Phishing

Watch Out! “Malvertising” Is On The Rise!

December 17, 2024

This image was generated by an AI engine.

There are many types of malware. One of the most common is called “malvertising.” It crops up everywhere. You can also see these malicious ads on Google searches.

Two things are making malvertising even more dangerous. One is that hackers use AI to make it very believable. The other is that it’s on the rise, according to Malwarebytes. In the fall of 2023, malvertising increased by 42% month over month.

Below, we’ll help you understand malvertising and give you tips on identifying and avoiding it.

What is “malvertising?”

Malvertising is the use of online ads for malicious activities. One example is when the PlayStation 5 was first released. It was very hard to get, which created the perfect environment for hackers. Several malicious ads cropped up on Google searches. The ads made it look like someone was going to an official site. Instead, they went to copycat sites. Criminals design these sites to steal user credentials and credit card details.

Google attempts to police its ads, but hackers can have their ads running for hours or days before they’re caught. These ads appear just as any other sponsored search ad. They can also appear on well-known sites that have been hacked or on social media feeds.

Tips for protecting yourself from malicious online ads

Review URLs carefully

You might see a slight misspelling in an online ad’s URL. Just like phishing, malvertising often relies on copycat websites. Carefully review any links in the ads.

Visit websites directly

A foolproof way to protect yourself is not to click any ads.

Instead, go to the brand’s website directly.

If they truly are having a “big sale,” you should see it there. Just don’t click those links and go to the source directly.

Use a DNS filter

A DNS filter protects you from mistaken clicks. It will redirect your browser to a warning page if it detects danger. DNS filters look for warning signs. This can keep you safe even if you accidentally click a malvertising link. Often, you’ll see a block page.

Do not log in after clicking an ad

Malvertising will often land you on a copycat site. The login page may look identical to the real thing. One of the things phishers are trying to steal is login credentials.

If you click an ad, do not input your login credentials on the site, even if the site looks legitimate. Go to the brand’s site in a different browser tab.

Don’t call suspicious ad phone numbers

Phishing can also happen offline. Some malicious ads include phone numbers to call. Unsuspecting victims may not realize fake representatives are part of these scams. Seniors are often targeted; they call and reveal personal information to the person on the other end of the line.
Stay away from these ads. If you find yourself on a call, do not reveal any personal data.

Don’t download directly from ads

“Get a free copy of MS Word” or “Get a Free PC Cleaner.” These are common malvertising scams. They try to entice you into clicking a download link. It’s often for a popular program or freebie. The link actually injects your system with malware to do further damage.

A direct download link is likely a scam. Only download from websites you trust.

Warn others when you see malvertising

If you see a suspicious ad, warn others. This helps keep your colleagues, friends, and family more secure. If unsure, do a Google search. You’ll often run across scam alerts confirming your suspicion.

Foster a culture of cyber awareness

It’s important to arm yourself and others with this kind of knowledge. Foster a culture of cyber-awareness to ensure safety and better online security.

Could An Email Signature Be A Hidden Threat To Your Business?

October 15, 2024

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

You’re wrapping up a meeting when your phone buzzes with a new email. It’s from a key supplier and looks urgent. The message is short, direct, and ends with the familiar email signature you’ve seen countless times.

Without hesitation, you act on the request, but hours later, you discover that the email wasn’t from your supplier at all. The signature that convinced you it was legitimate was a clever forgery. Now you’re dealing with the fallout of a security breach that could have been avoided.

This isn’t a far-fetched scenario. It’s happening more often than you might think. Email signatures, those blocks of text at the end of every professional email, are being weaponized by cyber criminals.

While you’ve (hopefully) invested in securing your networks and training your team, the security of your email signature might be the last thing on your mind. But ignoring this small detail can open the door to big risks.

An email signature is more than just a formal way to sign off. It’s a digital fingerprint of your business identity. It contains crucial information such as your name, job title, contact details, and often your business’s logo and links.

For your clients and colleagues, it’s a mark of authenticity. But for cyber criminals, it’s a treasure trove of information that can be exploited to deceive and defraud.

What makes email signatures particularly vulnerable is their consistency and familiarity. The more frequently someone sees your signature, the more they associate it with legitimacy.

