6 Ways to Combat Social Phishing Attacks

Phishing is the number one method of attack delivery for everything from ransomware to credential theft. We are very aware of it coming by email, but other types of phishing have been growing rapidly. 

In recent years, phishing over social media has skyrocketed by 500%. There has also been a 100% increase in fraudulent social media accounts. 

Phishing over social media often tricks the victims because people tend to let their guard down when on social platforms like Facebook, Instagram, Twitter, and LinkedIn. They’re socializing and not looking for phishing scams. 

 

However, phishing scammers are out there looking for you and will reach out via friend requests and direct messages. Learn several ways you can secure your social media use to avoid these types of covert attacks. 

MAKE YOUR PROFILE PRIVATE ON SOCIAL PLATFORMS

Phishing scammers love public profiles on social media because not only can they gather intel on you to strike up a conversation, but they can also clone your profile and put up a fake page for phishing your connections. 

Criminals do this in order to try to connect with those on your friends or connections list to send social phishing links that those targets will be more likely to click because they believe it’s from someone they know. 

You can limit your risk by going into your profile and making it private to your connections only. This means that only someone that you’ve connected with can see your posts and images, not the general public. 

For sites like LinkedIn where many people network for business, you might still want to keep your profile public, but you can follow the other tips below to reduce your risk. 

HIDE YOUR CONTACTS/FRIENDS LIST

You can keep social phishing scammers from trying to use your social media profile to get to your connections by hiding your friends or connections list. Platforms like LinkedIn and Facebook both give you this privacy option.  

Just be aware that this does not keep scammers from seeing you as a friend or connection on someone else’s profile unless they too have hidden their friends list. 

BE WARY OF LINKS SENT VIA DIRECT MESSAGE & IN POSTS

Links are the preferred way to deliver phishing attacks, especially over social media. Links in social posts are often shortened, making it difficult for someone to know where they are being directed until they get there. This makes it even more dangerous to click links you see on a social media platform. 

A scammer might chat you up on LinkedIn to inquire about your business offerings and give you a link that they say is to their website. Unless you know the source to be legitimate, do not click links sent via direct message or in social media posts. They could be leading to a phishing site that does a drive-by download of malware onto your device. 

Even if one of your connections shares a link, be sure to research where it is coming from. People often share posts in their own feeds because they like a meme or picture on the post, but they never take the time to check whether the source can be trusted. 

DON’T PARTICIPATE IN SOCIAL MEDIA SURVEYS OR QUIZZES 

While it may be fun to know what Marvel superhero or Disney princess you are, stay away from quizzes on social media. They’re often designed as a ploy to gather data on you. Data that could be used for targeted phishing attacks or identity theft. 

The Cambridge Analytica scandal that impacted the personal data of millions of Facebook users did not happen all that long ago. It was found that the company was using surveys and quizzes to collect information on users without their consent. 

While this case was high-profile, they’re by no means the only ones that play loose and fast with user data and take advantage of social media to gather as much as they can. 

It’s best to avoid any types of surveys or quizzes on any social media platform because once your personal data is out there, there is no getting it back. 

AVOID PURCHASING DIRECTLY FROM ADS ON FACEBOOK OR INSTAGRAM

Many companies advertise on social media legitimately, but unfortunately, many scammers use the platforms as well for credit card fraud and identity theft. 

If you see something that catches your eye in a Facebook or Instagram ad, go to the advertiser’s website directly to check it out, do not click through the social ad. 

RESEARCH BEFORE YOU ACCEPT A FRIEND REQUEST

It can be exciting to get a connection request on a social media platform. It could mean a new business connection or connecting with someone from your Alma mater. But this is another way that phishing scammers will look to take advantage of you. They’ll try to connect to you which can be a first step before reaching out direct via DM. 

Do not connect with friend requests without first checking out the person on the site and online using a search engine. If you see that their timeline only has pictures of themself and no posts, that’s a big red flag that you should decline the request. 

CAN YOUR DEVICES HANDLE A PHISHING LINK OR FILE?

It’s important to safeguard your devices with things like DNS filtering, managed antivirus, email filtering, and more. This will help protect you if you happen to click on a phishing link. 

Find out how we can help! 

 

Article used with permission from The Technology Press.  

