Tag Archive for: cybersecurity

,

Cybersecurity trends that will shape the future of business

Businesses of all sizes can fall prey to cyberattacks that can cause major financial losses and even put companies out of business. And with more numerous and sophisticated threats like these expected in 2023, it’s more critical than ever for business owners to stay ahead of the latest cybersecurity trends and protect their organization from potential threats. Pay attention to the following trends to help keep your data safe this year and beyond.

Further emphasis on data privacy

As countries implement tougher data protection laws and the number of privacy regulations rises, organizations will be driven to adopt a privacy-first mentality out of necessity. For instance, Google has already taken a big leap in this direction by ending its use of third-party cookies and creating Privacy Sandbox. Apple has also included App Tracking Transparency as part of iOS 14.5 onwards, providing another layer of protection for their customers’ sensitive online information. Although these measures may not be flawless solutions yet, they’re still progressive strides being made toward greater security. Expect other companies to follow suit.

A harmonized global framework to govern the protection of information, privacy, and data

In 2023, countries around the world will strive for international cohesion regarding data privacy regulations. Standardizing security frameworks is expected to deliver better information and data privacy for all organizations and governments, as well as enable global commerce. Consistent data protection strategies and processes reduce risk while facilitating trust across supply chains and borders. Interoperable architectures that prioritize privacy and security can also help ensure the effective protection of information, which ultimately reduces the probability of a data breach or compromise.

A passwordless future

Passwordless security frameworks provide a real chance at fighting phishing while enhancing protection, privacy, scalability, and convenience. They not only improve overall organizational security by eliminating potential password breaches or credential stuffing attacks, but they also enable users to access services without worrying about forgotten usernames or passwords.

However, note that while passwordless authentication offers many advantages, it isn’t without risk. To ensure better security, you should also adopt a zero trust model along with identity access management practices and stringent safety measures. This will make the transition to passwordless authentication much smoother and more secure.

Growing Internet of Things (IoT) risks

Over the past decade, the IoT industry has been on a steady upswing, and is projected to remain so well into 2023. Unfortunately, as companies rely more heavily on this technology for efficiency and profitability, they will face a higher risk of cybersecurity breaches.

If you use IoT, then you should safeguard your connected devices by actively developing or revising relevant cyber strategies, maintaining device catalogs, and continuously patching endpoints. This will help secure your networks from potential threats and allow for more efficient monitoring practices.

The future of cybersecurity is ever-evolving. But by learning about the latest cybersecurity trends, companies can implement comprehensive approaches and protect themselves against malicious actors or incidents.

If you want to learn more about 2023 cybersecurity trends or if you have any questions about technology, don’t hesitate to get in touch with us. Our IT experts are ready to help.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

/by
,

NATIONAL COMPUTER SECURITY DAY

November 30th — is National Computer Security Day, an annual event observed since 1988 to help raise awareness worldwide of computer-related security issues. It should also serve as a reminder to small business owners to protect their computer networks from hackers, fraudsters and identity thieves.

Computer security is sometimes referred to as cybersecurity or IT (information technology) security. It applies to the protection of computer-based equipment, the information stored on and services related to it from unauthorized and unintended access, change or destruction, including unplanned events and natural disasters.

Recently, the public opinion research company Ipsos Reid released the findings of a survey of U.S. small businesses revealing that many of them do not fully comprehend the impact a data breach can have on them. As a result, they take a passive approach to safeguarding sensitive information that leaves them vulnerable not only to a breach but potentially devastating financial and reputational damage as well.

The survey also found that:

  • Sixty-nine percent of small business owners are not aware or don’t believe that lost or stolen data would result in financial impact and harm to their businesses credibility.
  • Forty percent have no protocols in place for securing data.
    More than one-third of the respondents report that they never train staff on information security procedures.
  • Forty-eight percent have no one directly responsible for management of data security.
  • Just 18 percent would encourage new data privacy legislation requiring stricter compliance and penalties to information security threats.

