Top Phishing Scams of 2022

Phishing remains the most popular cybercrime suffered by U.S. businesses and individuals. The criminals typically use social engineering to trick victims into giving out sensitive information by masquerading as a trusted source. They then use or sell the information to enrich themselves or plan a more sophisticated scam.

Luckily, most phishing scams and their variations are easily identifiable and preventable with the right level of awareness and knowledge. Here are popular phishing scams we’re seeing in 2022 and how you can keep yourself safe.

Spear Phishing

A spear-phishing attack is a more targeted form of email phishing directed at a specific individual. Cybercriminals gather information about the victim from publicly available sources, such as social media platforms.

Armed with personal information, the scammers address victims by name, tricking them into opening a malicious attachment or link. Due to the well-crafted effort and realistic phrasing of the email, spear phishing scams are extremely difficult to identify.

Keeping Safe: Beware of unusual requests, especially emails from your superiors. Avoid downloading attachments you haven’t requested, and treat any attempts to gain your trust with suspicion.

Voice Phishing

Vishing or voice phishing is a reinvention of the classical spam call scam. It has seen a steady rise, so much so that the FBI sounded the alarm. Cybercriminals spoof caller IDs on VoIP phones, masquerading as family members, friends, government officials, and more.

The scammers attempt to push the victim to give out valuable information. The trick often involves creating urgency or authoritative threats that prevent the target from thinking straight.

Keeping Safe: Hang up any suspicious calls. Never visit any website provided over the phone or share any sensitive information over a call.

Business Email Compromise (BEC)

BECs are complex phishing scams that target businesses or individuals responsible for finances. Criminals gain access to an executive’s account or impersonate one and send internal requests to junior employees.

The scammers use social engineering or sophisticated computer intrusion techniques to wire funds to their accounts, defrauding businesses.

Keeping Safe: When processing large sums, an unusual sense of urgency should raise the alarm. Additionally, show wariness towards transaction requests without any legal correspondence.

Social Media Phishing

Social media platforms have become a favorite for cybercriminals wanting to launch large-scale phishing scams. Most profiles contain so much personal information that attackers can use it to sell themselves as trusted sources.

You may receive links, pictures, videos, surveys, and comments that send you to malicious websites that steal sensitive information.

Keeping Safe: Don’t click on suspicious links, even from friends or family. Their accounts are possibly hacked. Stay alert on messages or requests from unknown individuals.

Crypto Phishing Scams

The crypto crazy has provided a novel avenue for cybercriminals to launch phishing attacks. With a large percentage of the population still oblivious to blockchain technology, scammers can create clone websites and fake coin apps to collect personal information from unsuspecting visitors.

A common scam involves spoofing tweets from well-known crypto promoters to infiltrate their communities before laying a trap for ignorant victims.

Keeping Safe: Use your judgment. If the deal sounds too good, it is probably a scam. Beware of ads calling for investing in novel coins.

Search Engine Phishing

Scammers create legitimate pages on search engines, such as Google and Bing, and use high-value keywords to rank higher. Unsuspecting victims click on links to these websites where they share their personal information, completing the attack.

The pages often contain fake scholarships, job offers, discount coupons, or dating matches. With free SSL certificates, most of these sites can seem legitimate.

Keeping Safe: Look for one-in-a-lifetime offers that may entice you to click on suspicious links. Poorly-designed websites are also a major red flag.

Clone Phishing

Web fraudsters can also clone or spoof popular websites to entice visitors to share their personal information. Fake websites often contain similar features to the original, including logos, texts, and images. Health, banking, and social media sites are some popular cloning targets for cybercriminals, as they often include vital personal information.

Keeping Safe: Check for URL misspellings. Web design errors, such as pixelated logos, are also a giveaway.

Staying Safe While Online

Phishing scams can have huge financial and reputational ramifications. Proper cybersecurity practices and diligence can help thwart most of these risks in their infancy. Taking a proactive approach can help keep you and your important information safe.

Digital privacy is becoming a growing concern and people are waking up to how their personal data is being exploited by unrelenting marketing companies and cyber criminals. In general, all online activity is tracked and often sold to marketing giants who profit from it—and it’s not just marketing companies who use your data. Scandals are constantly being revealed regarding how social media platforms misuse user data.

Cases such as Cambridge Analytica offer insight into how political parties work with big data to sway political attitudes. They do this by creating “psychographic profiles” of users based on their digital activity and browsing habits. By collecting your data, large corporations can create digital fingerprints of you and use these fingerprints to create sophisticated marketing strategies that are essentially designed to hack your mind.