How to Protect Your Online Accounts from Being Breached

Stolen login credentials are a hot commodity on the Dark Web. There’s a price for every type of account from online banking to social media. For example, hacked social media accounts will go for between $30 to $80 each.

The rise in reliance on cloud services has caused a big increase in breached cloud accounts. Compromised login credentials are now the #1 cause of data breaches globally, according to IBM Security’s latest Cost of a Data Breach Report.

Having either a personal or business cloud account compromised can be very costly. It can lead to a ransomware infection, compliance breach, identity theft, and more.

To make matters more challenging, users are still adopting bad password habits that make it all too easy for criminals. For example:

34% of people admit to sharing passwords with colleagues

44% of people reuse passwords across work and personal accounts

49% of people store passwords in unprotected plain text documents

Cloud accounts are more at risk of a breach than ever, but there are several things you can do to reduce the chance of having your online accounts compromised.

USE MULTI-FACTOR AUTHENTICATION (MFA)

Multi-factor authentication (MFA) is the best method there is to protect cloud accounts. While not a failsafe, it is proven to prevent approximately 99.9% of fraudulent sign-in attempts, according to a study cited by Microsoft.

When you add the second requirement to a login, which is generally to input a code that is sent to your phone, you significantly increase account security. In most cases, a hacker is not going to have access to your phone or another device that receives the MFA code, thus they won’t be able to get past this step.

The brief inconvenience of using that additional step when you log into your accounts is more than worth it for the bump in security.

USE A PASSWORD MANAGER FOR SECURE STORAGE

One way that criminals get their hands on user passwords easily is when users store them in unsecured ways. Such as in an unprotected Word or Excel document or the contact application on their PC or phone.

Using a password manager provides you with a convenient place to store all your passwords that is also encrypted and secured. Plus, you only need to remember one strong master password to access all the others.

Password managers can also autofill all your passwords in many different types of browsers, making it a convenient way to access your passwords securely across devices.

REVIEW/ADJUST PRIVACY & SECURITY SETTINGS

Have you taken time to look at the security settings in your cloud tools? One of the common causes of cloud account breaches is misconfiguration. This is when security settings are not properly set to protect an account.

You don’t want to just leave SaaS security settings at defaults, as these may not be protective enough. Review and adjust cloud application security settings to ensure your account is properly safeguarded.

USE LEAKED PASSWORD ALERTS IN YOUR BROWSER

You can have impeccable password security on your end, yet still have your passwords compromised. This can happen when a retailer or cloud service you use has their master database of usernames and passwords exposed and the data stolen.

When this happens, those leaked passwords can quickly end up for sale on the Dark Web without you even knowing it.

Due to this being such a prevalent problem, browsers like Chrome and Edge have had leaked password alert capabilities added. Any passwords that you save in the browser will be monitored, and if found to be leaked, you’ll see an alert when you use it.

Look for this in the password area of your browser, as you may have to enable it. This can help you know as soon as possible about a leaked password, so you can change it.

DON’T ENTER PASSWORDS WHEN ON A PUBLIC WI-FI

Whenever you’re on public Wi-Fi, you should assume that your traffic is being monitored. Hackers like to hang out on public hot spots in airports, restaurants, coffee shops, and other places so they can gather sensitive data, such as login passwords.

You should never enter a password, credit card number, or other sensitive information when you are connected to public Wi-Fi. You should either switch off Wi-Fi and use your phone’s wireless carrier connection or use a virtual private network (VPN) app, which encrypts the connection.

USE GOOD DEVICE SECURITY

If an attacker manages to breach your device using malware, they can often breach your accounts without a password needed. Just think about how many apps on your devices you can open and already be logged in to.

To prevent an online account breach that happens through one of your devices, make sure you have strong device security. Best practices include:

Antivirus/anti-malware

Up-to-date software and OS

Phishing protection (like email filtering and DNS filtering)

LOOKING FOR PASSWORD & CLOUD ACCOUNT SECURITY SOLUTIONS?

Don’t leave your online accounts at risk. We can help you review your current cloud account security and provide helpful recommendations.

Article used with permission from The Technology Press.