Computer Security Day is an excellent time to ensure that your company is following best practices to protect yourself from data breach and identity theft. They include:

  • Analyzing possible security gaps in your organization and within your supply chain.
  • Implementing ongoing risk analysis processes and creating a security policy specifically designed to limit exposure to fraud and data breaches.
  • Regularly training employees in proper document management and encouraging their adoption of security best practices.
  • Implementing a “shred-all” policy for unneeded documents and keeping sensitive materials under lock and key until they are destroyed.
  • Paying particular attention to hard drives on computers or photocopiers. The only way to destroy data stored on hard drives is physical destruction.
  • Installing and using effective computer network protection such as anti-virus software and a firewall.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

/by

What is firmware and why is it important?

Securing your small business is a never-ending battle, but there are some steps you can take to make it a little bit easier. One of those steps is making sure your firmware is up to date. But what is firmware and why is it crucial to update it regularly? Read on to learn more.

What does firmware do?

Firmware is a type of software that is stored on read-only memory (ROM) chips. It is used to control the hardware of a device, such as a computer, and is typically permanently programmed into the ROM. Firmware is different from other types of software, such as application software and operating system software, as it is designed to work with specific hardware components and cannot be easily transferred to another device.

Firmware typically contains instructions for how the hardware should interact with the rest of the system, as well as low-level routines for tasks such as booting up the device or managing memory. While firmware can be updated, it is usually more difficult than updating other types of software, and in some cases may require special equipment or knowledge. As a result, firmware updates are often reserved for fixing critical bugs or adding new features to the hardware.

Why is it crucial to upgrade firmware?

Microsoft’s 2021 Security Signals report warns that firmware attacks are increasing. These types of attacks force malware onto computer systems in order to disrupt the firmware on motherboards or hardware drivers. They can use such malware to remotely control the infected devices, extract data, and even block users from their devices and systems.

Updating your business devices’ firmware ensures that everyone is using the most recent version of the firmware. This can help prevent data breaches, as well as keep your devices running smoothly. In addition, updating firmware can help improve compatibility with other devices and software, as well as provide new features and bug fixes. In this way, updated firmware protects your business and maintains peak device performance.

What is the best way to install firmware updates?

The procedure for upgrading firmware varies from device to device. On iOS and Android devices, you may simply download and install firmware upgrades. However, devices such as routers will require firmware updates that can only be accessed from the manufacturer’s website or administrative console.

Updating the firmware may be time-consuming and laborious. Firmware updates might cause your devices to be reset, resulting in lost customizations on your computers, routers, and other devices. Additionally, you could also risk damaging your equipment if you do not follow the manufacturer’s instructions to the letter.

Firmware updates are an important part of keeping your business secure, and it’s something that you should be doing on a regular basis. This task can be daunting, but it’s a crucial step that should not be ignored. If you need help getting started, contact us today. Our IT experts are here to guide you.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

/by
, ,

Protect your business through proactive cybersecurity

The number of successful cyberattacks grows steadily every day, making it more important than ever for businesses to implement robust cybersecurity solutions. Part of a comprehensive cybersecurity infrastructure is a proactive cybersecurity strategy. This involves taking steps to prevent attacks from happening in the first place, rather than reacting after an incident occurs. In this blog post, we will discuss what proactive cybersecurity is and how you can implement it in your business.

Benefits of proactive cybersecurity

Proactive cybersecurity is a strategic approach to protecting computer systems and networks from cyberthreats. It involves identifying potential vulnerabilities before cybercriminals can take advantage of them and implementing measures to prevent these vulnerabilities from being exploited. This approach is in contrast to reactive cybersecurity. Rather than attempting to prevent cyberattacks, reactive cybersecurity focuses on responding to and recovering from attacks that have already taken place.

Having proactive security measures can provide your business with the following advantages:

  • Avoid playing catch-up with threats
    Taking action every time there’s a threat can be exhausting for your security team and your other resources. If you’re always playing catch-up with threats, you’ll never be able to get ahead. By utilizing both preventive cybersecurity strategies alongside reactive measures, you will be able to best protect your data and networks.
  • Improve security compliance
    Proactive cybersecurity measures can help you root out threats to your data and your clients’ data. This, in turn, enables you to meet data compliance requirements.
  • Boost business reputation
    Customers are more security-conscious today than in the past. With many data breaches impacting companies, your customers will want assurance that you have measures to safeguard their personal information in place. Having a proactive cybersecurity culture will demonstrate your commitment to keeping customer data safe and give your business’s reputation a boost. Showing that you can be trusted with clients’ sensitive data will also give you a leg up over your competitors.

