a bit of concentration and training, you can
catch almost every phisher.

So, here’s how you can CATCH the PHISHers
(Got it 😉 ?).

Check the Email Address

First of all, you should always check the email address of the sender. Is the email sent by someone you know? Is the email coming from Dropbox’s (or any service provider’s) list of official domains? This is the first thing you must check, and you should not proceed further if the email is not familiar and/or it’s been sent from a domain that’s not been mentioned in Dropbox’s list of its official domains.

In my
experience, doing this one check will protect you from most email phishing
attacks as hackers shouldn’t have access to Dropbox’s official domains.
However, you should be cautious even if the email appears to be from an
official Dropbox domain as some email servers are not configured to check
SPF/DKIM records, so spoofed emails will be let through.

Check the Link URLs

If the email
passes the first security check, then you should check the links in the email:

  • View the web page in your
    browser and check for “https” at the start of the URL. It should look like https://www.(website name).com/. (Note: Google Chrome
    hides the https:// until you double click in the address bar.)
  • Once this check is done, you
    should again go back to Dropbox’s list of official domains and then check if this
    domain is on the list.
  • To double-check the
    authenticity of the website, you should also check the SSL certificate Dropbox
    uses. As you can see in the screenshot, Dropbox.com is protected by a DigiCert
    EV (extended validation) SSL certificate and this certificate has been issued
    to Dropbox, Inc.
Graphic: Avoid Dropbox phishing scams by checking validity of URLs and site SSL certificates

Extended validation
means that the certificate authority (DigiCert, in this case) did an extensive
verification of Dropbox, Inc before issuing the certificate. This way, you can
be sure that the website you’re on actually belongs to Dropbox.

Quite simple,
isn’t it?

What Could Happen If You Fall Victim to the Dropbox Phishing
Scam?

Dropbox stores
the data of more than 500 million users and 200,000 businesses, and it’s the
most significant cloud sharing and storage company in the world. Putting a
malicious file in just one employee account could be a brutal blow to the
privacy of an entire organization. And it’s not just the privacy, but the
existence of a business could be at stake—that’s a good enough reason to take
your Dropbox security pretty seriously, don’t you think?

Unfortunately, that’s not where it stops. A phisher who has taken complete control over your account and associated data using malware could demand a significant ransom if you want your account back. In technical terms, this is called ransomware.

The consequences of Dropbox phishing could be even more brutal if you’re one of those persons who uses the same password pretty much everywhere. Every bit of information you have on the internet could be in the hands of the attackers. Just think about it!

Hackers may also
scan your account to automatically find valuable data in your saved documents.
This could include customer data, payment details, login credentials for other
platforms, or anything else you might have that’s sensitive.

Last Word on Dropbox Phishing

All scammers — whether in the real world or online — take advantage of our human limitations. Either they make us see and feel something that isn’t there, or maybe they give us some lucrative incentive to distract us (we’ve all heard of the Nigerian Prince scam, haven’t we?). With a little bit of awareness and concentration, you can be a step ahead of all the phishers.

Tip of the day: Remember to look where you want to, not where they want you to.

Recent Articles By Author

*** This is a Security Bloggers Network syndicated blog from Hashed Out by The SSL Store™ authored by Jay Thakkar. Read the original post at: https://www.thesslstore.com/blog/dropbox-phishing-scam-dont-get-fooled-by-fake-shared-documents/

Source link

The post #cybersecurity | #hackerspace |<p> Dropbox Phishing Scam: Don’t Get Fooled by Fake Shared Documents <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | How to Recognize a Phishing Campaign

Source: National Cyber Security – Produced By Gregory Evans

Phishing attacks and campaigns have always been a hot topic in online security. With many posts tagged as “phishing” on our blog — the first one being over nine years old now — we’ve seen our fair share of phishing attempts.

In this post, we’ll cover the signs of a phishing attacks so you can recognize and avoid falling for them.

What is a Phishing Attack?

A phishing attack happens when a malicious actor pretends to be someone else to gain privileged access or information. This can be in the form of a website, phone number, email, or even in person. If you’re not familiar with the concept of phishing, we have a post covering what is phishing.

Signs of a Phishing Attack

Phishing attacks come in all shapes and forms, and methods attackers use are always evolving. There are many common characteristics which are easy to recognize once you know what to look for.

Genuine-Looking but Odd Requests

Many phishing campaigns will use a recognizable company or branding that the victim is familiar with. This can be a financial institution, coworker, or website you know.

To do this, they will try spoofing their email or phone number, or use one which contains genuine-looking keywords via public emails.

Examples:

  • security_bankname@gmail.com
  • bankname@outlook.com

Both of these emails use public email registrars, which can create emails with any names for free.

  • important@bankk.com
  • account@baank.com
  • website@securi.info

These emails use a similar domain name to the actual company, such as securi.info instead of sucuri.net. This is why it’s important to always double-check the domain to ensure it’s genuine.

Fast Action Required

To make the victims skip over details they would usually notice, the phishing attempt will add a sense of urgency to the message. Due to the severity or urgency of the request, you are more likely to immediately follow the links or open the attachment the attacker wants you to.

Examples:

  • This offers expire in 1 hour!
  • [Urgent] Malware on your website
  • Your account is compromised
  • Suspicious charges on your account

Odd-looking

This one will vary greatly depending on the goal of the attacker and knowledge they have about the victim, but the contact method will likely seem different  from your usual communication.

When an attacker pretends to be your boss or coworker, they will most likely use a different writing style than your usual message:

  • More or less typos
  • More or less formal
  • Missing or different signature

These are all signs that you should double-check with your contact to see if they sent the message, preferably with a communication channel you know is safe.

No Signs at All

The most important thing to keep in mind when thinking about phishing is that all attempts are different — and many targeted attacks are very advanced. They can hack or spoof your boss’s email, and then use the correct data to mislead you into thinking they are your target. If they request you visit a link or open an attachment, your best bet is to double-check via a different communication channel to make sure the request is genuine.

Phishing Campaign Examples

Here are some examples of phishing campaigns we have seen lately:

Google Drive Phishing Campaign

Notice how odd it is to be able to use any email provider to login to Google Drive:

Google Drive Phihsing Campaign 2

Google Drive Phihsing Campaign 3

Bank Phishing Campaign in Brazil

Notice how the phishing campaign asks for credit card information in the last image.

Bank Phishing Campaign in Brazil

Bank Phishing Campaign in Brazil 3

Bank Phishing Campaign in Brazil 1

Bank Phishing Campaign in Brazil

Conclusion

Now that you’re familiar with the concept of phishing campaigns, you can recognize the attacks and avoid falling for them! If you are looking to be up to date on the latest website attacks trends, subscribe to receive email updates.

 

 

 

 

 

Source link

The post #cybersecurity | #hackerspace |<p> How to Recognize a Phishing Campaign <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Do You Know How To Protect Yourself Against Phishing Emails? – University Times

Source: National Cyber Security – Produced By Gregory Evans Close Illustration by Lauren Dahncke Illustration by Lauren Dahncke Illustration by Lauren Dahncke National Cybersecurity Awareness month recently came to an end, but phishing emails never seem to.  According to Cal State LA’s Information Technology Security, phishing emails are sent to the recipient with the purpose […] View full post on AmIHackerProof.com