scam

COVID-19 Themed Templates for Hackers

Hackers use COVID-19 Themed TemplatesNew, Sophisticated Hacking Techniques in the Age of COVID-19

Hackers are using new methods to create very credible looking, fake websites to steal login credentials. Security firms are seeing an increase in the use of website templates to create phishing websites that look and feel like the real thing. These templates, available on underground forums and marketplaces, are a quick and easy way for criminals to create convincing, fake websites to steal information. The known templates mimic websites from the World Health Organization (WHO), Internal Revenue Service (IRS), Centers for Disease Control (CDC), the United Kingdom government, the government of Canada, and the government of France. Many of these templates have multiple working pages to make them look more realistic. The template that mimics the government of Canada even has English and French segments.

More than half of the phishing campaigns recorded since January are using these new spoof templates to fool consumers. Hackers are using normal phishing techniques, creating urgency by claiming recipients will lose benefits, or reporting a breakthrough on the pandemic. The difference is the use of these templates to create very convincing fake websites. This change in strategy has been effective, resulting in an increase in successful phishing attacks.

Below are some examples of the fake phishing site templates:

This fake CDC site is asking user to authenticate with an email service to generate a vaccine ID.

Fake IRS Page

This fake IRS website created from an available template goes a step further, asking users to enter SSN, DOB, and other private identity information.

Avoid falling prey to these new phishing campaigns by being aware of the links you click on in emails. If an email is creating urgency or preying on emotion (click on this link now or you will lose your vaccine benefits!), the email is probably a scam. Instead of clicking the link, go to the known government website and look for the information. The criminals are making it more difficult to differentiate the fake websites and using emotion to get users to click. Stay informed and think before you click.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business

Hackers Exploit Coronavirus News

Hackers Exploit Coronavirus NewsHackers prey on human emotion in normal times. They send phishing emails that might appear to come from your healthcare provider, your state government, or Amazon. These emails are generally trying to do one of two things: get you to click on a link that will install malware or persuade you to give them information like a password or credit card number.

As expected, hackers and scammers are using the pandemic and the government response as a way to get money or information from people. There are scams for test kits, scams for masks, and scams for statistics on the virus. There are hackers attacking individuals on Medicare, and of course multiple scams for the government relief checks.

There have been numerous reported attacks over the past few weeks on the healthcare industry. Hackers are posing as the World Health Organization, or the CDC in attempt to infiltrate healthcare networks. These industries are already under a huge amount of stress, so it would be easy for an employee to click on a link in an email that they normally wouldn’t.

The Federal Trade Commission is warning Americans of hackers trying to take advantage of the news of relief money. The FTC advises, “You don’t need to do anything as long as you filed taxes in 2018 or 2019.”and “Do not give anyone your personal information to “sign-up” for your relief check. There is nothing to sign up for.”

This is a good time to familiarize yourself and your employees with phishing red flags.

  1. The email plays on urgency and emotion. “Click here before the end of the day, or else…”
  2. Bad spelling and grammar.
  3. Suspicious links or attachments. Phishing campaigns are either trying to get information from you or get you to click a link or open an attachment that will install malware.
  4. Altered web address or email address from a free service.

During this time while emotions are high, users need to be more aware of what they click on in emails. Employees working from home give hackers even more of an advantage, because many users are not behind the company firewall they used to be. Stay vigilant and be aware that hackers are using the news of the day and high emotions to their advantage.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business

STIR/SHAKEN, The Technology Fighting Robocalls

Last week we did a blog post on robocalls and what telecom companies and now the Federal Government is doing to combat them. Since our blog post, the bill passed the Senate and is expected to be signed into law. As a follow up we want to go more in depth on the technology named in the bill and how it is helping to end robocalls.

The big issue with robocalls is number “spoofing.” This is the technology criminals use to make the number they are calling from appear as if it is closely related to your phone number, or at least from your same area code. Criminals can also spoof known numbers, like the phone number of your bank, or the IRS. This technology makes it harder for users to identify a scam, and makes them more susceptible to giving the criminal personal information.

The technology named in the Senate bill is STIR/SHAKEN. STIR (Secure Telephone Identity Revisited) is an internet-based process that verifies a calling party’s authorization to use a particular phone number. SHAKEN (Secure Handling of Asserted information using toKENs) is a framework to verify the calling number and how it will be transported. These two technologies work together to authenticate a phone call, and pass that information on to the service provider of the person receiving the call.

When a phone call is made the call first goes to the service provider of the person making the call. This originating service provider now assigns the call an authentication token based on what they know about the number and the caller. The easiest token is, “this person owns this phone number, we assigned it to them.” The second level of authorized calls are, “this person has permission to use this phone number.” This second category could be from a business call center who wants all of their outbound calls to come from one phone number. This type of call should also pass through without issue. The third level of authorization is, “minimal or questionable knowledge about the authorization of this call.” These are the calls the technology is trying to put an end to.

Each call is assigned a token from the originating service provider, and then this token is passed from service provider to service provider until the call reaches the terminating service provider. Then, the terminating service provider has to make a decision on what they want to do with the third level of authenticated calls. The terminating service provider can forward the call with a messaged attached for the user. This is where some cell phone users are noticing calls come through as “Fraud Risk” or “Telemarketer.” The terminating service provider could also choose not to deliver the call at all, or dump it to a voice mail box. Telecom companies are still experimenting with what users would like done with these calls at this point.

All of the major telecom companies have already implemented some version of this technology, but the new law should help to push the technology forward and make sure all of the telecom companies are working together in this fight.

Quanexus IT Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business, Telephone Systems, Wireless

The Next Generation of Phishing, Laser Phishing

Criminals are changing the way they use phishing campaigns, targeting upper management and CEOs. Microsoft is warning users of an increase in “laser phishing”, or “spear phishing” attacks. Microsoft data shows traffic associated with phishing campaigns doubled year over year in September.

A spear phishing attack targets a specific person. This person receives messages from someone they purportedly know or are familiar with. Typically, the email will look like it is coming from this person’s boss or someone even higher up in the company they are working for. A spear phishing attack takes much more time and effort on the part of the criminal to find out everything they can about the person they are attacking. Criminals are using social media to find out things this person is interested in, place of employment, friends, and travel.

This is a big change from phishing attacks we are used to seeing. A normal phishing attack sends out a more generic email to many users often trying to get them to click on a link in an email, or enter a username and password, like your Amazon account information for instance. We talked about this example in our Social Engineering video you can see HERE.

There have been reports of employees in the financial department of a company receiving emails from the CFO or CEO telling them to transfer money to a specific account for an urgent deal they are making. This new form of phishing cost US businesses over a billion dollars in 2018.

What this means for your business:

Educate your users on this new form of phishing. Public facing users are more susceptible like HR recruiters, customer service, and even some admin roles. Your users can be your biggest asset against attacks, or your biggest liability.

Be aware of what personal information you have on social media. Is there anything on there you wouldn’t want a potential scammer to see? Double check your privacy settings and make sure they are set to a level you are comfortable with.

Use smart passwords and two-factor authentication where possible. Don’t use the same password over and over. There are secure password managers that can help manage passwords and keep accounts secure. Microsoft found that using two-factor authentication blocks 99.9% of automated attacks.

Keep your systems patched and updated. When software companies find tactics being used by criminals, they update the software to block some of these attacks. If you are not updating your systems on a regular basis, you are leaving yourself open to known hacking methods.

Do not click links in emails. If there is any question the email could be fake, go straight to the source instead of clicking the link.

Quanexus IT Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Physical Security, Recent Posts, Small Business