Implementing proactive cybersecurity

To effectively implement a proactive cybersecurity strategy, follow these steps:

  1. Determine the threats
    Work with your in-house IT staff or managed services provider (MSP) to identify the types of attacks that are most common in your industry. By being aware of the threats out there, you can take steps to protect your business and keep it running smoothly.
  2. Assess your resources
    After you identify the primary cyberthreats to your company, prioritize them by determining how each security issue can damage various parts of your network. You can start by listing company devices that connect to the internet. Check the security measures these devices have and the type of data (regulated, mission-critical, low-importance, etc.) each device has access to.
  3. Implement proactive cybersecurity measures
    Your IT team or MSP may recommend these security measures based on the risks and assets identified in steps 1 and 2:
Proactive measure What to expect
Conduct security awareness seminars Educate every employee about security best practices, including spam awareness, password management, proper mobile device usage, and the like.
Regularly update anti-malware software or cloud-based services Keep your data and systems safe from the newest malware threats.
Establish schedules dedicated for software patches and upgrades Patches and upgrades decrease the chances of someone getting unauthorized access to your network by exploiting software vulnerabilities.
Recommend web filtering services Keep your network safe by blacklisting dangerous and inappropriate sites.
Set up perimeter defenses (e.g., intrusion prevention systems and hardware firewalls) Watch out for anything and everything that tries to access your network.
Initiate policy of least privilege Provide users access only to the data they need to complete their tasks.
Determine data segmentation Assess and establish micro-perimeters to protect high-value data.
Run full-disk encryption Encrypt data on electronic devices to prevent unauthorized access in case the devices are ever misplaced or stolen.
Secure virtual private networks Encrypt data transmitted across unsecured connections to make it impossible to read if intercepted.
Provide strict access controls Secure accounts from unauthorized access by using stronger passwords combined with multifactor authentication and automated screen locks that engage after a period of inactivity.
Utilize AI-powered network monitoring Be on the lookout for suspicious user and software behaviors, like when employees access files outside their departments.

Proactive cybersecurity is critical for businesses of all sizes. By taking steps to understand the threats your business faces and implementing measures to protect yourself, you can keep your data and your business safe. If you need help getting started, contact us today and our team of cybersecurity experts will be happy to guide you through the process of implementing proactive cybersecurity.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

/by
,

Why HTTPS matters for your cybersecurity

It’s no secret that the internet can be a dangerous place. Hackers, scammers, and identity thieves are always looking for new ways to steal your information or scam you out of your hard-earned money. That’s why it’s critical to take steps to protect yourself while you’re online. One of these is to make sure that the sites you visit use HTTPS

What is HTTPS encryption?

Hypertext Transfer Protocol Secure, or HTTPS, is a secure communications protocol used to send and receive data over the internet. Data that is transmitted over HTTPS is encrypted, making it more difficult for third parties to read. HTTPS provides a higher level of security than standard HTTP and is often used for online banking and eCommerce transactions, as well as other sensitive communication.

HTTPS was introduced in 1995, so older websites that have been left without regular maintenance usually don’t have this implemented. But even to this day, unsecure websites exist, and fraudsters can easily take advantage of them.

When you visit a site without an HTTPS connection, everything you type or click on that website is sent without encryption. This means that anyone who intercepts the data transferred between the website and your device can view the information as is. For instance, cybercriminals can use unsecured HTTP connections to gain access to your Social Security number, credit card information, and other personal data.

What role do HTTPS certificates play in cybersecurity?

When you visit a website, your device uses an online directory to translate its alphanumeric name into a numerical address and saves that information so that it doesn’t have to check the online directory every time you visit the same website. But if your computer gets compromised via an HTTP connection, it could be manipulated into directing a perfectly safe web address like www.google.com to a malicious website. Most of the time, users are sent to spoofed sites that look exactly like legitimate websites and are designed to trick users into divulging their credentials.

To prevent such incidents, the online directories mentioned earlier issue an ecosystem of certificates that turn HTTP into HTTPS, making it impossible for anyone to be redirected to a fraudulent website. These certificates contain information about the site, such as the domain name, company name, and location. It also includes a public key that is used to encrypt communications between a user’s browser and the website they’re viewing.

