TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Phishing

Could An Email Signature Be A Hidden Threat To Your Business?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

You’re wrapping up a meeting when your phone buzzes with a new email. It’s from a key supplier and looks urgent. The message is short, direct, and ends with the familiar email signature you’ve seen countless times.

Without hesitation, you act on the request, but hours later, you discover that the email wasn’t from your supplier at all. The signature that convinced you it was legitimate was a clever forgery. Now you’re dealing with the fallout of a security breach that could have been avoided.

This isn’t a far-fetched scenario. It’s happening more often than you might think. Email signatures, those blocks of text at the end of every professional email, are being weaponized by cyber criminals.

While you’ve (hopefully) invested in securing your networks and training your team, the security of your email signature might be the last thing on your mind. But ignoring this small detail can open the door to big risks.

An email signature is more than just a formal way to sign off. It’s a digital fingerprint of your business identity. It contains crucial information such as your name, job title, contact details, and often your business’s logo and links.

For your clients and colleagues, it’s a mark of authenticity. But for cyber criminals, it’s a treasure trove of information that can be exploited to deceive and defraud.

What makes email signatures particularly vulnerable is their consistency and familiarity. The more frequently someone sees your signature, the more they associate it with legitimacy.

Cyber criminals take advantage of this by creating emails that appear to come from you or your trusted contacts, complete with a forged signature that looks almost identical to the real thing.

The reality is that many businesses overlook the security of their email signatures. They’re often seen as an afterthought, something that’s nice to have but not critical to protect. This can be dangerous. Without proper security measures, your email signature can easily be spoofed, making your business – and your clients – vulnerable to attacks.

Understanding the risks is the first step toward protecting your business.

For instance, if your email signature includes links, those links can be manipulated to direct recipients to malicious websites. Your title and contact details can be used to create highly authentic looking emails.

To safeguard your business, rethink how you approach email signatures. Start by standardizing the format across your company. When everyone’s signature looks the same, it’s easier to spot anomalies that could indicate a security threat.

Make sure that the links in your signatures are regularly verified to point to secure, legitimate websites. And, while it might be tempting to include lots of information in your signature, remember that the more data you provide, the more opportunities you’re giving cyber criminals to exploit it.

If you need help with this or any other aspect of your cyber security, get in touch.

Phishing 2.0: How AI Is Amplifying The Danger And What You Can Do

As technology advances, so do the threats that come with it. One of the most significant emerging threats in cybersecurity is AI-enhanced phishing. Unlike traditional phishing attempts, which are often easy to spot due to generic messages and poor grammar, AI-enhanced phishing uses sophisticated algorithms to create highly personalized and convincing attacks.

The potential damage from these attacks can be immense, leading to significant data breaches and severe consequences for individuals and organizations alike. To protect yourself and your organization, it’s crucial to adopt a proactive approach to cybersecurity.

Understanding the threat

AI-enhanced phishing leverages artificial intelligence to craft personalized emails that appear to come from trusted sources. These emails are designed to trick recipients into revealing sensitive information or clicking on malicious links. The consequences of falling victim to such attacks can be devastating, ranging from financial loss to identity theft.

How to protect yourself

Protecting yourself from AI-enhanced phishing requires vigilance and the implementation of several key security measures:

Be skeptical

Always be skeptical of unsolicited messages, especially if they ask for personal information or prompt you to click on a link or download an attachment. Cybercriminals often use urgent language to create a sense of urgency or appeal to curiosity.

Check for red flags

Even the most sophisticated phishing attempts can contain subtle red flags. Be cautious if an email seems too good to be true or if it contains slight variations in email addresses, unexpected attachments, or unusual requests. Look for inconsistencies in the sender’s address, the tone of the message, and the formatting.

Use multi-factor authentication (MFA)

Multi-factor authentication adds an extra layer of security by requiring more than one form of verification to access your accounts. This could include a combination of something you know (a password), something you have (a smartphone), and something you are (a fingerprint). MFA significantly reduces the risk of unauthorized access even if your password is compromised.

Educate yourself and others

Education is a powerful tool in the fight against phishing. Learn about the latest AI phishing tactics and share this knowledge with your colleagues, friends, and family. Regular training sessions and updates on the latest phishing techniques can help everyone stay vigilant.