Cyber criminals take advantage of this by creating emails that appear to come from you or your trusted contacts, complete with a forged signature that looks almost identical to the real thing.

The reality is that many businesses overlook the security of their email signatures. They’re often seen as an afterthought, something that’s nice to have but not critical to protect. This can be dangerous. Without proper security measures, your email signature can easily be spoofed, making your business – and your clients – vulnerable to attacks.

Understanding the risks is the first step toward protecting your business.

For instance, if your email signature includes links, those links can be manipulated to direct recipients to malicious websites. Your title and contact details can be used to create highly authentic looking emails.

To safeguard your business, rethink how you approach email signatures. Start by standardizing the format across your company. When everyone’s signature looks the same, it’s easier to spot anomalies that could indicate a security threat.

Make sure that the links in your signatures are regularly verified to point to secure, legitimate websites. And, while it might be tempting to include lots of information in your signature, remember that the more data you provide, the more opportunities you’re giving cyber criminals to exploit it.

If you need help with this or any other aspect of your cyber security, get in touch.

Phishing 2.0: How AI Is Amplifying The Danger And What You Can Do

August 14, 2024

As technology advances, so do the threats that come with it. One of the most significant emerging threats in cybersecurity is AI-enhanced phishing. Unlike traditional phishing attempts, which are often easy to spot due to generic messages and poor grammar, AI-enhanced phishing uses sophisticated algorithms to create highly personalized and convincing attacks.

The potential damage from these attacks can be immense, leading to significant data breaches and severe consequences for individuals and organizations alike. To protect yourself and your organization, it’s crucial to adopt a proactive approach to cybersecurity.

Understanding the threat

AI-enhanced phishing leverages artificial intelligence to craft personalized emails that appear to come from trusted sources. These emails are designed to trick recipients into revealing sensitive information or clicking on malicious links. The consequences of falling victim to such attacks can be devastating, ranging from financial loss to identity theft.

How to protect yourself

Protecting yourself from AI-enhanced phishing requires vigilance and the implementation of several key security measures:

Be skeptical

Always be skeptical of unsolicited messages, especially if they ask for personal information or prompt you to click on a link or download an attachment. Cybercriminals often use urgent language to create a sense of urgency or appeal to curiosity.

Check for red flags

Even the most sophisticated phishing attempts can contain subtle red flags. Be cautious if an email seems too good to be true or if it contains slight variations in email addresses, unexpected attachments, or unusual requests. Look for inconsistencies in the sender’s address, the tone of the message, and the formatting.

Use multi-factor authentication (MFA)

Multi-factor authentication adds an extra layer of security by requiring more than one form of verification to access your accounts. This could include a combination of something you know (a password), something you have (a smartphone), and something you are (a fingerprint). MFA significantly reduces the risk of unauthorized access even if your password is compromised.

Educate yourself and others

Education is a powerful tool in the fight against phishing. Learn about the latest AI phishing tactics and share this knowledge with your colleagues, friends, and family. Regular training sessions and updates on the latest phishing techniques can help everyone stay vigilant.

Use advanced security tools

Invest in advanced security tools that can help detect and prevent phishing attempts. These tools often include email filters, anti-phishing software, and AI-based threat detection systems. Regularly update and configure these tools for maximum protection.

Report phishing attempts

If you receive a suspicious email, report it to your IT team or email provider immediately. Reporting phishing attempts helps improve security measures and prevents other potential victims from falling prey to the same scam. Your vigilance contributes to a safer digital environment.

Enable email authentication

Implement email authentication protocols such as SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting & Conformance). These protocols help verify the authenticity of the sender’s email address.

Conduct regular security audits

Regular security audits are essential to identify vulnerabilities in your systems and ensure that all security measures are up to date. These audits can uncover weaknesses that might be exploited by cybercriminals and provide an opportunity to strengthen your defenses.

In an era where cyber threats are becoming increasingly sophisticated, it’s essential to stay informed and proactive about cybersecurity. By understanding the nature of AI-enhanced phishing and implementing these protective measures, you can significantly reduce the risk of falling victim to these attacks. Remember, the key to cybersecurity is vigilance.

Hackers Don’t Take Holidays – Ransomware Is On The Rise

December 14, 2023

Studies have shown up to a 70% increase in attempted ransomware attacks during the holiday season.