How to ensure cybersecurity safety with HTTPS

Here are a few things to consider the next time you browse the internet:

  • If your browser marks a website as “unsafe,” think twice about clicking “Proceed anyway.” Click the prompt only if you are absolutely certain no confidential data will be transmitted.
  • Use trusted web browser extensions like HTTPS Everywhere. These extensions encrypt your communication, which is especially useful if you visit unencrypted websites.
  • Always be vigilant. Some sites may have HTTPS, but it doesn’t mean they’re safe. For example, goog1e.com (with the “l” replaced with a one) could have a certificate, but the misspelling clearly indicates that it’s an untrustworthy site. Cybercriminals use similar spellings of authentic websites to fool people into thinking that they’re on a secure site. This is called typosquatting or URL hijacking.
  • Avoid sites that don’t use the HTTPS prefix.

While HTTPS is not a cure-all for internet security, it is a critical step in protecting yourself online. Contact us today if you want to learn more about HTTPS and other cybersecurity tips.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

/by

How to Begin Securing and Optimizing Small Business Technology

Every business depends on tech these days. The number of third-party SaaS solutions out there has made cutting-edge technology easily accessible even for the small business startup.

As entrepreneurs build their tech stacks, though, they need to be aware of a couple of potential issues. The first is security. Cybercrime continues to be a legitimate concern for anyone online. Businesses should take necessary measures to improve and maintain cybersecurity.

Second, owners must make sure that they’re optimizing their small business technology. With so many options available, it’s easy to become buried under an avalanche of 21st-century solutions. This is true even if they aren’t all benefitting you the way they should.

Here are a few suggestions for ways small businesses can both optimize and secure their digital activity to ensure that they’re getting the most out of their tech.

Start with your Wi-Fi.

Your Wi-Fi is the digital gate to your company. In a tech-heavy world, this makes it the main entrance to your tech stack, your files, your data, and your business as a whole. If you want to optimize how your small business works, you need to start by setting the stage with a quality Wi-Fi solution.

The Wi-Fi experts at Plume point out that this obviously includes the need for a strong and dependable wireless signal, but it shouldn’t stop there. As is the case with the company’s small business-focused WorkPass Wi-Fi solution, a good Wi-Fi network should also be safe, easy to use, and intimately woven into the fabric of your business.

By using a quality small business Wi-Fi solution, you can simultaneously tap into the simplicity and ease of residential routers as well as the firepower of an enterprise-level internet connection.

Small business Wi-Fi has the potential to double as a business intelligence (BI) platform that collects and turns data into actionable insights. This can help you manage your workforce and communicate with guest users. It can also keep your entire team engaged with adaptive connectivity that is fast, reliable, and ultra-secure.

If you want your small business to be productive and secure at the same time, make sure to start by using a reputable and capable small business Wi-Fi solution.

Establish solid cybersecurity.

Cybersecurity can be intimidating. The need to keep your technology safe and secure from outside threats is an ever-present concern. Many solutions can also be prohibitively expensive — but not all of them.

There are many small-yet-effective ways that you can secure sensitive data while optimizing your small business technology. Intel suggests half a dozen ways to do this, such as:

  • establishing a solid private Wi-Fi setup (see the previous step) that doesn’t require logging in on any public Wi-Fi connections;
  • keeping hardware upgraded at all times — and, of course, making sure your team installs all software patches and updates in a timely manner;
  • using strong passwords and implementing MFA (multi-factor authentication) whenever possible;
  • utilizing apps like Windows 10 Pro security and Norton Antivirus to block unwanted malware; and
  • teaching your staff to use proper digital hygiene (maintaining strong passwords, installing updates, etc.) at all times when using office tech.

If you feel like overseeing all of these steps is too much, consider using a Device as a Service (DaaS) solution to increase security. This is a new kind of service that bundles the distribution, management, and IT support for a business’s tech. These are then overseen by a third-party provider, taking the perpetual responsibility off of your plate.

Manage your marketing.

Marketing is one of the easiest areas to bleed cash and ooze inefficiency. This is partly due to the subtle and intangible results that marketing can generate.