Use advanced security tools

Invest in advanced security tools that can help detect and prevent phishing attempts. These tools often include email filters, anti-phishing software, and AI-based threat detection systems. Regularly update and configure these tools for maximum protection.

Report phishing attempts

If you receive a suspicious email, report it to your IT team or email provider immediately. Reporting phishing attempts helps improve security measures and prevents other potential victims from falling prey to the same scam. Your vigilance contributes to a safer digital environment.

Enable email authentication

Implement email authentication protocols such as SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting & Conformance). These protocols help verify the authenticity of the sender’s email address.

Conduct regular security audits

Regular security audits are essential to identify vulnerabilities in your systems and ensure that all security measures are up to date. These audits can uncover weaknesses that might be exploited by cybercriminals and provide an opportunity to strengthen your defenses.

In an era where cyber threats are becoming increasingly sophisticated, it’s essential to stay informed and proactive about cybersecurity. By understanding the nature of AI-enhanced phishing and implementing these protective measures, you can significantly reduce the risk of falling victim to these attacks. Remember, the key to cybersecurity is vigilance.

Eight In 10 Businesses Were Targeted With Phishing In The Last Year. Was Yours?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Despite all the buzz about high-tech threats like ransomware and malware, good old phishing has held on to its title as the number one trick in a cyber criminal’s toolkit.

Phishing is when someone tries to trick you into giving them your personal information, like your password or credit card number. They do this by sending you emails or text messages that look like they’re from a real company.

According to the latest annual cyber breaches survey, 79% of businesses were targeted with a phishing attempt in the past year. And if your employees aren’t trained in cyber security awareness, 1 in 3 of them are likely to fall for a phishing attack. Scary!

You might be thinking, “Sure, it’s bad, but it can’t be that bad, right?” Well, let’s break down the consequences of a successful phishing attack.

[Read more…] about Eight In 10 Businesses Were Targeted With Phishing In The Last Year. Was Yours?

Learn How To Spot Fake LinkedIn Sales Bots

LinkedIn has become an invaluable platform for professionals. People use it to connect, network, and explore business opportunities. But with its growing popularity have come some red flags. There has been an increase in the presence of fake LinkedIn sales bots.

These bots impersonate real users and attempt to scam unsuspecting individuals. This is one of the many scams on LinkedIn. According to the FBI, fraud on LinkedIn poses a “significant threat” to platform users.

Lets delve into the world of fake LinkedIn sales bots. We’ll explore their tactics and provide you with valuable tips. You’ll learn how to spot and protect yourself from these scams. By staying informed and vigilant, you can foster a safer LinkedIn experience.

Identifying fake LinkedIn connections

Social media scams often play on emotions. Who doesn’t want to be thought of as special or interesting? Scammers will reach out to connect. That connection request alone can make someone feel wanted. People often accept before researching the person’s profile.

Put a business proposition on top of that, and it’s easy to fool people. People that are looking for a job or business opportunity may have their guard down. There is also an inherent trust people give other business professionals. Many often trust LinkedIn connections more than Facebook requests.

How can you tell the real requests from the fake ones? Here are some tips on spotting the scammers and bots.

Incomplete profiles and generic photos

Fake LinkedIn sales bots often have incomplete profiles. They’ll have very limited or generic information. They may lack a comprehensive work history or educational background. Additionally, these bots tend to use generic profile pictures. Such as stock photos or images of models.

If a profile looks too perfect or lacks specific details, it could be a red flag. Genuine LinkedIn users usually provide comprehensive information.

Impersonal and generic messages

One of the key characteristics of fake sales bots is their messaging approach. It’s often impersonal and generic. These bots often send mass messages that lack personalization. They may be no specific references to your profile or industry. They often use generic templates or scripts to engage with potential targets.

Excessive promotional content

Fake LinkedIn sales bots are notorious for bombarding users. You’ll often get DMs with excessive promotional content and making unrealistic claims. These bots often promote products or services aggressively. Usually without offering much information or value.

Inconsistent or poor grammar and spelling

When communicating on LinkedIn, pay attention to the grammar and spelling of messages. You may dismiss an error from an international-sounding connection, but it could be a bot.

Fake LinkedIn sales bots often display inconsistent or poor grammar and spelling mistakes. These errors can serve as a clear sign that the sender is not genuine. Legitimate LinkedIn users typically take pride in their communication skills.

