titanadmin - Page 16
by titanadmin | Apr 24, 2014 | Spam Advice, Spam Software, Website Filtering |
If you are a network decision maker, what should be your main focus? Which issues should demand your attention? This post covers five important considerations if you want to protect your critical assets.
The current threat landscape has become very serious
If you work in a large corporation, chances are you will not need to be reminded about the seriousness of the current threat landscape. However, if you work in an SME, the severity of the current situation may not be so apparent. According to the results of the 2012 Verizon Data Breach Investigations Report (DBIR), the main threat of data theft comes not from hackers intent on profiting from selling stolen data, but from hacktivist groups. In 2011, hacktivists were behind 58% of data breaches. Hackers were involved in 81% of all data breaches reported throughout the year.
One of the main issues in 2014 are what Verizon calls “low and slow attacks.” These are authentication attacks, web exploits and social engineering-based attacks. Malware is evolving and carries a much higher risk than when many companies deployed their security systems. The threat landscape is constantly changing and you must stay alert to the changing risks.
Corporate data is one of your biggest assets – Protect data like you protect your financial assets
Company data is incredibly valuable to cybercriminals. Credit card numbers (with expiry dates, holder names and CSCs) sell for up to $6 a set. If hackers obtain several hundred or several thousand, they can make a tidy profit. If Social Security numbers can be obtained, in particular those of minors, they can sell for up to $200 a set, especially if accompanied by medical records. Bank account information is also valuable. Account information can be sold for up to 10% of the balance of the account. As for proprietary company data, to the right person that could be sold for millions of dollars. Data is highly valuable and criminals will attempt to steal it. You must therefore ensure it is appropriately protected.
End users are actually the first line of defense
Firewalls and other systems designed to repel DDoS attacks and stop malware from being installed may be seen as the first line of defense; however, your end users are actually the first line. They are also the weakest link in the security chain, and cybercriminals know it. Many criminals target end users as it is easier to get them to download malware or reveal login credentials than to break through a firewall.
If you want to keep your network secure you must provide training and make end users more security aware. They must be instructed how to identify phishing campaigns, be shown good practices to adopt when surfing the Internet or using email. Social media best practices must also be taught, especially if access to the websites is not blocked.
Application and platform management policies need to be developed
In order to protect networks and connected devices from being infected with malware and viruses, policies must be developed covering the permitted uses of computer equipment, applications, Smartphones and other BYOD devices.
Even some companies that have adopted BYOD have not issued staff members with detailed policies on the allowable uses of their devices in the workplace. SpamTitan recently conducted a research study that showed a third of organizations have not covered the use of messaging and collaboration tools in their corporate policies. Make sure the use of Smartphones, tablets, portable storage devices, collaboration tools, email, Social media, and web 2.0 applications are all covered. This will help to ensure staff do not take unnecessary risks.
Prohibition didn’t work – Neither do blanket bans
Total bans on the use of Smartphones, laptops, social media, or online shopping at work will not prevent end users from bringing their devices to work or using the Internet for personal use. Controls such of these may actually have a negative impact on staff happiness and productivity. Many employers believe the reverse is the case and issue total bans. Controls must be implemented to prevent theft of data, but carefully consider blanket bans. They may sometimes be effective at protecting networks, but they are rarely good for the business.
by titanadmin | Mar 27, 2014 | Spam Advice, Spam News |
The World Cup will take place later this year, and Brazil is now completing the final preparations as the host of this year’s tournament. The World Cup generates huge global interest from football fans as well as those that would not normally watch a soccer game. Criminals take advantage of this and use the hype surrounding the World Cup to launch their scams. We have already seen World Cup spam emails caugh by our spam filters, and a great many more World Cup spam emails will appear over the coming weeks.
There will be many promotional campaigns launched by companies of all sizes. The major global brands invest heavily in World Cup promotions and sponsorship deals, taking advantage of the huge audiences the games attract. It is a great opportunity to get a brand noticed and a great time for scammers to go unnoticed.
It can sometimes be difficult to distinguish scams from real promotional campaigns, although a good gauge is “if it sounds like it is too good to be true, it probably is”.
Some of the scams that have been uncovered so far have been listed below. Be wary of these and other potential scams.
Malware delivery via World Cup spam emails
Email spam is not all about cheap watches and Viagra. Criminals use bulk emails to convince the unsuspecting to divulge their personal information with the aim of committing identity theft. Many websites pose as legitimate sites offering goods for sale. When a credit card is entered, the transaction appears to be processed, but the card details are used by criminals to obtains good of their own.