If you have a sales team, you can measure their success in dollars and cents. You can apply the same simple math to other areas. These include manufacturing, paying an accountant, or shipping and handling costs.

When it comes to marketing, though, it’s easy to pour endless money into things like content creation and brand awareness without really knowing how effective they are.

If you want to optimize your marketing activity, the first thing you need to do is set up analytics tools to track your results. There are many ways to do this, including free tools, like Facebook Pixel and Google Analytics. In addition, many tools, like Shopify or Mail Chimp, come with built-in data collection dashboards.

Of course, tracking data in a dozen or more applications is challenging. That’s why you may want to consider an additional third-party tool to unify your analytical marketing data. AI-powered solutions like Hawke.ai can bring all of your marketing results into a single dashboard where you can find insights to help you make informed, optimized decisions.

Optimizing and Securing a Small Business (Without Panicking)

There are many factors that go into keeping a business both efficient and safe. For small businesses, this task can feel time-consuming and expensive.

However, if you approach things with a strategy in place, you can manage both concerns without too much trouble. Start by putting things like a solid Wi-Fi solution in place and establishing key cybersecurity protocols. From there, focus on conducting ongoing digital hygiene training. Use the tools available to gather data and turn it into actionable and efficient business strategies, too.

Optimizing small business technology is an assumed aspect of any startup venture at this point. The critical factor is making sure that your tech stack is helping, not hindering, your small business.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from SmallBiz Technology SOURCE

/by
,

Linking Strong Cybersecurity to the Growth and Survival of SMBs

When it comes to protecting small businesses from cyberattacks, there is a constant balance between managing risk and applying limited resources between security, operational budgets, and convenience. Small businesses face critical resource decisions every day. Can my business afford to deploy optimal, strong cybersecurity solutions? And will my cybersecurity policies be a burden for my employees, trading partners, and customers?

Small business owners face significant challenges, and their most important daily responsibility is ensuring their businesses grow and thrive. As an industry, we have not done enough to connect the benefits of strong cybersecurity practices and policies to business expansion, resiliency, and long-term survival.

There is no area of cybersecurity more indicative of the challenges we face in threading the needle between security and business-friendly policies than usernames and passwords. We still overwhelmingly rely on an insecure means of account and network access that has proven inefficient and insecure for more than 30 years.

Multi-factor authentication (MFA)

We know there are more secure methods that can be deployed. Multi-factor authentication (MFA) bolsters security by requiring users to present more than one piece of evidence (credential) whenever the user logs in to a business account (ex. company email, payroll, human resources, etc.). MFA usually falls into three categories: something the user knows (a 15-character password), something the user has (fingerprint), or something the user receives (a code sent to the user’s phone or email account).

MFA works, but companies remain extremely reticent to deploy. The Global Small Business Multi-Factor Authentication (MFA) Study released by the Cyber Readiness Institute (CRI) found that only 46% of small business owners claim to have implemented MFA methods recommended by leading security experts, with just 13% requiring its use by employees for most account or application access.

Most companies implementing some form of MFA have not made it a requirement for all.

Only 39% of those who offer MFA have a process for prioritizing critical hardware, software, and data, with 49% merely “encouraging the use of MFA when it is available.”

According to Microsoft, 99.9% of account compromise attacks can be blocked simply using MFA. Yet, 47% of small business owners surveyed said they either didn’t understand MFA or didn’t see its value. In addition, nearly 60% have not discussed MFA with their employees.

Implementation of MFAs

Implementing MFA does not require hardware changes to company computers, mobile devices, or printers. Instead, there are numerous free and low-cost software-based tools users can download to their company and personal devices. For example, email providers usually offer (and encourage) MFA. Therefore, it can be as easy as clicking an option in email settings to turn on MFA.

There are several easy steps companies can take to implement MFA. First, organizations should update their policies and procedures with specific expectations. For example, all employees should implement MFA on their company email accounts. Next, hold workforce information sessions to communicate MFA policies and expectations. Employees need to know that it is easy to activate MFA on their accounts. Finally, designate someone in the organization who accepts the responsibility for cyber readiness to help employees troubleshoot as they begin using MFA.