Although we may be planning for a restful holiday ahead, full of delicious food and time with loved ones, hackers are not. Their ongoing exploitation of vulnerabilities and ever-changing tactics requires you and your team to be as vigilant as ever.

Phishing attacks have reached record highs this year. Worryingly, in the third quarter of this year alone, phishing attacks skyrocketed by a staggering 173%, compared to the previous three months.

And malware? It’s not far behind, with a 110% increase over the same period.

Let’s put this into perspective. Imagine you’re on a quiet beach, enjoying the sun and the surf. Suddenly, the tide starts to rise rapidly. Before you know it, your picnic basket is floating away, and you’re knee-deep in water. That’s what’s happening in the cyber world right now.

According to a report, the ‘phisherfolk’ group were most active in August, casting out more than 207.3 million phishing emails. That’s nearly double the amount in July. September wasn’t much better, with 172.6 million phishing emails.

But who are these cyber criminals targeting? Old favorites Facebook and Microsoft continue to top the charts, with Facebook accounting for more phishing URLs than the next seven most spoofed brands combined. Block Facebook on your network.

So, what’s the bottom line here? The attacks are coming from everywhere, and your business could be next.

Phishing attacks are like a rising tide, and if you’re not careful, they can quickly sink your business. They target everyone – from tech giants to financial institutions, and even government agencies. The question is – are you prepared?

Take a moment to consider the authenticity of emails. Are they from a trusted source? Do they contain suspicious links? Are they asking for sensitive information?

Make sure your employees are aware of the risks. Encourage them to think twice before clicking on a link or downloading an attachment. After all, a moment’s hesitation could save your business from a devastating cyber attack. [Read more…] about Hackers Don’t Take Holidays – Ransomware Is On The Rise

Eight In 10 Businesses Were Targeted With Phishing In The Last Year. Was Yours?

September 22, 2023

Despite all the buzz about high-tech threats like ransomware and malware, good old phishing has held on to its title as the number one trick in a cyber criminal’s toolkit.

Phishing is when someone tries to trick you into giving them your personal information, like your password or credit card number. They do this by sending you emails or text messages that look like they’re from a real company.

According to the latest annual cyber breaches survey, 79% of businesses were targeted with a phishing attempt in the past year. And if your employees aren’t trained in cyber security awareness, 1 in 3 of them are likely to fall for a phishing attack. Scary!

You might be thinking, “Sure, it’s bad, but it can’t be that bad, right?” Well, let’s break down the consequences of a successful phishing attack.

Learn How To Spot Fake LinkedIn Sales Bots

September 22, 2023

LinkedIn has become an invaluable platform for professionals. People use it to connect, network, and explore business opportunities. But with its growing popularity have come some red flags. There has been an increase in the presence of fake LinkedIn sales bots.

These bots impersonate real users and attempt to scam unsuspecting individuals. This is one of the many scams on LinkedIn. According to the FBI, fraud on LinkedIn poses a “significant threat” to platform users.

Lets delve into the world of fake LinkedIn sales bots. We’ll explore their tactics and provide you with valuable tips. You’ll learn how to spot and protect yourself from these scams. By staying informed and vigilant, you can foster a safer LinkedIn experience.

Identifying fake LinkedIn connections

Social media scams often play on emotions. Who doesn’t want to be thought of as special or interesting? Scammers will reach out to connect. That connection request alone can make someone feel wanted. People often accept before researching the person’s profile.

Put a business proposition on top of that, and it’s easy to fool people. People that are looking for a job or business opportunity may have their guard down. There is also an inherent trust people give other business professionals. Many often trust LinkedIn connections more than Facebook requests.

How can you tell the real requests from the fake ones? Here are some tips on spotting the scammers and bots.

Incomplete profiles and generic photos

Fake LinkedIn sales bots often have incomplete profiles. They’ll have very limited or generic information. They may lack a comprehensive work history or educational background. Additionally, these bots tend to use generic profile pictures. Such as stock photos or images of models.

If a profile looks too perfect or lacks specific details, it could be a red flag. Genuine LinkedIn users usually provide comprehensive information.

Impersonal and generic messages

One of the key characteristics of fake sales bots is their messaging approach. It’s often impersonal and generic. These bots often send mass messages that lack personalization. They may be no specific references to your profile or industry. They often use generic templates or scripts to engage with potential targets.