One of the most common scams involves the sale of cut price match tickets. FIFA sells tickets directly and via a number of authorized retailers, but tickets are in short supply. A stadium may hold 80,000 people, but tickets sell out very quickly.
Tickets are bought by touts and sell for as much as $30,000 including travel and accommodation. Many people are happy to pay this. Unfortunately, they will not get a real ticket. FIFA only releases them for sale in April. Any early purchaser will have fallen for a scam. FIFA has announced that only individuals who buy a ticket through an authorized retailer will be allowed to see the game. Investigations are underway in 130 countries after scams and black market ticket vendors have been discovered.
Perhaps more worrying are the scams that convince people to click on a link to a malicious website containing malware. If the user can be convinced to download a file or take an action online, malware will be delivered to their computer, tablet, or mobile phone.
One of the latest scams informs email recipients that they have won World Cup final tickets. All they need to do is click a link to a website where they are told they can print their tickets. Unfortunately, clicking the link to print will deliver a particularly nasty malware called VBS.Dinihou. This is a worm allows a criminal to download files to their computer without authorization. It also infects any USB drive plugged into the computer.
Brazil is home to one of the world’s largest cybercriminal groups
Russia, Ukraine, China and Vietnam are all known to be home to many cyber-criminal gangs, yet one of the world’s largest is based in Brazil, according to a recent report in The Guardian newspaper.
Many Brazilians are unhappy about the World Cup being hosted in the country due to the huge expense involved in staging such a tournament. The cost is astronomical and many believe that those costs will not be recovered, let alone any profit made. They feel the money should have been spent improving services for locals, not for tourists who will visit over a 4-week period. Cybercriminals have taken up their cause and are disrupting the sale of tickets.
Anonymous has also made announcements that it will be active during the World Cup and may attack FIFA and World Cup sponsors. Banks in Brazil were targeted by Anonymous in 2012, and cybersecurity protections in the country are poor. Many companies will be targeted and will be able to put up little resistance to the attacks.
World Cup fans are also being sent spam and phishing emails. Links to websites containing malware are being sent, along with file attachments containing viruses and malware. Any World Cup spam emails should be treated as suspicious and attachments not opened unless they can be confirmed as genuine. Fall for one of these scams and you could suffer major financial losses, and have your computer infected with a virus or malware. Worse still, the network that your computer connects to could be compromised.
Is malware really so bad? What does malware actually do?
Criminals use malware to achieve a number of aims. Not all criminals want to steal bank account and credit card data. Listed below are some of the common uses of malware.
Financial fraud
Not all criminals are after money, but a large percentage certainly are. If a hacker or cybercriminal is able to gain access to credit card number, the card can be used to make online purchases or fake cards can be created and used until the card is blocked. Bank account details can be used to make transfers. Entire accounts can be emptied before the victim even becomes aware of any losses. Malware is used to log keystrokes, which will reveal online banking credentials and other account logins and passwords.
Identity Theft
Personal information can be used to create fake IDs. With a fake ID, loans, credit cards and store cards can be obtained. With a stolen identity, criminals can run up thousands, or even tens of thousands of debts. In some cases, the losses can be even higher. One girl in the U.S. discovered she was the proud owner of a million-dollar yacht when she turned 18. On paper at least. In reality all she had was the debt. Malware allows files to be downloaded and control of devices to be obtained by hackers. Any data stored on the device, or accessible through it, can be stolen.
Botnets
Even a powerful computer cannot perform the necessary calculations to crack billions of passwords quickly. It would take years for a computer to be used to decode every possible combination of password. However, botnets on thousands of computers make the task much quicker. Botnet infections are also used to send out millions of spam emails. Email spammers do not use their own computers for this.
Data Loss
Sabotage is a common aim and it is often indiscriminate. Many viruses and malware delete or corrupt files, and even wipe entire hard drives. This may not occur immediately. Viruses lay dormant for weeks or months until a set date: Valentine’s Day is common. Kaspersky Labs, one of the AV engines used by SpamTitan, has identified a number of such viruses, including “The Wiper”, “Shamoon”, “Narilam”, “Maya”, “Groovemonitor” and “Dark Seoul”. These will delete data from computers or may wipe the entire hard drive.
How can you protect yourself from viruses, malware and scams?