Additionally, cybercrime is a major concern for internet users, and with protecting yourself being one of the primary VPN benefits, it’s a good idea to educate yourself about how they work and how they can benefit your digital privacy.

How Do VPNs Work?

A VPN, or Virtual Private Network, is a type of software that allows users to remain anonymous and private online. When you connect to the internet, your computer is assigned an IP address that can be used to identify you. However, when you use a VPN, your traffic is routed through a server that changes your IP address and makes it appear as though you are located in another country. This can be useful for accessing region-locked content or bypassing censorship. Let’s take a closer look at VPN benefits and uses.

Common VPN Uses and Benefits

Wondering how using a VPN can benefit you? Here’s a list of eight advantages and uses.

1. Avoiding Surveillance

Whether you’re a journalist working on sensitive stories or simply someone who doesn’t want their online activity tracked, using a VPN can help to avoid unwanted surveillance.

2. Accessing Country-Restricted Content

If you’re trying to access content that’s only available in certain countries, using a VPN can help you to bypass those restrictions.

3. Enhancing Data Protection

When you use a VPN, your traffic is encrypted, making it more difficult for anyone to intercept and misuse your data.

4. Bypassing Censorship

In some countries, the government imposes strict censorship laws blocking access to certain websites or content. A VPN can help you to bypass censorship and gain access to the information you want.

5. Improving Online Security

In addition to encrypting your traffic, a good VPN will also offer additional security features such as malware protection and firewalls.

6. Unblocking Netflix

Netflix uses geo-blocking to restrict content in certain countries. However, if you use a VPN, you can often unblock Netflix and gain access to the full range of titles available in any country, rather than being restricted to your own country of residence.

7. Saving Money on Travel Expenses

If you frequently travel for business or pleasure, you may be able to save money on travel expenses by using a VPN. Many hotels and airlines offer discounts to customers who book through their websites, but these deals are often only available if your location appears to be in the same country as the hotel or airline. By connecting to a server in that country, you can make it appear as though you’re located there and potentially save money on booking fees.

8. Boosting Internet Speed

In some cases, connecting to a server closer to your current location may actually boost your internet speed, even if it’s just by a few milliseconds. If you frequently find yourself waiting for pages to load or files to download, connecting to a VPN may help speed up your connection.

In the movie Focus, Will Smith stars as Nicky, a clever conman who uses the power of social engineering to strategically remove valuables from his completely unsuspecting victims while also training Margot Robbie (Jess) how to be a better con artist. While dancing in the street, Jess flirts with a man while keeping him distracted long enough to slip his wedding band off his hand and onto hers. 

Social engineering isn’t just quick cash grabs or grand larceny in the physical sense. It’s also an incredibly powerful tool used by cyber criminals to infiltrate otherwise secure businesses successfully. No amount of firewalls can keep an intruder out if that intruder is already within the protected environment. Is there anything that can be done to prevent social engineering attacks? It all depends.

How Social Engineering Works

Social engineering is a practice where people, usually in physical form but sometimes digitally, trick their peers into performing some self-infliction that allows them to be taken advantage of. A typical example is a criminal who pretends to do a magic trick but ends up stealing from the trick’s participant instead.

In the cyber security world, social engineering is a lot less glamorous in most cases but potentially even more dangerous. We’re sure you’ve seen the spam emails in your inbox that claim you’ve won some sort of prize or that your online shopping account needs a password change. This type of social engineering attack involves phishing, a practice where unsuspecting recipients are tricked into entering information or clicking a malicious link through seemingly official means. It’s common for phishing attacks to target user emails, but it has also graduated to text messaging, social networking sites, and fake websites.

Famously, Target was the victim of a phishing attack that saw 40 million credit cards get stolen. An HVAC technician contracted to Target fell victim to social engineering and opened a malicious email. Attackers used the Target credentials from the HVAC tech to gain access and deploy the malware across Target’s system. What’s worse, the malware that was released is pretty standard and easily detectable by most business antivirus systems. However, the final nail in the coffin was the security center in Minneapolis ignoring the security breach even after being notified. This led to more the 70 million customers having their information stolen.

Other forms of social engineering can include completely offline and in-person attacks, such as stealing or copying hardcopies of passwords on sticky notes or employee notebooks. While these may sound like rudimentary attacks, they are the most dangerous since attempts to infiltrate the security system happen from within. When someone can pose as an employee at the location that will be authenticated, this eliminates the most challenging part: Tricking your victim.

