What is Smishing?

Smishing is a form of Phishing over text message or SMS message. The criminal’s goals are the same as they are in typical Phishing attacks. Hackers are either trying to get you to divulge a username and password, install malware on your device, or convince you to send them money. There are numerous reasons criminals are using text messages instead of email for these attacks. First, the read and response rate is much higher in text messages. 98% of text messages are read, as opposed to only 20% of emails. Additionally 45% of text messages are responded to compared to only a 6% email response rate. Another reason for the shift is most consumers do not have their guard up against questionable text messages. Most technology users understand clicking a link in an email could be falling into a trap, but we don’t have the same suspicion around text messages yet. A third reason is many reputable websites use SMS for two-factor authentication.

I received two Smishing messages attempting to look like they came from Amazon.

 

 

 

 

 

 

 

 

 

 

Just like typical Phishing emails, the text messages are designed to create urgency. The first message looks like a two-factor authentication message. Since I wasn’t trying to log into my Amazon account at the time, the message makes me think someone else is trying to log into my account. There were a few things that made me pause and not click on the link, however. First the message came from a phone number, and not in the typical chain I get two-factor codes from Amazon in. The other 2FA codes I had from Amazon were all in the same text chain and did not have a link associated with them. Also, the more I looked at the message I noticed the odd grammar, and “don’t” was missing an apostrophe. I received the second message five hours later. This message is supposed to create more urgency. Notice the end of the URL is the same random numbers and letters. Also notice there should be a period after “detected” and Amazon would probably capitalize their company name in correspondence.

Criminals are finding new ways to steal information and money. The technology industry is slowly moving away from SMS authentication to more reliable sources. Read our blog on Microsoft’s stand on SMS authentication Here. Continue to be vigilant and suspicious of links you click on, even in text messages.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Information Security, Physical Security, Recent Posts, Small Business

What is a Supply Chain Attack?

What is a supply chain attackThe SolarWinds attack in the news has brought up many new terms that may not be familiar to business owners. Today we are going back-to-basics to discuss supply chain attacks.

Every business uses third party software and hardware. Even the smallest business has to communicate with vendors and customers, receive, ship, bill, and inventory. A supply chain attack occurs when criminals infiltrate your system through an outside partner or provider with access to your systems and data. When a supply chain attack occurs, hackers have access to the same data and permissions the software infiltrated has access to.

Attackers target software developers and suppliers looking for access to source code, or update tools. The goal is to infect a legitimate piece of software and use that software to distribute malware to customers. Hackers break into manufacturers’ servers and hide malware in software updates. When these updates are pushed out by trusted vendors, the updates are certified as safe. Customers who are following sound IT practices patch and update their systems regularly, and unknowingly add the malware to their systems.

The SolarWinds attack is greatly consequential for two reasons. First, the Orion tool is a Network Management System, meaning the hackers gained access at the network level, and had the same permissions the management tool had. This allowed attackers to change network settings, move laterally through the network, and also target the user level. Second, the Orion tool is used by large corporations, and the US Government. The SolarWinds Network Management System is used by 425 of the US Fortune 500.

Many of the large cyber-attacks that make the news are supply chain attacks. The Target breach in 2014 was blamed on a third party vendor, as well as the Equifax breach in 2017. The SolarWinds attack is the largest and most consequential supply chain attack we have seen, but it follows a pattern well established in the cyber-crime landscape.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business

Ransomware in 2021

Ransomware attacks were on the rise in 2020, and all indicators suggest the trend will continue in the new year. Ransomware is a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption.

The most common methods used to spread ransomware are visiting a compromised website or clicking on a malicious link or attachment in an email. We saw a dramatic increase in ransomware when users went remote in April, but experts expect the number of attacks to continue to grow. Statistically 40% of victims pay the ransom, and criminals used last year to perfect tactics. Basically all metrics tracking ransomware increased dramatically in 2020.

In Q3 of 2020 we saw a 50% increase in ransomware attacks compared to the first six months of the year.

The average cost per incident increased from $5,900 in 2019 to $8,100 in 2020.

The average loss caused by downtime from a ransomware attack increased from $141,000 in 2019 to $283,000 in 2020.

The estimated total cost of ransomware attacks almost doubled year over year increasing from $11.5 billion in 2019 to $20 billion in 2020.

Often, small and medium sized businesses are targeted because many of them do not have the resources to defend against an attack. Small businesses accounted for 43% of all cyber-attacks in 2020, and 70% of small businesses say they are not prepared to deal with a cyber-attack.

Quanexus bridges the IT gap for many small businesses who are not able to keep a high quality, up-to-date IT department on staff. IT Security demands change quickly, and many small to medium sized businesses are not able to keep up on their own.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business

Virtual Bytes – Security Awareness Training

The start of the new year is a great time to re-set and talk to your employees about IT Security. 2020 was a record year for ransomware, and hackers taking advantage of employees working from home. Remember your employees can be your best asset, or your worst liability when combating cyber threats. Watch the podcast for some high level tips, and to learn how Quanexus can help your business.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business, Virtualization