- Don’t open emails from people you do not know
- Do not visit links contained in emails if you are not sure that they are genuine
- Delete emails containing attachments unless you are sure that they are legitimate
- Use an Anti-Spam solution such as SpamTitan to block spam emails and malware
- Keep AV definitions up to date
Perform software upgrades promptly and install patches as soon as they are released.
by titanadmin | Mar 23, 2014 | Spam Advice, Spam News, Spam Software, Website Filtering |
How long are computer viruses active before they are discovered? A few months? A year? In the case of the Russian Snake Virus, Uroboros, it has been stealing data for 8 years. It has been detected, but that doesn’t mean that the threat is over. The virus will be present on many systems, and will continue to steal data as it is incredibly difficult to detect.
Where did the virus come from?
It has been called the Russian Snake Virus, as many researchers believe the virus was created in Russia. Snake because some believe the Russian government had a hand in its creation. Why? Because of the sophisticated nature of the virus. A malicious program as complex as Uroboros is believed to have required state sponsorship. Foreign governments have been known to create viruses before. China was behind the APT1 virus. Links have been uncovered that tie the virus to the Chinese military. However, so far no link has been proven between the Russian government and Uroboros.
The virus was not created to steal data from individuals. The creators had other loftier aims. The International Business Times reported that the virus was created to steal government secrets and strike at telecoms systems.
The exact targets have not all been announced by the researchers who discovered the virus, but another link to Russia comes from the fact that Ukraine was attacked 14 times by Uroboros. It would appear that the Department of Defense of the United States was also attacked by the Russian Snake Virus in 2010.
The virus is currently being analyzed by UK firm BAE and German company Gdata. As for the level of sophistication, it is reportedly equivalent to Stuxnet. For anyone unaware of Stuxnet, it was developed and used by the U.S. and Israel to destroy Iranian nuclear reactors. It caused them to spin out of control until they were destroyed. Very James Bond, but in this case very real.
Uroboros is a rootkit and hides inside kernel-level processes. Because of this it has remained undetected. Anti-Virus engines do not scan there, allowing it to remain undetected for so long.
The analysis of Uroboros by BAE is secret and, while more is now known, since the virus is part of an ongoing operation few details have been released. The virus is still in operation and may be attacking or monitoring foreign government systems right now. What is known is Uroboros targets a vulnerability in Windows in addition to software running on the Windows platform. The virus has managed to continue working despite new security features being incorporated into the operating system.
How does Uroboros work?
From the information released so far it is known that Uroboros hijacks a running process. It hides inside of processes that are part of Windows so evades detection. Because of this, AV engines do not detect it. The AV software assumes it is part of Windows, and fails to flag the virus or hijacked service as being malicious. The virus is understood to inject DLLs into the running process.
It sends data at the user and kernel level. When a user fires up their browser, the virus launches a GET request and obtains instructions from the hacker’s command and control center. Since hundreds of legitimate requests are usually made, the GET request from the virus remains hidden. The use of HTTP also allows it to bypass firewalls. Uroboros is not always active either. It may be for a short period of time before going to sleep. It is told to do this by the hacker in control of the virus, and may sleep for months if required.
One question that has not been answered is how the Russian Snake Virus infects a computer. According to BAE, Uroboros is installed by a USB plugged into a computer, but it may also be installed via a phishing email. It is known to hack network processes, and monitor and intercept inbound and outbound traffic. It is capable of exfiltrating data and logs and can receive inbound commands.
A security vulnerability in Oracle Virtualbox has been exploited by the virus, allowing access to be gained to the kernel memory. It updates a variable indicating Windows was started in WinPE mode. Unsigned DLL files can then be loaded. These files do not have their owner and integrity verified. The Russian Snake Virus is capable of mounting virtual and physical drives, and different versions exist allowing it to be installed on different operating systems.
How can an attack of this nature be avoided?
Unfortunately, with malicious software such as the Russian Snake Virus it is difficult to totally protect a computer. There are steps that can be taken to reduce the likelihood of infection:
- The virus may be transmitted via phishing and spam emails: Block these using Anti-Spam software
- Issue training on anti-phishing strategies to employees
- Ban the use of all USB drives in your organization
- Keep software systems up to date with patches and, better still, upgrade Windows to the latest version
- Use diskless devices such as Chromebooks as much as possible
- Ensure packet-level inspections read HTTP traffic to look for signals that malware or viruses are communicating with command and control servers
- Data encryption can be used to protect stored data, but unfortunately not the memory
The Russian Snake virus: A risk for everyone or just foreign governments?