How to Prevent Social Engineering Attacks

1. Check the Sender’s Email or Phone Number

Social engineers frequently use authentic-looking communications to pull off phishing attacks. With the exception of spoofing, most low-level social engineering attacks use incorrect email addresses when posing as fellow employees or vendors. The same goes with phones; if the number looks suspicious, it probably is, especially if they’re asking for some sort of login information when you have not requested a password reset, for example.

2. Secure Login Credentials

Security measures like two-factor authentication can severely hinder a cyber criminal’s ability to gain access to user accounts. However, many times the attack happens in person. In this case, the would-be criminal only needs to find an unsuspecting victim that has left their login credentials visible to the public. Enforce strict policies stating that there’s no writing down physical passwords, and be sure to have a good password change policy, such as a new password every 60 days. 

3. Admittance Policy

While network security is obviously essential, unauthorized access to your business’s property can be one of the fastest ways for a social engineer to wreak havoc on your company’s data. That said, attendance policies, vetting outside contractors for third-party vendors, and developing a keen eye for malfeasance will go a long way. 

When Being Social Isn’t Fun

Social engineering is a powerfully deceptive tactic that criminals can use to extract both physical and digital assets from you or your company. Industry-best cybersecurity practices and procedures can help to sort these attacks in their infancy. Still, it’s important to remain diligent, especially when it only takes seconds for an internal attack to happen.

The sole act of keeping and maintaining data backups is one of the most important things a business can do. This is true no matter what size a business is or what industry they reside in. But with the rise of ransomware attacks, it’s only a matter of time until cybercriminals target those backups along with other critical business systems. 

Are offline backups enough to mitigate some of the damage and loss from a ransomware attack? To really understand the role of offline backups in a ransomware attack, it is important to understand what a ransomware attack really is and what attackers use them for.

What Is Ransomware?

Ransomware is a type of malware that holds victim data hostage in exchange for some form of payment or action. For example, in April of 2021, a group of cyber attackers targeted Quanta Computer, one of Apple’s business partners. The attackers wanted Quanta Computer to dish out $50 million by April 27th, 2021 in exchange for a decryption key that would release their now hijacked data. 

Ransomware is a dirty business, but it can be an extremely profitable one for criminals, especially if their intended victim actually pays out. And despite how large of a company Quanta Computer is, they still fell victim to the attack. 

Offline Backups

Ransomware attacks are quickly becoming one of the most powerful ways criminals can bully a business into paying out large sums of money in exchange for getting their own information back. A great way to offset this is with offline backups. If a criminal is able to successfully execute a ransomware attack on a business, that targeted data becomes unaccessible to the business due to sophisticated encryption mechanisms. With secured offline backups, the business can hopefully cut off attacker access and restore the backups to continue with business operations.

This doesn’t solve the initial problem of the attack in the first place, though. And if there are specific trade secrets that are going to be released, there’s not much that can be done to prevent the release if the attackers go through with their threat. 

Removing Offline Backups From the Network

Even with offline backups, if those are still connected to the compromised network, attackers can encrypt that data and render the benefits of the backup useless.

To combat this, a good practice is to keep a master backup completely disconnected from a business’s network. This means locking the backup away in a secure, non-connected environment.

Best Backup Procedures

Maintain a Backup Offsite

Keep a copy of sensitive or important data backed up at an unconnected location. This helps to guarantee that in the event of a ransomware attack, an untampered copy will remain somewhere safe for later restoration. 

Redundancy

Businesses should also maintain more than 1 backup. Multiple instances of offsite redundancy are always the best backup method and will likely remain that way in the future.

Maintain an Adequate Backup Schedule

How often does your backup need to happen? This is different for all businesses. Whatever the timeframe is, make sure that it’s always adhered to. 

Suppose an attacker launches a ransomware attack at 2:00 pm on a Wednesday. Hourly backups would allow for restoration from at least 1:00 pm and back, daily backups from the Tuesday before, and so on. Weekly data backups, while better than nothing, are usually not frequent enough to successfully subvert a ransomware attack. We recommend daily backups at a minimum for the most effective ransomware protection.

Network Coverage Can Help Secure Your Data

Ransomware attacks are never fun, and being the victim of such an attack without a resilient backup strategy can completely cripple a business. Our team of data experts is ready to help ensure your data is safe. If you’d like to learn more, contact us today.