Unusual connection requests and unfamiliar profiles

Fake LinkedIn sales bots often send connection requests to individuals indiscriminately. They may target users with little regard for relevance or shared professional interests.

Be cautious when accepting connection requests from unfamiliar profiles. Especially if the connection seems unrelated to your industry or expertise.

Business Email Compromise (BEC) And Phishing Are Dangerous For Small Businesses

Business email compromise (BEC) and phishing are two of the most common and damaging cyber threats facing businesses today. BEC involves the fraudulent use of email to impersonate a legitimate business or individual in order to gain access to sensitive information or financial resources.

Phishing, on the other hand, is a type of cybercrime that involves the use of fraudulent emails or websites to trick individuals into revealing sensitive information, such as login credentials or financial information.

BEC attacks often target employees with access to sensitive financial information or those who have the authority to make wire transfers or other financial transactions.

The attackers use sophisticated social engineering tactics to trick the employee into revealing login credentials or other sensitive information, or to convince them to make a financial transaction on behalf of the company. In some cases, the attackers may even impersonate a high-level executive or vendor in order to gain the trust and cooperation of the employee.

One of the most common tactics used in BEC attacks is the “man-in-the-middle” attack, where the attacker intercepts legitimate emails and alters them to redirect payments or other financial transactions to their own account.

Other tactics include the use of fake invoices, purchase orders, or other financial documents to trick employees into making payments to the attacker.

Phishing attacks, on the other hand, generally aim to trick individuals into revealing sensitive information or clicking on malicious links. These attacks often take the form of fake emails purporting to be from legitimate organizations, such as banks or government agencies, and may contain links to fake login pages or download malicious software onto the victim’s computer.

To protect against BEC and phishing attacks, it’s important for businesses to implement strong security measures and to educate their employees on how to spot and avoid these threats. Some best practices for protecting against BEC and phishing attacks include:

  • Implementing strong email security measures, such as spam filters and email authentication protocols, to help identify and block fraudulent emails.
  • Training employees on how to spot and avoid phishing and BEC attacks, including teaching them to be wary of unsolicited emails and to verify the authenticity of any emails requesting sensitive information or financial transactions.
  • Establishing strong passwords and using two-factor authentication to protect login credentials and other sensitive information.
  • Setting up monitoring systems to detect and alert on unusual or suspicious activity, such as unexpected wire transfers or login attempts.
  • Regularly updating software and security protocols to ensure that the latest security measures are in place.

In addition to these measures, it’s important for businesses to have a plan in place for responding to a BEC or phishing attack. This should include:

  • Establishing a clear chain of command for reporting and responding to suspicious activity.
  • Designating a team to investigate and respond to potential attacks.
  • Having a process in place for assessing and mitigating the damage caused by an attack.
  • Reviewing and updating security protocols on an ongoing basis to ensure that they are effective in protecting against these threats.

Overall, BEC and phishing attacks are a serious threat to businesses of all sizes. By implementing strong security measures and educating employees on how to identify and avoid these threats, businesses can protect themselves and their customers from these damaging cyber attacks.

2022: The Year Of Malware, Hacks And Phishing

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Much of our time this year has been spent working with our clients, making sure they’re ready to fend off newly emerging cyber threats or malware strains.

So to look back at the year, we thought we’d round up what many experts agree has been the nastiest malware of 2022.

At the top of the list is Emotet. Chances are you haven’t heard of it by that name, but it’s a trojan that’s spread by spam email. It usually looks like a genuine email with familiar branding, but it tries to persuade the recipient to click a malicious link (using language like ‘your invoice’ or ‘payment details.’

It may also look like it’s from a parcel company. This malware goes through your contact list and sends itself to family, friends, colleagues, and clients. Then it looks less like spam, because it’s come from your email account.

In second position is LockBit. This is ransomware that’s designed to block access to your files and systems when cyber criminals encrypt them.

They ask you to pay a ransom for the decryption key (which they often still don’t hand over, even when you’ve paid). If you don’t have a solid backup strategy, it is highly likely you’ll experience data loss.

This is a targeted attack that spreads itself once it’s infiltrated one device on a network. In fact, it can ‘live’ for weeks inside a network before the attack is launched.

In third place is Conti, another form of ransomware, and in fourth position is Qbot, a trojan designed to steal banking information and passwords.