At present, the virus is believed to be used to attack foreign governments. Unfortunately, when details are released they can be used to create variants. Non state-sponsored hackers may not have been able to create the virus, but the techniques used to exploit computers and networks can be copied. This may already have occurred.
The next few years may see a number of different versions of the virus discovered, which may be used for many different reasons. Specific data may be targeted and stolen, or systems sabotaged. Only time will tell.
The discovery shows the lengths that some individuals and groups will go to in order to steal data, and why it is essential to implement multi-layered security systems to protect computers and computer networks, and always to use controls to prevent phishing emails from being delivered, and responded to.
by titanadmin | Feb 18, 2014 | Spam News |
The expert researchers at Kaspersky Labs have been hard at work this winter uncovering new malware threats, viruses and malicious code that threatens computers, mobile phones, servers, and corporate networks. However, what has recently been discovered is very worrying indeed. A new and highly malware named the Careto virus.
This is not a run-of-the-mill virus. It is nasty, very sophisticated, and consequently, probably the work of government-backed hackers. The Careto virus came from a previously known location, one that has produced a similar virus not so long ago. Kaspersky discovered the new virus and took rapid action to neutralize the threat.
Kaspersky Labs has already produced a detailed description of their discovery after conducting a detailed forensic analysis. That said, some techniques used to explore the nature of the virus were not particularly sophisticated and could be performed by any IT professional.
Kaspersky used “strings” – a Linux program that can be used to explore executable files – to extract text from the file. What they found was a series of instructions in Spanish, together with the name assigned to the new virus: Careto.
The name “Careto” is colloquial Spanish for “ugly face”, the corresponding name in English being “ugly mug”. It doesn’t translate as disaster, but it might as well do. This virus wreaks havoc.
Hidden inside this virus is a rootkit and a bootkit. The malware is particularly nasty and versatile, containing a Linux version, Mac OS X, and it is presumed it would also work on Android phones and the iOS system. It is very sophisticated in nature, and because of its complexity it has been suggested it is not the work of a bored, skilled teenager coding away in a bedroom. The complexity suggests that a considerable amount of time and effort has been put in to developing the virus. The Careto virus is capable of working on multiple systems at once, which Kaspersky suggests makes it the work of a team of hackers, not one individual.
Kaspersky investigated the Careto virus and started monitoring command-and-control (C&C) servers that were known to be used by hackers. This enabled the researchers to determine that the virus is proving to be effective. It has already infected over 380 computers, with those infections discovered in 31 countries around the world. The Careto virus appears to have been used to target specific organizations, and has been discovered in government organizations around the world, in particular, foreign embassies. Oil companies, gas companies, private equity firms, and research institutions have also been targeted.
The virus is primarily being spread by spear phishing campaigns. The targets have been sent links to fake versions of popular newspapers, including The Washington Post, as well as the Spanish Newspapers, El Pais, El Espectador, Publico and El Mundo.
The link contained in the phishing email has been masked, with users fooled into thinking they are actually visiting the genuine periodicals. The virus has also been discovered to have been used to infect computers via a security vulnerability in Adobe Flash (The 2012 version). Flash is used on a number of (typically older) websites to display advertising and video files.
Users may be wary of double clicking on emailed executable (.exe) files, but what about harmless picture files such as JPEGs. The executable file was found to reside in apparent JPEG files. The names, chef.jpg, waiter.jpg and dinner.jpg having been used to make them appear innocent.
What Does the Careto Virus do?
The types of individuals targeted thus far gives a clue as to what the Careto virus does. Its aim is to collect highly sensitive information, which it does by intercepting all communications channels used on the victims’ computers.
It “listens” in on Skype calls, chat sessions, and records and exfiltrates data from the infected device. Passwords are stolen, and encryption keys, bank account numbers, email addresses, phone numbers, and all manner of sensitive information obtained by hackers. This data is sent to the hackers’ command and control servers, one of which was discovered to reside on one of the IBM-owned Softlayer cloud service provider’s servers.
Unfortunately for the infected, detecting the virus is difficult. This is because it has stealth rootkit capabilities, cyber-espionage modules and other functionalities to help it avoid detection. After discovering and analyzing the virus, Kaspersky was able to track infected computers.