Foreign Threats on American Networks

“The war with Russia” hearkens back to the days of the Cold War with the Soviet Union. Back during the 1950s, students in schools all across America were trained to practice ‘Duck and Cover’ drills — there was even a catchy little jingle that played on the radio that attempted to mask the grim reality of an always looming nuclear threat. 

Today, Russia is in physical conflict with its former land mate Ukraine. And while that physical conflict is easy to see, there’s been an ‘invisible’ war that’s been running rampant with all of the world’s global superpowers. That war isn’t taking place on a battlefield — at least not the physical kind we’re so used to seeing and hearing about. Instead, the cyber warfare efforts of Russia, China, and even the United States are heating up in a way that most Americans won’t be able to tangibly experience or even begin to understand until its broadcast on TV news or written about online. 

Chinese and Russian Threats

If we take a moment to put aside national and geopolitical ideologies for a moment, we can see that throughout recent history, the most amplified cyber threats that average people hear about are from China and Russia. Russia has been the boogeyman in the political realm for quite some time, but its cyberattack prowess is no made-up entity. China is just as, if not more, culpable for a lot of the cyberattacks that affect many businesses today. 

What’s the REAL Threat, Anyway?

But more than the hacks themselves, China’s dominant role in global corporate espionage is the most concerning factor cyber security experts worry about. There are fears about how far American consumerism have allowed the CCP to infiltrate our daily lives. 

Mobile Phones

Mobile phone manufacturer Huawei was famously banned from conducting business in the United States due to concerns that the phones had hardware-level vulnerabilities that allowed the CCP access to the private information of regular US citizens as well as politicians, diplomats, and others. ZTE, another Chinese mobile phone manufacturer, was banned from the US prior to Huawei for similar reasons.

TikTok

Now, all eyes are back on the possibility of TikTok getting banned following the failure of it getting banned under the Trump administration. FCC Commissioner Brendan Carr called TikTok an “unacceptable security risk” and called for Apple and Google to remove the app from their respective stores by July 8th, 2022.

A Buzzfeed News article details leaked audio from 80 internal TikTok meetings that show how China is repeatedly accessing user data. Facial recognition images, user details, and more are being served on a proverbial tray to the Chinese Communist Party, and most Americans aren’t thinking about the implications that this could have. 

Russia

As reported by Politico, a Microsoft report showed that Russian intelligence firms were hacking into various US and Ukraine-allied countries, including more than 100 organizations in the US alone, with a 30% success rate. And while this is just one instance of many where Russians were reported to be hacking the US and others, it’s certain that it won’t be the last. 

The Solution

In the world of cybersecurity, there are no guarantees of safety or impenetrable network. Part of the cycle of patches and fixes that benefit consumers and businesses relies on new revelations and security discoveries, often by way of exploits or attacks. Best security practices, a good backup plan, and limiting who and what is allowed onto our networks are critical in safeguarding against would-be attackers and potential data casualties.

Cyber Security: Past, Present, and Future

In “technology time”, a few months is the difference between bleeding edge and obsolesce — at least that’s the running joke. Truthfully, technology is advancing at record a feverish pace, and with that rapid innovation comes the need for better protection against technological attacks that maintain that same rate of growth. 

But where did it all actually start? Has the breakneck speed of an ever-evolving technology-driven world always been this way? 

A Brief History of Cyber Security

While the following timeline is not exhaustive, it should give you a good idea of when cyber security really started and how it evolved into the form we see today.

The 70s

In the 70s, the Advances Research Project Agency Network, or ARPANET, was created. This was one of the first computer networks ever created, and by all counts, would be the foundation for what we now know today as the internet. In 1971, an engineer at BBN Technologies, Bob Thomas, successfully created and deployed what would be the world’s first computer virus — Creeper. Very basic in nature, Creeper could move across the different computers connected to ARPANET and leave a trace reading: “I’M THE CREEPER: CATCH ME IF YOU CAN”. While harmless, it is considered to be the first computer worm. One year later in 1972, Ray Tomlinson would create Reaper, the world’s first antivirus.

The 80s

This is when cyber security and cyberattacks would begin to take center stage as the ever-looming threat to computers. As the Cold War was still underway, many security analysts fear that cyber espionage was the biggest threat the country faced. In 1987, a virus by the name of Vienna was launched. It was malware that would destroy the files of the host computer. Bernd Robert Fix defeated the virus, and so began the creation of antivirus software and, towards the end of the decade, the first real forms of cybersecurity companies.