It may all sound scary, but there’s plenty you can do to give your business greater protection from these threats:

  • Keep your entire network and all devices updated
  • Don’t download suspicious attachments or click links unless you’re certain they’re genuine
  • Practice strong password hygiene, including multi-factor authentication, password managers, biometrics, and passkeys where available
  • Give your people access to only the systems and files they need. Remove ex-employees from your network immediately
  • Create and regularly check back-ups
  • Educate your people regularly

We can help with all of this – just get in touch!

The Rising Threat of BEC Attacks: Don’t Let Your Business Fall Victim

Business email compromise (BEC) attacks are becoming widespread and present a significant risk to businesses of all sizes.

These attacks involve hackers posing as trusted individuals or organizations via email to request sensitive information or financial transfers.

BEC attacks often target high-level employees, such as executives or financial managers, and can be highly sophisticated.

Attackers may go to great lengths to make their emails appear authentic, including using genuine email addresses and logos. In some cases, they may even gain access to an employee’s email account to send BEC emails to other employees or partners.

In BEC attacks, a common technique is the “man-in-the-middle” approach, where the attacker poses as a trusted third party, such as a supplier or vendor, and requests payment or sensitive information.

These attacks can be challenging to detect because the attacker may use genuine email addresses and logos to seem legitimate.

The attacker manipulates the victim into thinking they are communicating with a trusted party, which can lead to them divulging sensitive information or making financial transfers to the attacker.

To safeguard your business from BEC attacks, it is essential to implement strong email security measures and educate your employees on the signs of such an attack.
Two-factor authentication and monitoring for unusual activity can help protect your business.

Employees should also be aware of red flags, such as requests for sensitive information or financial transfers from unknown individuals or organizations, or requests to transfer money to unfamiliar bank accounts.

If you receive a suspicious email, do not click on any links or download any attachments.

Instead, verify the request through a separate, secure channel, such as a phone call to the sender using a number you know to be valid.

Business email compromise attacks are a rapidly growing threat to businesses of all sizes.

By taking proactive steps to secure your email communications and staying vigilant, you can help protect your business from costly and damaging BEC attacks.

The SLAM Method Can Improve Phishing Detection

Why has phishing remained such a large threat for so long? Because it continues to work. Scammers evolve their methods as technology progresses, employing AI-based tactics to make targeted phishing more efficient.

If phishing didn’t continue returning benefits, then scammers would move on to another type of attack. But that hasn’t been the case. People continue to get tricked.

In May of 2021, phishing attacks increased by 281%. Then in June, they spiked another 284% higher.

Studies show that as soon as 6 months after a person has been trained on phishing identification, their detection skills can begin waning as they forget things.

Give employees a “hook” they can use for memory retention by introducing the SLAM method of phishing identification.

What is the SLAM Method for Phishing Identification?

One of the mnemonic devices known to help people remember information they are taught is the use of an acronym. SLAM is an acronym for four key areas of an email message that should be checked before trusting it. These are:

S = Sender
L = Links
A = Attachments
M = Message text

By giving people the term “SLAM” to remember, it’s quicker for them to do a check on any suspicious or unexpected email without missing something important.

All they need to do is run down the cues in the acronym.

S = Check the Sender

It’s important to check the sender of an email thoroughly. Often scammers will either spoof an email address or use a look-alike address that people easily mistake for the real thing.

You can double-click on the sender’s name to ensure the email address is legitimate.

L = Hover Over Links Without Clicking

Hyperlinks are popular to use in emails because they can often get past antivirus/anti-malware filters.

You should always hover over links without clicking on them to reveal the true URL. This often can immediately call out a fake email scam due to them pointing to a strangely named or misspelled website.

A = Never Open Unexpected or Strange File Attachments

Never open strange or unexpected file attachments, and make sure all attachments are scanned by an antivirus/anti-malware application before opening.

M = Read the Message Carefully

If you rush through a phishing email, you can easily miss some telltale signs that it’s a fake, such as spelling or grammatical errors.

Look for words or phrases not normally used by the person who’s emailing you. Words like “kindly” and “revert” are tell-tale clues the email come from someone who’s not your normal sender.

Also, be on the lookout for pressure to act quickly or unexpected banking change requests. While it happens, it is rare for a company to change banks without months of advance notice.

Get Help Combatting Phishing Attacks

Both awareness training and security software can improve your defenses against phishing attacks. Contact us today to discuss your email security needs.