Signs That Your Computer May Be Infected with Malware

Approximately 34% of businesses take a week or longer to regain access to their data and systems once hit with a malware attack. Malware is an umbrella term that encompasses many different types of malicious code. It can include:

  • Viruses
  • Ransomware
  • Spyware
  • Trojans
  • Adware
  • Key loggers
  • And more

The longer that malware sits on your system unchecked, the more damage it can do. Most forms of malware have a directive built in to spread to as many systems as possible. So, if not caught and removed right away, one computer could end up infecting 10 more on the same network in no time.

Early detection is key so you can disconnect an infected device from your network and have it properly cleaned by a professional.

Keep an eye out for these key warning signs of malware infection so you can jump into action and reduce your risk.

STRANGE POPUPS ON YOUR DESKTOP

Some forms of malware can take on the disguise of being an antivirus app or warranty notice that pops up on your screen. Hackers try to mimic things that users may have seen from a legitimate program, so they’ll be more apt to click without thinking. If you begin to see a strange “renew your antivirus” subscription alert or a warranty renewal that doesn’t quite make sense, these could be signs that your PC has been infected with adware or another type of malware.

NEW SLUGGISH BEHAVIOR

Computers can become sluggish for a number of reasons, including having too many browser tabs open at once or running a memory-intensive program. But you’ll typically know your computer and the types of things that slow it down.

If you notice new sluggish behavior that is out of the ordinary, this could be an infection. One example would be if you don’t have any programs open except notepad or another simple app, and yet you experience freezing.

When malware is running in the background, it can often eat up system resources and cause your system to get sluggish.

APPLICATIONS START CRASHING

Applications should not just crash out of the blue. There is always a reason. Either the software is faulty, there’s been an issue with an update, or something else may be messing with that application’s files.

If you suddenly experience apps crashing, requiring you to restart the app or reboot your system, this is another telltale sign that a virus, trojan, or other malicious code has been introduced.

YOUR BROWSER HOME PAGE IS REDIRECTED

If you open your browser and land on a homepage that is not the one you normally see, have your PC scanned for malware right away. Redirecting a home page is a common ploy of certain types of malware.

The malware will infect your system and change the system setting for your default browser home page. This may lead you to a site filled with popup ads or to another type of phishing site.

Just trying to change your homepage back in your settings won’t fix the situation. It’s important to have the malware removed.

SUDDEN REBOOTS

Another annoying trait of certain types of malicious code is to make your system reboot without warning.

This can cause you to lose the work you’ve just done and can make it difficult to get anything done. This may happen when malware is changing core system files behind the scenes. With files corrupted, your system becomes unstable and can often reboot unexpectedly.

YOU’RE MISSING HARD DRIVE SPACE

If you find that a good deal of your hard drive space that used to be open is now gone, it could be a malware infection taking up your space. Some types of malware may make copies of files or introduce new files into your system.

They will cleverly hide, so don’t expect to see the word “malware” on a file search. Instead, the dangerous activities will usually be masked by a generic-sounding name that you mistake for a normal system file.

YOU RUN ACROSS CORRUPTED FILES

If you open a file and find it corrupted, this could be a red flag that ransomware or another form of malware has infected your system.

While files can occasionally become corrupt for other reasons, this is a serious issue that deserves a thorough malware scan if you see it.

PC “PROCESSING SOUNDS” WHEN THERE SHOULDN’T BE

Most of us are familiar with those “thinking sounds” when our computer is processing something memory intensive. You’ll usually hear a type of whirring that will go away once you finish that activity.

If you begin hearing this processing sound when you’re not doing anything particularly intense on your computer, this could be a sign that malware is running in the background and it should be checked out.

GET EXPERT MALWARE SCANNING & REMOVAL

Free online malware and virus scans aren’t very reliable. Instead, come to a professional that can ensure your entire system is cleaned properly.

Article used with permission from The Technology Press.

Email Security Hits Home For CEO, Mike Kupfer

How I Stole Everything From My Brother While He Was Laid up In A Texas Hospital ICU. 

Ok first off, while the rest of this story will be a true story about my personal experience with handling by brother’s financial life over the past 6 months, the title is…well, a bit of click bait. In fact, it should be titled “How I COULD have stolen everything from my brother while he was laid up in the burn ICU.”

In fact, as my mother’s favorite child and a good brother, all actions taken with my access to his financials were to his benefit. However, had a “bad actor” had received even the small amount of credentials I had been given; they could have wreaked a lot of havoc on my brother. Honestly, with much more ease than I would have ever expected, and I have been around IT security for years.