The 90s

As the internet began to be released to the public, the explosion of viruses and malware changed the very foundation of cyber security. As email became popular with the release of easily accessible services like Hotmail, the spread of computer viruses grew due to user adoption. The Melissa virus, released in 1999, used a hijacked AOL to distribute a text file promising free adult content. Once opened, the virus was released. After much fuss and the virus now under control, this would be the first large push for the framework of how we experience cyber security today.

The 2000s and Beyond

In 2003, the US Department of Homeland Security established the National Cyber Security Division. This was the first government entity dedicated to cyber security. Beyond computers, smartphones were now hitting the market and cyber security teams now had even more points of vulnerability to concern themselves with. As time has advanced, along with accelerated technological development, cyber security concerns continue to grow. 

In our modern setting, IoT devices like smart thermostats and personal assistant hubs as now in the same conversations by cyber security experts as a major cause for concern. Cloud computing, no matter how big the company, is vulnerable to attacks. 

From Our Phone to Our Homes

As time has progressed, the level of cyberattacks has grown exponentially. Thus, threat mitigation and protection efforts have increased as well. It’s fascinating to get a bird’s eye view of how far the cyber security landscape has come; not solely because of the viruses, but how a seemingly good thing like the evolution of the internet has created so many different avenues for criminals to attack. 

As it stands today, protection from cyberattacks is a 24/7 job. But with the rate of technology development showing no signs of slowing down and, in 2018, AI-powered malware was already being injected into neural networks, the question remains: 

When is the next big leap in cybersecurity going to happen?

Reduce Vulnerabilities With Patch Management

Ask any IT team what the fastest way to a critical system failure is and the answers will vary. “We need protection against cyberattacks,” or, ”Firewall vulnerabilities present the biggest dangers.” And they’re all correct. But despite these different answers, a likely “duh” that everyone will share is software updates. Organizations that utilize several different software solutions simultaneously know the process of updates. And it’s not just the software, but the computer or device’s operating systems as well. This is the same no matter if a company uses Windows, macOS, or some sort of Linux distribution. 

What is Patch Management?

Patch management is a system of coordinating and applying software updates to an organization’s users’ devices along with infrastructures such as network routers and firewalls. Each piece of software has an update process, and managing those manually can be a real challenge, especially when companies have massive employee pools. For example, a small company of 10 employees won’t be nearly as daunting of a task to perform updates for a company of 10,000. And if we were talking about manually updating each device or piece of software for each user — well, you can imagine how incredibly inefficient that would be.

Benefits of Patch Management

Enter patch management. This process is usually controlled by an organization’s IT team or an outside vendor in conjunction with the IT team. Because there are so many devices with potential updates that occur at different times, IT teams can coordinate them all at once with the goal of minimizing user and system downtime. 

But as great as patch management is, there’s still one fundamental flaw that must be rectified to take full advantage of efficiency at scale. And that flaw is different user devices.

What is Device Standardization?

Device standardization is the process of eliminating as many differences in the user systems of an organization as possible. Let’s run through a quick example of what a fragmented user inventory may potentially look like:

There are 50 users in the marketing department that use MacBooks. 25 more users are on Windows laptops, and of those 25, 10 are on HP, five are on Lenovo, and another 10 are on Dell. 

Splitting the biggest difference down the middle, 50% of our marketing department is on a Windows operating system while the other 50% are on a Mac operating system. On the Windows side, there are three different brands with three different sets of hardware. This gives us 4 total differences in potential device vulnerabilities that need to be managed.

The simplest way to eliminate this efficiency issue is through device standardization. If all 100 members of the marketing department were on the same system, our security risks are greatly reduced because the vulnerability on one system is the same for all, and thus, can be handled easier with less time managing conflicting hardware and software patching. 

Patching IT Systems

Device standardization also works similarly for IT infrastructure. But IT systems can be a bit tricky to standardize, especially if a firewall manufacturer doesn’t produce a complimentary server or if some older equipment because obsolete and needs to be replaced.

The solution to this is to try and get as much matching equipment as possible to reduce the total number of potential bugs and vulnerabilities. This will also reduce the amount of time IT teams have to spend managing individual components, resulting in a more efficient and secure network.

Efficiency is Critical

This is just a small sample of the potential issues relating to patch management efficiencies as well as ways to mitigate these potential security risks. If you need help or advice on device standardization or creating an effective patch management system, contact us today to speak to one of our expert implementation pros.