Fortunately, AV definitions have now been updated to spot the Careto virus, which incidentally, is blocked by SpamTitan Anti-spam software. SpanTitan is able to prevent this nasty virus from being delivered to your inbox.
by titanadmin | Feb 12, 2014 | Spam Advice, Spam News |
The Sochi Winter Olympics is a major event in the sporting calendar, and we are looking forward to witnessing the spectacle of winter sports as much as everyone. However, as with any major sporting event, the Winter Olympics has attracted the interest of cyber criminals. Major sporting events tend to see spammers and scammers take advantage of the media frenzy, and Sochi Winter Olympics spam campaigns have already been discovered.
Sochi Winter Olympics Spam Warning Issued by US-CERT
The high threat level has prompted the United States Computer Emergency Response Team (US-CERT) to issue an alert warning of online scams and phishing campaigns, in particular emails with the subject of “Winter Olympics” or “Sochi”. Spammers are aware that these emails are likely to be opened by winter sports enthusiasts.
Sochi Winter Olympics spam emails are expected to be sent in the millions, and phishing campaigns have been devised with attachments related to winter sports schedules, medal winners and alike. It doesn’t stop there. Many emails will contain links to fake websites enticing users to click for up to date Sochi news. However, those links will direct the unwary to sites that are loaded with malware. Clicking the link will result in malware being downloaded to the visitor’s computer or mobile device.
US-CERT says links to unfamiliar websites should be avoided. However, there is worse news for any individual traveling to Russia to view the winter sports spectacle in person. NBC anchor, Brian Williams, recently announced that ”visitors to Russia can expect to be hacked.”
The news report warned of a high risk of cyber-attacks on innocent sports lovers who take internet-enabled devices on their travels. He said cyber-attacks are “Not a matter of if, but when.” Based on the news report, users can all but guarantee they will have their devices hacked, simply by turning them on in Russia.
Visit Russia and you will be hacked?
An NBC reporter, Richard Engel, investigated the risk as part of the report. The NBC test involved turning on a laptop computer and mobile to show how easy it was for hackers to take advantage. Once the devices were turned on and connected to Russian networks, they were attacked in minutes. Engle said, “Before we even finished our coffee the bad actors had hit.” He said that information had been stolen and malware downloaded, and issued a stern warning saying visitors were “entering a minefield the instant they log on to the Internet.”
However, the test was not all it appeared to be. It involved the reporters visiting a fake Olympics website, such as those used by phishers. These websites contain malware and automatically download it to the visitor’s device. The risk appears not to be as high as the report made it sound. According to internet security expert, Robert Graham, the test was conducted on devices that were likely not to even have basic controls to prevent malware from being installed, such as up to date antivirus software.
In fact, internet users in the United States, UK, or any location around the world would be infected by malware by visiting such sites. If the test was conducted from the United States, it would likely produce similar results.
Graham decided to put this to the test, and set out to deliberately get his phone hacked. As it turned out, it was not quite as easy as the reporters suggested. The security features installed on his phone prevented malware from installing. He persevered and disabled the security software installed on his Android Smartphone. He also masked his IP address to make it appear that he was actually in the Russian Federation. After finally finding a virus, he was issued with a warning on his phone, which he had to ignore to finally get his device infected.
That is not to say that internet users – visiting Russia or staying at home – should not be wary. Quite the opposite. It is essential to be security aware, not take unnecessary risks, and implement controls to block Sochi Winter Olympics spam and phishing emails. Basic security controls must be installed on all internet enabled devices to prevent cyber-attacks, and it is essential to be vigilant, avoid unfamiliar links, and not open attachments unless certain of their authenticity.
Whether you visit Russia or stay at home, it would be a wise precaution to use a VPN to access sensitive websites – online banking websites for example. Installing a spam filter will also help to protect against phishing campaigns.
What is a high risk country? These days there are no low risk countries. It is the websites you visit, not the country you live in, that determines the risk of cyber attack!
by titanadmin | Oct 30, 2013 | Spam Advice, Spam News |
If you can be certain of one thing in life apart from death and taxes, it is the impossibility of winning a lottery that you have not bought a ticket for. Surprisingly, some people do fall for scams like these.
Over the past few weeks we have received reports of emails and letters being sent advising the recipients they have almost become a Euro millionaire: Their numbers have been drawn and a prize of €915,810 has been won.
The reason the emails have been sent to people who have not even bought a ticket is because these campaigns are sent randomly. The perpetrators of the campaign do not know who has bought a ticket, but a percentage of lottery ticket holders will receive the email if enough are sent.
A holder of a ticket may respond even if an email address was not provided when buying a ticket. Hope gets the better of common sense sometimes. The thrill of potentially having won over €900,000 helps in this regard.