Excessive promotional content

Fake LinkedIn sales bots are notorious for bombarding users. You’ll often get DMs with excessive promotional content and making unrealistic claims. These bots often promote products or services aggressively. Usually without offering much information or value.

Inconsistent or poor grammar and spelling

When communicating on LinkedIn, pay attention to the grammar and spelling of messages. You may dismiss an error from an international-sounding connection, but it could be a bot.

Fake LinkedIn sales bots often display inconsistent or poor grammar and spelling mistakes. These errors can serve as a clear sign that the sender is not genuine. Legitimate LinkedIn users typically take pride in their communication skills.

Unusual connection requests and unfamiliar profiles

Fake LinkedIn sales bots often send connection requests to individuals indiscriminately. They may target users with little regard for relevance or shared professional interests.

Be cautious when accepting connection requests from unfamiliar profiles. Especially if the connection seems unrelated to your industry or expertise.

Fake Software Ads Used To Distribute Malware

July 5, 2023

Google is most people’s first port of call for help or information online – something cyber criminals are using to their advantage.

Specifically, they are targeting Google ads, impersonating campaigns for popular software such as Grammarly, Slack, Ring, and many others. This is nothing to do with those companies, but to the untrained eye they look like the real deal… which is how they’re tricking people into clicking the ads.

If you’re not using an ad blocker, you’ll see promoted pages at the top of your Google search results. These look almost identical to the non-promoted, down page organic search results, so you or your people could easily be tempted to click.

It’s a complicated scam. Criminals clone the official software websites, but instead of distributing the genuine product, when you click download they install ‘trojanized’ versions. That’s geek speak for malware that disguises itself as real software.

Google is working to protect us by blocking campaigns it’s able to identify as malicious. But criminals have tricky ways around that too.

Ads first take you to a benign-looking website – which the crooks have created. This then redirects you to a malicious site that convincingly impersonates a genuine page. That’s where the malware lurks waiting for a click, beyond Google’s reach.

Worse, in many cases, you’ll still get the software you’re trying to download, along with a hidden payload of malware. That makes it harder to tell that your device or network has been infected and may give the malware longer to do its job.

To stay protected, train your team about the dangers and make sure everyone is on the lookout for anything that doesn’t seem quite right.

Encourage people to scroll down the Google results until they find the official domain of the company they’re looking for, and make it a policy that people seek permission before downloading any software – no matter how innocent it may seem.

You could also consider using an ad blocker in your browser. That will filter out any promoted results from your Google search for some extra peace of mind.

For help and advice with training, software policies and network security give us a call.

Business Email Compromise (BEC) And Phishing Are Dangerous For Small Businesses

January 31, 2023

Business email compromise (BEC) and phishing are two of the most common and damaging cyber threats facing businesses today. BEC involves the fraudulent use of email to impersonate a legitimate business or individual in order to gain access to sensitive information or financial resources.

Phishing, on the other hand, is a type of cybercrime that involves the use of fraudulent emails or websites to trick individuals into revealing sensitive information, such as login credentials or financial information.

BEC attacks often target employees with access to sensitive financial information or those who have the authority to make wire transfers or other financial transactions.

The attackers use sophisticated social engineering tactics to trick the employee into revealing login credentials or other sensitive information, or to convince them to make a financial transaction on behalf of the company. In some cases, the attackers may even impersonate a high-level executive or vendor in order to gain the trust and cooperation of the employee.

One of the most common tactics used in BEC attacks is the “man-in-the-middle” attack, where the attacker intercepts legitimate emails and alters them to redirect payments or other financial transactions to their own account.

Other tactics include the use of fake invoices, purchase orders, or other financial documents to trick employees into making payments to the attacker.

Phishing attacks, on the other hand, generally aim to trick individuals into revealing sensitive information or clicking on malicious links. These attacks often take the form of fake emails purporting to be from legitimate organizations, such as banks or government agencies, and may contain links to fake login pages or download malicious software onto the victim’s computer.

