… to be ALERT and AWARE!
Synoptek is seeing a dramatic rise in security compromises around the holidays and as we are in the middle of another holiday season shopping frenzy, now would be a good time to take extra care.
The 2016 holiday season saw a 20.5% increase in cyber attacks, which bloomed to 57.5% in 2017. Recent statistics/surveys show that half of all Internet users delete phishing emails as soon as they receive them, but 20 percent of us have fallen for the scams, with special focus fixed on the C-suite.
These numbers herald in the season of giving (and taking!) – a prevalent time for criminals to launch attacks. During the Holidays, phishing scams increase and so does the quality of these attacks. Email and text phishing are going to hit everyone a lot harder, and it’s not just in the U.S. Target markets for email phishing include an increase in activities (25% in India and 42% in France). Look, also, for an increase in robocalling, asking for “donations” to worthy causes. This is also a likely scam to get a target victim’s personal information (and if they can get into your wallet—all the better!).
Cyber criminals will also exploit the data collected from breaches to discover which users to target for further compromise, and the use of Artificial Intelligence tools is now becoming more prevalent in their efforts to locate and exploit new and unsuspecting victims. Most users will probably ignore a call from an unknown number, but what about a call from a family member?
For that added personal touch this holiday season, cybercriminals are also creating more sophisticated scams by including family member caller Identification to further exploit their target victims. So be sure that really is “Grandma” on the other end of the line!
Malicious emails pretending to be legitimate communications from trusted contacts (like the CEO), is a growing trend in phishing efforts. The best remedy for this activity is a combination of process and technology that validates sender identities and alerts/blocks when something looks out of place.
Most Office 365 users, for example, might not know that without a standard email security protocol called Domain Message Authentication, Reporting, and Conformance (DMARC), their organization is open to the phishing attacks that target their staff AND their customers. Implementing email authentication mechanisms such as DMARC/DKIM/SPF can significantly reduce a malicious actor’s ability to impersonate people within the organization. This is part of O365 and could greatly help the client.
Phishing only benefits bad guys if they gain access to the data they steal. That means there are clues in the client’s outbound traffic that can signal a security breach. Data or credentials aren’t compromised until after they leave the point of origin, and if destination traffic patterns show an increase in activity, particularly encrypted traffic, that’s a good indication that what’s coming down the chimney might not be big, fat, red and jolly. But for an organization that doesn’t have the capability of monitoring for this type of traffic anomaly, Synoptek’s preferred client-side anti-evasion Services can help keep Cindy Lou Who safe and tucked in her bed!
Also, our friends at the Federal Trade Commission remind us that we should protect our accounts by using multi-factor authentication. Some accounts offer extra security by requiring two or more credentials to log in to an account. This is called multi-factor authentication. The additional credentials you need to log in to your account fall into two categories:
Multi-factor authentication is often just enough trouble to keep the bad guys from continuing to chase you, forcing them to do their caroling down the road.
We should all be a bit more leery of providing sensitive financial information online. But as long as you are making a transaction through a secure website, there shouldn’t be a problem:
If you fall for the bait (and we all do at one point or another), whether e-mail or text message, report it. The information you give can help fight the scammers.
While the holiday season is a great time to exchange gifts, some things are better left remaining in the crate. That “Major Award” might get you more than just a leg lamp in a box marked, “Frah-jee-lay”—and hopefully no one gets an eye put out!