Final Thoughts

At CRI, we fully believe strong cybersecurity is a business imperative, not an operational challenge. This requires a change in mindset from small business leaders, new questions must be asked, and behaviors need to change:

  • Can my business afford to suffer a cyberattack?
  • Will a cyberattack irreparably damage my brand?
  • Will a cyberattack burden my employees, customers, and trading partners?

Honestly answering these questions will change the importance of cybersecurity in a small business’s growth strategy.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from SmallBiz Technology SOURCE

/by

Securing Microsoft Teams: Practical tips to keep your workplace safe

Microsoft Teams is a great tool that can help improve communication and collaboration in the workplace. However, the popular business communication platform can also be a security concern if it’s not adequately secured. In this blog, we’ll dive into some practical tips for securing Microsoft Teams and keeping your workplace safe.

Utilize built-in security features

The most dependable approach to securing Microsoft Teams is through governance restrictions. These are rules that set the parameters for how the platform will be used, who can establish Teams accounts, and what information people may provide. Appointing a Teams administrator will be critical in ensuring that Teams security policies are followed by users throughout the company.

Administrators should also set up Teams’ data loss prevention (DLP) feature to prevent accidental exposure of critical information and reduce the risk of data breaches. For instance, administrators can use sensitivity labels as a condition in DLP policies to instantly block guests or unauthorized users from accessing or sharing data in a Teams channel or a private chat.

Limit external access

Speaking of guest users, you should also use Teams’ Lobby feature when meeting with external users or teams. This feature redirects guests to a virtual lobby where they will wait before being admitted into the meeting. This can be useful when you want to talk with your team first before officially starting the meeting with a client.

Another way to control Teams access is by creating security groups. By default, a user with an Exchange Online mailbox can create a Team and become a Team owner. Creating a security group will help prevent unwanted and unverified users from creating and joining any group, extension, and Team.

Enable MFA

Multifactor authentication (MFA) is a practical way to enforce security when using Teams. In 2020, more than 99.9% of compromised Microsoft enterprise accounts didn’t use MFA. This is highly concerning because if an attacker compromises a Microsoft account and is able to get into Teams, they will gain access to valuable information the account’s owner works with through the platform as well as other integrated apps.

MFA can be used in conjunction with a password, PIN, or biometric data such as a fingerprint or an iris scan. In the case of Microsoft Teams, requiring multiple factors for authentication ensures that only authorized users will be able to access their accounts. And when someone else tries to gain access, they will be alerted of suspicious activity so they can take steps to further safeguard their accounts. This can discourage malicious actors and, more importantly, instill better security habits among users.

Following these tips can help ensure a seamless and secure collaboration environment for your workplace. Contact our IT experts today to learn more about Microsoft Teams and how to better secure it against attacks.

While the cloud offers a wide variety of benefits and solutions, choosing the service which is best for your company’s needs can be tedious. To ease this burden, we can help you find the best solutions for your business. by talking to GCInfotech about a free technology assessment. We’ll you find the best solution your business needs, ensure proper migration and implementation allowing you to focus on running your business.

Published with consideration from TechAdvisory.org SOURCE

/by
,

How to spot ‘spear phishing’, an insidious cybercrime trend

True story: At a company I once worked for, employees received an email about an unexpected bonus. In private Slack channels, we wondered whether it was a well-played phishing attempt. Turns out, the bonus was legit, but so was our inclination to question it. Phishing—when cybercriminals pose as legitimate institutions to get info or money from you—is the origin of up to 90 percent of breaches and hacking incidents, says Frank Cilluffo, director of Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security in Alabama.

These cyber bad guys have even taken it to the next level with “spear phishing,” a practice of sending emails that appear to be from someone you personally know. “This happened to me once and it was a humbling experience,” says Adam Doupé, director of the Center for Cybersecurity and Digital Forensics at Arizona State University in Tempe. Turns out, the email seemed to be coming from a colleague, and Doupé was boarding a plane when he got it so he wasn’t as careful as he would normally be. “I ended up replying with my cell phone number,” recalls Doupé. “When the phisher responded with a request to send gift cards, the alarm bells went off.”

Knowing that a cybersecurity expert got played, an average person has to be hypervigilant. But could you be missing out on legit offers and emails because you’re being too cautious? Your first line of defense: install a protection software (like Malwarebytes). This sort of protection that lives on your computer, coupled with our expert tips below, will stop phishers in their tracks.

