|New spear phishing attack identified|
When looking into the ways companies are hacked, you quickly realize that there are so many different tactics out there that it is mind-boggling. One of the more effective methods used recently is spear phishing, and in early December 2014, a new spear phishing attack was uncovered. This threat, while directed at larger organizations, could be turned against smaller businesses as well, and is therefore worth you knowing about.
What is spear phishing?
Spear phishing is an advanced form of phishing where attackers troll the Internet for relevant information about you and then create a personalized email that is sent to you. This email is usually developed so that it appears to be coming from a friend or trusted partner and contains links to a site or program that can initiate an attack or steal information.
More often than not, these links are to websites where you enter account information, passwords, and even bank account details, or any other personal information which can be used to break into computers and even steal your identity.
What is this latest spear phishing attack?
This new form of spear phishing, being carried out by an organization who calls themselves FIN4, has actually been around since as early as mid 2013. When they attack Wall Street listed companies they are doing so to steal valuable plans and insider information.
What we know is that they send highly savvy and targeted emails to people at a company, trying to harvest Microsoft Outlook account information. Once they have this crucial data they then target others inside, or connected to, the organization, with the same email, while also injecting the code into ongoing messages. This method can spread the attack quickly, leading to a potentially massive security breach.
In the email examples of this phishing threat, the attackers write mainly about mergers and other highly valuable information. They also include a link to a forum to discuss the issues raised further. These emails come from people the recipient already knows, and the link is to a site that asks them to enter their Outlook account and password before gaining access. When this information is entered, it is captured by the attacker and used to launch more attacks.
What can we do to protect our systems?
From what we know, this attack is being carried out largely against law firms, finance companies, and other large organizations. While this discounts many small businesses, there is a good chance that the attackers will turn to small businesses operating with larger companies at some point.
Because this is an email-based attack, you need to be extra vigilant when opening all emails. Be sure to look at the sender’s address, and read the body of the email carefully. While hackers generally have good English skills, they aren’t fully fluent, which means you will notice small mistakes. Also, keep in mind previous emails sent by the recipient. If the tone and style is off, then the email may be fake.
It is important to always look carefully at all links in email messages. If a link looks suspicious, then ask the recipient for more information or to tell you where the link goes. If you come across any site asking you to enter account information, be extra careful. Look at the URL address in your browser, if it doesn’t sat HTTPS:// before the address, then it may be a good idea to avoid this.
If you have any questions on spear phishing and how you can prevent it, contact us today to see how we can protect your business.
Published with permission from TechAdvisory.org. Source.
|Looking at online backup solutions|
There are many different backup solutions out there available to small and medium sized businesses. While most owners are aware of the fact that any backup solution is important for a Disaster Recovery Plan, it can be tough to pick the right one for your business. One of the most popular is online backup. If you are considering which backup solution to choose then our overview should help you decide.
|5 Tricks to Clean up your Facebook News Feed|
You just got a message from an old friend via Facebook. You log on to view it, and suddenly you’re bombarded with selfies from high school friends you haven’t seen in years and photos of one of your employee’s lunch. Before you know it, you’ve wasted a half hour of your life caught up in the lives of people you rarely speak to. And you still haven’t even gotten to that message from your actual friend. If this frustrating scenario sounds all too familiar, it’s time to take a look at these five tricks to clean up your Facebook News Feed.
|Give productivity a new year boost with Gmail|
For all its benefits in modern communication, we all know how easy it can be to give too much time over to email – and for a small business owner, that is time that could be better spent increasing sales and improving your bottom line. If you feel like a slave to email, 2015 might be the time to shake things up – and these productivity hacks for Gmail will help you do that.
|Social media for business development|
Regardless of the industry in which you operate, it’s undeniable that social media has become an essential platform for many businesses of all sizes to easily engage and interact with customers and potential customers, as well as boost visibility. But there’s more to social media than market reach and penetration and it can prove to be a powerful tool for driving dynamic business development too.