The Spanish lottery scam nets criminals millions of Euros
A check for this sum is not issued for security reasons. The money can only be claimed by supplying bank information. The lottery company must use a bank transfer to provide the winnings. Sometimes, the lucky winner will have to cover some “administrative costs” in order to receive their prize. A charge of a few Euros is nothing compared to a €915,810 payout. Those charges are often more than just a few Euros, but the money is still paid.
This particular scam, or variants of it, are commonly sent by Nigerian criminal gangs. In the case of the postal version, a Nigerian postmark would be a giveaway. The letters are naturally all emailed from Spain. In fact, Spanish criminals have also started using this type of scam to defraud victims. The Guardia Civil recently took down a large gang of criminals who were running scams of this nature. Millions of Euros were recovered.
If you receive an email telling you that you have won a large sum of money, here are some easy ways to tell if the email is not genuine:
- You did not buy a lottery ticket
- You did not supply an email address
- You have never heard of the company you are asked to contact
- The email contains grammatical errors and spelling mistakes
- You are given a strict, and short, time limit for claiming your prize
- You are asked to supply sensitive information to verify your identity
- You need to pay an administration fee in order to claim your prize
- You are asked to click on a link contained in the email to confirm your identity
We wish you the best of luck. And if you want to win a prize, remember to buy a ticket and check the numbers personally!
by titanadmin | Sep 23, 2013 | Spam News |
Security technologies are some of the most advanced technologies, but security itself must be combined with good business and user practices to work effectively. No matter how advanced and well implemented the technology is, it is only as good as the methods used in using and managing it.
-
Acceptable use policy – what network activities are allowed and which ones are not
To protect employees, customers and suppliers all members of staff should be given a copy of the company’ s policy for acceptable use of IT resources including Internet and email. Often this forms part of the contract of employment. Having an acceptable usage policy in place helps protect the organization from exposure to malware and web threats as well as helping in disputes with employees.
-
E-mail and communications activities
To help minimize problems from e-mails and attachments, informing user behavior is key. Robust email and web security, coupled with appropriate user training and security procedures, are absolutely essential to the protection of corporate data, financial and other electronic assets. Without adequate solutions and controls, cybercriminals can exploit gaps in security defenses and cause serious damage to an organization.
For example:
- On Christmas Eve and again on December 26th, 2012, cybercriminals used malware installed on a local PC at Ascent Builders to transfer $900,000 from the company’s Bank of the West account. The theft was followed shortly after by a major distributed denial-of-service (DDoS) attack on the bank, presumably to conceal the theft of funds.
- In December 2012, cybercriminals added 11 bogus employees to the payroll of Niles Nursing, Inc. by using the company controller’s login credentials. Using ACH payments from Niles’ bank account, the criminals initially transferred $58,000 in funds to these individuals, who were to wire the funds to contacts in Russia and Ukraine. In total, approximately $170,000 was stolen from the firm.
- A study conducted for the UK Cabinet Office found that the loss of intellectual property – much of it the result of malware and other forms of cybercrime – costs British organizations upwards of £9.2 billion annually.
To help protect networks against threats such as viruses, worms, and Trojan horses, companies need to implement anti-virus protection on all company devices – specifying what anti-virus software is installed and what interval they are scheduled to run at. In addition, the anti-virus software and the virus pattern files must be kept up-to-date. Virus-infected computers must be removed from the network until they are verified as virus-free. System Admins are usually responsible for creating procedures that ensure anti-virus software is run at regular intervals and computers are verified as virus-free. Any activities with the intention to create and/or distribute malicious programs into the company (e.g. viruses, worms, Trojan horses, e-mail bombs, etc.) should be clearly stated as prohibited, in accordance with an Acceptable Use Policy. Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.
To help safeguard the network from unauthorized users, current corporate policies surrounding network security often neglect the most critical and weak security component: the human element. An organization’s overall security is only as strong as its weakest link – the user. Environments with disparate sources of identity information have different approaches for organizing user entries, security practices and access control. Internal identity issues can be complicated and need clarifying in a policy format.
-
Password policy, to help employees select strong passwords and protect them
A complex security system won’t matter if a hacker or phisher gets a hold of an employee’s password. If you take a laissez-faire approach to creating and protecting passwords these type of security breaches are more likely to happen. Smart password practices require next to no budget. They don’t need to take up much time either when formalized in a company policy. Password policy is often overlooked, but it’s a very important part of keeping secure in an online world.