3 Ways To Tell If It’s Phishing Or Not

Experts say there are a few things you can do if you’re unsure whether an email is a phishing attempt.

1. Check the email address carefully.

Hover your cursor over the full email—not just the sender’s name—to see if anything looks off. “For instance, instead of .com, the address may contain .ru,” says Cilluffo. (.Ru indicates that it’s from a Russian server.) Compare the address on a recent email to one that you’ve responded to previously.

2. Call or text the person you think may have sent the email.

Ever receive an email from a friend or colleague and it seems off? Maybe it’s much briefer than usual or perhaps they addressed you by your full name rather than a nickname. Trust your gut, and don’t respond or click on any links or attachments until you’ve verified the email. While it truly may just be a link to their kids’ fundraiser, it could be the work of a cyber criminal trying to get you to download malware—aka malicious software.

3. Verify through an independent news source.

Sometimes you may receive an email about an important recall notice or info about a class-action lawsuit. Search on a trustworthy news site whether the link contained in your email appears in any news articles, suggests Doupé.

Bottom line?

Cyber criminals are getting more and more creative at making their phishing attempts appear legitimate. Go with your gut, slow down to verify the validity of messages you receive and install a protection software (like Malwarebytes) to stop phishers before they start.

Are you interested in learning more about cybersecurity? Call us today and discover how our wide array of tech services can safeguard your business.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from yahoo.com SOURCE

/by
,

HTML attachments remain popular among phishing actors in 2022

HTML files remain one of the most popular attachments used in phishing attacks for the first four months of 2022, showing that the technique remains effective against antispam engines and works well on the victims themselves.

HTML (HyperText Markup Language) is a language that defines the meaning and structure of web content. HTML files are interactive content documents designed specifically for digital viewing within web browsers.

In phishing emails, HTML files are commonly used to redirect users to malicious sites, download files, or to even display phishing forms locally within the browser.

As HTML is not malicious, attachments tend not to be detected by email security products, thus doing a good landing in recipients’ inboxes.

Statistical data from Kaspersky indicates that the trend of using HTML attachments in malicious emails is still going strong, as the security company detected 2 million emails of this kind targeting its customers in the first four months of the year.

The numbers culminated in March 2022, when Kaspersky’s telemetry data counted 851,000 detections, while a drop to 387,000 in April could be just a momentary shift.

How HTML evades detection

The phishing forms, redirection mechanisms, and data-stealing elements in HTML attachments are typically implemented using various methods, ranging from simple redirects to obfuscating JavaScript to hide phishing forms.

Attachments are base64 encoded when present in email messages, allowing secure email gateways and antivirus software to easily scan attachments for malicious URLs, scripts, or other behavior.

To evade detection, threat actors commonly use JavaScript in the HTML attachments that will be used to generate the malicious phishing form or redirect.

The use of JavaScript in HTML attachments to hide malicious URLs and behavior is called HTML smuggling and has become a very popular technique over the past few years.

To make it even harder to detect malicious scripts, threat actors obfuscate them using freely-available tools that can accept custom configuration for a unique, and thus less likely to be detected, result and thus evade detection.

For example, in November, we reported that threat actors used morse code in their HTML attachment to obfuscate a phishing form that the HTML attachment would display when opened.

Kaspersky notes that in some cases, the threat actors use encoding methods involving deprecated functions like the “unescape()”, which substitutes “%xx” character sequences in the string with their ASCII equivalents.

While this function has been replaced by decodeURI() and decodeURIComponent() today, most modern browsers still support it. Still, it might be ignored by security tools and antispam engines that focus more on current methods.

Conclusion

HTML attachment distribution was first seen spiking in 2019, but they remain a common technique in 2022 phishing campaigns, so they should be seen as red flags.

Remember, merely opening these files is often enough to have JavaScript run on your system, which may lead to automatic malware assembly on the disk and the bypassing of security software.

As the security software doesn’t detect an attachment as malicious, recipients may be more likely to open them and become infected.

Even if your email security solution doesn’t generate any warnings, you should always treat HTML attachments as highly suspicious.

Are you interested in learning more about cybersecurity? Call us today and discover how our wide array of tech services can safeguard your business.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from bleepingcomputer.com SOURCE

/by