Watch Out For Reply-chain Phishing Attacks

Phishing. It seems you can’t read an article on cybersecurity without it coming up. That’s because phishing is still the number one delivery vehicle for cyberattacks.

80% of surveyed security professionals say that phishing campaigns have significantly increased post-pandemic.

Phishing not only continues to work, but it’s also increasing in volume due to the move to remote teams.

Many employees are now working from home. They don’t have the same network protections they had when working at the office.

One of the newest tactics is particularly hard to detect. It is the reply-chain phishing attack.

What is a Reply-Chain Phishing Attack?

You don’t expect a phishing email tucked inside an ongoing email conversation between colleagues.

Most people are expecting phishing to come in as a new message, not a message included in an existing reply chain.

The reply-chain phishing attack is particularly insidious because it does exactly that. It inserts a convincing phishing email in the ongoing thread of an email reply chain.

How does a hacker gain access to the reply chain conversation? By hacking the email account of one of those people copied on the email chain. Often, the target isn’t even aware.

The hacker can email from an email address that the other recipients recognize and trust. The attacker also gains the benefit of reading down through the chain of replies. This enables them to craft a response that looks like it fits.

They may see that everyone has been weighing in on a new idea for a product called Superbug. So, they send a reply that says, “I’ve drafted up some thoughts on the new Superbug product, here’s a link to see them.”

The reply won’t seem like a phishing email at all. It will be convincing because:

  1. It comes from an email address of a colleague. This address has already been participating in the email conversation.
  2. It may sound natural and reference items in the discussion.
  3. It may use personalization. The email can call others by the names the hacker has seen in the reply chain.

Business Email Compromise is Increasing

Business email compromise (BEC) is so common that it now has its own acronym. Weak and unsecured passwords lead to email breaches. So do data breaches that reveal databases full of user logins.

Tips for Addressing Reply-Chain Phishing

Here are some ways that you can lessen the risk of reply-chain phishing in your organization:

• Use a business password manager
• Put multi-factor controls on email accounts
• Teach employees to be aware

Phishers Lure Targets In With COVID-19 Schemes

Mark Funchion is a network technician at Tech Experts.

You may have noticed that we talk about phishing a lot. Unfortunately, phishing is an issue that will never go away and the tactics change constantly. That constant change makes it difficult, if not impossible, to eliminate as a threat.

Fortunately, there are red flags that end users can keep an eye out for.

If you get an email that answers a common demand, treat it with a high level of skepticism.

For example, a few years ago when the Nintendo Wii was hard to find and a lot of people wanted them, a lot of “Click here to buy a Wii now!” emails went out. I think you can guess how many people actually got a Wii through those schemes.

Well, it’s not Christmas, but the ongoing hot topic in the world is COVID-19 and its vaccine.

As we strive to return to normalcy, there are people who want the vaccine who do not qualify yet, are on a waiting list, or want to get it in a quick and easy way.

Attackers know this. In fact, they count on it. Phishers rely on human nature, and that is what makes it hard for the end user: you have to go against your basic human emotions.

All emails should be evaluated as if they are a phishing email. Look for the standard warning signs such as an offer that’s too good to be true, misspelled words, or if the wording of the message is a little off. Some are very obvious. Some are more subtle.

The attackers may also appear as though they are from a reputable company like a national pharmacy chain, a local doctor, or a large hospital system.

However, the typical format legitimate providers follow is that they’ll send you information on the vaccine and remind you to contact your health care professional to schedule an appointment.

Another example of the phishers’ methods is that they’ll send a link asking you to verify your information to determine eligibility (or even a link to buy the vaccine from a supplier).

Again, red flags. Take a moment to ask yourself why – when the vaccine distribution is so controlled – would a random person have a surplus of product?

These are all pretty basic ideas, but it is easy to get lax in proceeding with caution. It’s even more of a challenge to stay alert when the attacks are using current events to their advantage.

The days of free money from a “Nigerian Prince” are mostly over, but almost everything we do right now is influenced by COVID.

If and when you get the message asking you to “click here to verify your vaccine eligibility,” don’t do it. Next month, when you are hit with messages for updates on your taxes or missing money, don’t click on those either. Later this year at Christmas, don’t click on the link for the discounted, hot item everyone wants. And in 2022… rinse and repeat.

Phishing will always find a way to be relevant, and you can never let your guard down.