On July 19, 2021, my brother was in a terrible accident. A house fire from which he honestly had no business surviving. The first day we got to the hospital, we were told that if he was to survive, we should expect an extended stay in the burn ICU. We were told to expect months.

While his health was of the utmost importance in those first couple of weeks, I did know that his laptop, wallet, and phone had been left at the site of the fire, and since the home was left pretty much unsecured, it probably made sense to make sure my brother’s credit was locked with the credit agencies and his financial accounts were monitored.

Every week or 10 days there would be a day or two that my brother was able to communicate, although admittedly not very well. When the first of those days came. I was able to ask him his login and password for his Yahoo email account, his main email. He struggled to remember the exact password, but after a few guesses I had access to his account.

The rest of this story should be read as a cautionary tale that someone even with simple e-mail credentials cause great harm. You might think all of your vendors make it difficult to hijack your account, I did. While managing my brother’s finances, I found out this is not always the case. Here are some of the “cracks” I discovered with the different types of institutions.

Credit Agencies

This was the first place I called were the credit agencies to put a stop on any attempts to run a credit report in his name. Remember, at this point I don’t have official power of attorney because he has yet to have a fully coherent enough day to do paperwork. (Nor the use of his hands to even hold a pen)

I started with the credit agencies, and these were the only companies where I said that I WAS my brother. Since I had his social security number, his birthday, and access to his email, I figured I could pull it off. For the most part I did, but to their credit, they asked me a handful of questions specific to his credit in addition to the traditional credentials. For instance, they asked which of the following streets had he lived on in the past 10 years and offered multiple choice. These questions I would not likely had known, and my cover would have been blown. However, my niece was sitting next to me, and SHE knew the answers to these questions. 1st MISSION ACCOMPLISHED we got access and were able to put a freeze on his credit.

It taught me something though. Getting access to his banks and credit cards might not be so easy even with his information. I decided moving forward that I would always come clean and tell the customer service people I was calling that I was in fact Mike, and I was calling on behalf of my brother, but had all needed information. This is when things began to get interesting, and a bit scary.

Credit Cards

My brother had a lot of credit cards. He liked to have a couple he would use for expenses and getting points etc., and others with small limits that he used once a month and paid them off just to get his credit rating

boosted. There were some differences in how these banks dealt with my requests to get online access so that I could manage my brother’s account. Mostly secured the account with basic UN and Password, and email as a 2nd form of authentication. Since his email was almost always his username, all I needed to do was request a new password and the system would send a new “reset password” link to my brother’s email, which I had access to. Bottom line- on most of these accounts, having nothing more than a story and email access, I was able to take over access to his credit cards as if I was him.

Cell Phone

This was my favorite. I did not have a login or password. I called in and told the customer service rep that I was calling on behalf of my brother and looking to get access so that I could replace his phone for him. (I actually needed this because some companies with stronger procedures required his cell phone for the second authenticator and not his email) They did ask if I had his PIN, which I literally guessed. He CONFIRMED that was the PIN. However, he insisted that he “get approval” directly from my brother. So even though I explained that my brother was in the hospital and getting him on the phone was not an easy task, they made me get him on the phone and give a verbal ok to allow me on his account. Even though my brother was not able to remember his pin, because the service manager had confirmed it with me, I was able to text it to my brother’s nurse and tell him to give that PIN. This seems like a decent policy, but honestly, I could have had him call me on a different phone line or an accomplice, so it seemed kind of stupid to require speaking with my brother. At least I was not just able to talk my way into a representative changing security protocol.

Banks

Banks were also an interesting bunch. My brother banked with 2 banks. One of which I was getting nowhere with until I had full Power of Attorney. So, from a security standpoint they were solid. The other bank was one that my brother had a relationship with. He would like to go into the banks and talk to people. That is just how my brother is. When I called them and tried to get access to his accounts, I was amazed at just how close a relationship could have become a security breach had I been a bad actor. Basically, when I called the bank, they had heard about this fire and when I told them it was my brother’s home, they were very eager to help in any way. They did have their security protocols but since they knew my brother, I had them looking into how I could get access to his online accounts. At one point, I was told that when the teller who knew my brother came back from lunch, she would call me, and I could put my brother on the phone so he could give a verbal approval of my access. If that teller “felt comfortable” with the person on the other end of the line “was in fact my brother” then I could have the access. I was shocked but wanted the access. So, I kept my mouth shut. When the branch manager did call me back, they told me this would not work. NOT because it was a security risk, but because at that branch, they did not have the ability to record calls, and so there could be no record. So, they inadvertently avoided basically giving me accesses and probably breaking bank security protocol.