To protect against BEC and phishing attacks, it’s important for businesses to implement strong security measures and to educate their employees on how to spot and avoid these threats. Some best practices for protecting against BEC and phishing attacks include:

Implementing strong email security measures, such as spam filters and email authentication protocols, to help identify and block fraudulent emails.
Training employees on how to spot and avoid phishing and BEC attacks, including teaching them to be wary of unsolicited emails and to verify the authenticity of any emails requesting sensitive information or financial transactions.
Establishing strong passwords and using two-factor authentication to protect login credentials and other sensitive information.
Setting up monitoring systems to detect and alert on unusual or suspicious activity, such as unexpected wire transfers or login attempts.
Regularly updating software and security protocols to ensure that the latest security measures are in place.

In addition to these measures, it’s important for businesses to have a plan in place for responding to a BEC or phishing attack. This should include:

Establishing a clear chain of command for reporting and responding to suspicious activity.
Designating a team to investigate and respond to potential attacks.
Having a process in place for assessing and mitigating the damage caused by an attack.
Reviewing and updating security protocols on an ongoing basis to ensure that they are effective in protecting against these threats.

Overall, BEC and phishing attacks are a serious threat to businesses of all sizes. By implementing strong security measures and educating employees on how to identify and avoid these threats, businesses can protect themselves and their customers from these damaging cyber attacks.

How Often Do You Need To Train Employees On Cybersecurity Awareness?

August 31, 2022

You’ve just completed your annual phishing training where you teach employees how to spot phishing emails. You’re feeling good about it, until about 5-6 months later when your company suffers a costly ransomware infection because someone clicked on a phishing link.

You wonder why you seem to need to train on the same information every year yet still suffer from security incidents.

The problem is that you’re not training your employees often enough.

People can’t change behaviors if training isn’t reinforced regularly. They can also easily forget what they’ve learned after several months go by.

So, how often is often enough to improve your team’s cybersecurity awareness and cyber hygiene? It turns out that training every four months is the “sweet spot” when it comes to seeing consistent results in your IT security. [Read more…] about How Often Do You Need To Train Employees On Cybersecurity Awareness?

The SLAM Method Can Improve Phishing Detection

August 31, 2022

Why has phishing remained such a large threat for so long? Because it continues to work. Scammers evolve their methods as technology progresses, employing AI-based tactics to make targeted phishing more efficient.

If phishing didn’t continue returning benefits, then scammers would move on to another type of attack. But that hasn’t been the case. People continue to get tricked.

In May of 2021, phishing attacks increased by 281%. Then in June, they spiked another 284% higher.

Studies show that as soon as 6 months after a person has been trained on phishing identification, their detection skills can begin waning as they forget things.

Give employees a “hook” they can use for memory retention by introducing the SLAM method of phishing identification.

What is the SLAM Method for Phishing Identification?

One of the mnemonic devices known to help people remember information they are taught is the use of an acronym. SLAM is an acronym for four key areas of an email message that should be checked before trusting it. These are:

S = Sender
L = Links
A = Attachments
M = Message text

By giving people the term “SLAM” to remember, it’s quicker for them to do a check on any suspicious or unexpected email without missing something important.

All they need to do is run down the cues in the acronym.

S = Check the Sender

It’s important to check the sender of an email thoroughly. Often scammers will either spoof an email address or use a look-alike address that people easily mistake for the real thing.

You can double-click on the sender’s name to ensure the email address is legitimate.

L = Hover Over Links Without Clicking

Hyperlinks are popular to use in emails because they can often get past antivirus/anti-malware filters.

You should always hover over links without clicking on them to reveal the true URL. This often can immediately call out a fake email scam due to them pointing to a strangely named or misspelled website.

A = Never Open Unexpected or Strange File Attachments

Never open strange or unexpected file attachments, and make sure all attachments are scanned by an antivirus/anti-malware application before opening.

M = Read the Message Carefully

If you rush through a phishing email, you can easily miss some telltale signs that it’s a fake, such as spelling or grammatical errors.

Look for words or phrases not normally used by the person who’s emailing you. Words like “kindly” and “revert” are tell-tale clues the email come from someone who’s not your normal sender.

Also, be on the lookout for pressure to act quickly or unexpected banking change requests. While it happens, it is rare for a company to change banks without months of advance notice.

Get Help Combatting Phishing Attacks

Both awareness training and security software can improve your defenses against phishing attacks. Contact us today to discuss your email security needs.