-
Encryption policy, to provide guidance on using encryption technology to protect network data
A common scenario occurs when a company with a security policy in place directs the use of encrypted USB storage and distributes these devices to its users. After time it becomes apparent the company is still at risk from a data breach because users continue to use unencrypted USB keys. This company had a security policy in place and they issued encrypted devices yet still there’s a data breach that they must deal with. An encryption policy will not work unless users understand their role in protecting company data. It’s important to have an encryption policy but it’s just as important to have an encryption policy that can be enforced and is easy for the end user to adhere to. The hard part in this process is that it often requires a behavior change, the secret to success is showing employees how they benefit from tighter network security. Cybercrime and phishing attacks most commonly originate with an employee clicking a link to a website hosting malware, opening a file attached to an email that contains malware, or simply just giving up corporate information when asked via a phishing email or website. Such information can then be used as the basis for a sophisticated phishing attack or may be sufficient to get the scammer what they need. There is no silver bullet, but these threats can be mitigated against by training the workforce to identify, prevent, and report such attacks in a timely manner.
by titanadmin | Jul 14, 2013 | Spam Advice, Spam Software, Website Filtering |
Phishing is not a problem that must only be dealt with by consumers. Businesses are being targeted based on the financial organizations they use, according to the latest research conducted by Kaspersky Labs. The Anti-Virus software provider has been investigating the evolution of phishing. The study looked at the attacks that had taken place between May 2012 and April 2013. The survey revealed that phishers are changing tactics, and are attempting to obtain bank account information. If business bank accounts can be obtained, so much the better. They usually contain much more money than personal accounts.
Hackers often target businesses they despise. Their intention is not always to make money but to cause harm. If bank accounts can be obtained they can be sold to cybercriminals. Accounts are plundered, and sometimes businesses go bust as a result. You may not have offended any hackers, but that doesn’t put you in the clear. Some hackers are involved in organized crime and they will not care who they target as long as money can be obtained.
If a bank is targeted and you lose funds, can you sue them?
A bank is attacked and a business loses money from its account. Can a business sue a bank for a cyberattack? Some are now trying.
EMI has filed a lawsuit against Comerica, in which it claims that the financial institution failed to implement appropriate security defenses which directly led to one EMI employee falling for a phishing campaign. An employee was tricked into revealing EMIs bank account details. As a result, over $500,000 was rapidly transferred out of EMIs accounts. Protections were not in place at the bank to stop this.
Unsurprisingly, the bank has claimed that this was the fault of EMI. It is EMIs responsibility to ensure its employees are trained, and do not fall for phishing campaigns. The bank could have done nothing to prevent that employee from falling for the phishing scam. EMI could have taken action though. It is unlikely that the lawsuit will result in the bank having to cover the losses of EMI.
Phishing prevention starts with staff training
If you want to protect your company’s bank balance, and stop phishers making transfers, the first step to take is to provide all staff members with cybersecurity training. One response to a phishing email is all it takes to see a bank account emptied. It therefore makes a great deal of sense to instruct members of staff about phishing emails. In the above case, the provision of such training may have saved $500,000.
The FBI estimates that these schemes, and other cyberattacks, net online criminals around $100 billion a year. These funds are obtained from large corporations and individuals, but small businesses are now being increasingly targeted. They lack the security software used by large corporations and their bank accounts contain more money than consumer accounts.
Unfortunately for SMEs, the same protections are needed as those used by large corporations. Unfortunately, IT budgets are not nearly as large. SMEs must therefore choose the best protections to put in place that will offer the greatest protection for the least outlay. Many do not even employ dedicated cybersecurity staff, so the products they choose must be easy to install, operate and maintain.
To protect against phishing, businesses must concentrate not on protecting their network with firewalls, but protecting end users. They are the ones who will be targeted by a phishing attack.
There are two methods that can be used in this regard (apart from staff training): The use of a spam filter to prevent phishing emails from being delivered, and a web filter to stop users visiting phishing websites.
The number of phishing attacks has increased significantly over the course of the past year. Because the tactic is proving to be so profitable, 2013 and 2014 are likely to see even more attacks take place. Any business that fails to take action to address the risk is likely to become a victim. Maybe not today, maybe not tomorrow, but soon.
by titanadmin | Mar 10, 2013 | Spam News |
Cyber criminals often take advantage of major news stories to launch new spam and phishing campaigns. Email subject lines containing news headlines are more likely to be opened by email users. A percentage of individuals who open the emails will click on the links contained in those emails or open the attachments.