Financial/Crypto Currency Account

When it came to gaining access to my brother’s crypto currency account, the security was solid. Perhaps to solid. I had to jump through so many hoops (with very little customer service help but via email) that it literally took me over a month, and a physical trip to my brother in Dallas to finally gain access. My advice on these types of accounts is not so much about how to improve your security, but rather make sure you UNDERSTAND their policies and prepare for another party to be able to get access if needed. This account was one of the most important that we get into as it had a majority of his available funds, yet it took me almost a month to get access because their security is so tight and not really set up for an emergency like the one my brother was in. If you have money in a particular account, make sure you know their access policy and prepare for that. There were literally days I thought I might never get into this account for my brother. I don’t mean that figuratively.

CONCLUSIONS

  • FIRST AND FOREMOST – PROTECT YOUR EMAIL CREDENTIALS!!!

So many companies use email as the main way to verify a request for a new password. If a bad actor has this data, they can call every vendor, bank, credit card, or personal contacts and see if having those credentials can get them other more private credentials. What I found out with this experience is they can, and not with much more effort than requesting a new password and then locking you out. Having a managed IT provider in Chicago take a look at your email protection status is a great idea.

  • DON’T USE THE SAME PASSWORD OR PIN NUMBERS FOR MULTIPLE VENDORS

How was I able to “Guess” my brother’s cell pin? Easy. I know he is a Cubs fan and he had used a couple of Cubs player numbers as his 4-digit code. He had used the same code with another vendor I had earlier gained access to and so I had a good idea this would be the same and BAM- It was. If you MUST use similar passwords for convenience, use a password scheme that is easy to remember but would make each site unique. For instance:

  • The name of the service, followed by
  • Your birthday followed by
  • A dollar sign

So that your login to Amazon might be (if your b-day was March 25th) Amazon0325$. Then on your Life Insurance website it could be Insurance0325$, and so on. Pro tip on this idea, use tiers of difficulty in your password schemes so that lets say the sample above would be good for all less threatening websites, but use a more difficult scheme for your financial and banking sites. Things you FOR SURE do not want people to get into. For those you might do something like:

  • The service name, followed by
  • Your mom’s full birthday, followed by
  • Your dog’s name, followed by
  • Two #.

So that might look something like Banking062938Fido##. MUCH more challenging to crack by man or machine.

  • KNOW THE REQUIREMENTS FOR ACCESS FOR ANY VENDOR FINANCIAL OR OTHERWISE AND PLAN FOR EASY ACCESS FOR SOMEONE BESIDES YOU.

My brother (like many people) was not fully prepared for a month’s long hospital stay. Really it is mostly the financials that can get sort of tricky, and they are likely to be more sticklers regarding security compliance (although not always). Find out what they would ask for if YOU were not able to physically get access. In my brother’s case he lost his wallet in the fire. Had I known how important a copy of his driver’s license would have been in receiving access to his crypto account, I could have made a copy and kept it in a file in my home in case of emergency. Luckily, while he was in the hospital, access to this money was not all that important, but had he needed this money sooner than “eventually” it could have been a problem since it took over a month for me to gain access.

  • IF YOUR ORGANIZATION NEEDS OUTSIDE HELP WITH SECURITY DON’T HESITATE TO PLAN FOR THIS.

No matter if you have an IT staff internally, use a Managed Services Provider (MSP), or have a combination of both similar to Black Diamond’s Co-Managed Services, make sure you are consistently planning, executing and if need be, adjusting your defense against bad actors looking to cost your organization money.

My brother is still in recovery. His doing as well as can be expected, perhaps even better than expected, which is great. He is back to handling his own credit cards and bills and has changed a couple of security habits.

I am pretty sure he is grateful his brother is an IT and cyber security consultant and not a cybercriminal. If he is not, he should be! As far as my being mom’s favorite, I think my brother and I both realize that was my sister!