One of the latest email scams uses the death of Hugo Chavez to get users to open spam and phishing emails. Unfortunately, curious individuals are likely to end up compromising their computer, and even the network to which it connects.
The latest spam campaign takes advantage of users’ curiosity with a good old conspiracy theory. In this case, the theory is that the FBI or CIA were behind the death of Venezuelan president, Hugo Chavez.
Researchers at Kaspersky Labs intercepted one of these spam emails and investigated. The email directed users to a website containing malicious software. Visiting the link would result in the user’s device being infected using the BlackHole 2.0 exploit pack. This would happen without the users’ knowledge. In this case, the malware was widely known. According to Kaspersky Labs, when the link was clicked “The payload dropped was not disclosed; however, 8/46 antivirus programs were able to detect the exploit code.”
The Aim of Many Spam Emails is to Infect Devices with Malware
Kaspersky Labs AV engine is used by SpamTitan to detect emails containing malware or malicious links. The anti-virus giant keeps its virus definitions database up to date and checks for the signatures of the latest malware and viruses to be discovered. The company has already identified a number of Hugo Chavez email scams doing the rounds, all of which have the purpose of delivering malware to unsuspecting email users.
The emails take advantage of people’s curiosity and direct users either to fake websites or genuine websites that have been hijacked and loaded with malware. Oftentimes the emails contain attachments containing malicious code. Opening those attachments will similarly result in users’ systems being compromised.
The latest emails are nothing new. Spammers and hackers often take advantage of major news events to get their malicious emails opened. Major sporting events, celebrity news, weddings, deaths, elections and natural disasters usually spawn a wave of new spam emails. Cyber criminals are devising ever more complex campaigns to fool users into installing malware or revealing their sensitive information.
Unfortunately, the problem is likely to get worse. As long as it proves profitable to send these spam email campaigns and phish for information, there will be criminals who are more than happy to commit time to developing the campaigns.
Fortunately, it is possible to lower the risk of becoming a victim of the spammers by following some simple rules and being vigilant.
Guidelines to Avoid Becoming a Victim of a Phishing Attack
- If you don’t know the sender of the email, don’t open it. Mark it as junk or delete it
- Never open an attachment sent by someone you do not know
- Never click on a link in an email unless you are sure it is genuine
- Never unsubscribe from an email newsletter or service that you have not subscribed to – Doing so will just confirm to hackers that your email address is valid. This will likely see you targeted by even more spammers
- If you receive a special offer that you are interested in, visit the website of the vendor directly to check the validity of the offer. DO NOT use the link contained in the email
- Ensure your anti-virus and anti-malware definitions are up to date
- Develop a culture of security awareness in your organization – The majority of security breaches come as a result of employees falling for a phishing campaign or responding to spam emails
- Install a robust spam filter to prevent spam from ever reaching inboxes
- Use web filtering to prevent users from visiting known malware and phishing websites
by titanadmin | Jan 22, 2013 | Spam Advice, Website Filtering |
Being forewarned is being forearmed, which is why SpamTitan has issued five network and email security predictions for 2013. Over the course of the next 12 months, mobile applications and social media networks are likely to have a major impact on businesses, especially small to medium-sized enterprises. However, both have potential to introduce new security risks. These will need to be addressed.
Last year the volume of cyberattacks increased, as did the variety of new malware identified. More sophisticated cyberattacks were conducted in 2013 than in previous years, and they have proven to be even more damaging.
Last year was difficult for IT security professionals. Unfortunately, the coming year is unlikely to be any easier. If you want to keep your network secure and your data protected, a considerable effort will be required over the next 12 months!
SpamTitan Network and Email Security Predictions for 2013
1. Social media monitoring will become essential to keep networks secure and staff productive
The popularity of social media websites is growing, and people are now spending an extraordinary amount of time connecting with people online, sending messages, reading and writing posts, uploading photographs, friending and poking. People crave interaction so this should be no surprise. With even more social media sites to choose from, and the use of the sites now ingrained, employees will want to use the sites more frequently at work. It is up to employers to harness the power of social media and prevent abuse.
Managers who have yet to tackle the issue of social media website use at work will need to take action in 2013. Whether it is implementing a ban or policies covering usage, the issue will not be able to be ignored any more. Since employees will use the sites even if a ban is implemented, we expect more companies to start adopting ways to curb usage, as well as taking action to address the network security risks the sites pose.
2. BYOD is here to stay and the trend will continue
BYOD is driven by employees, not by employers. Employees want to bring their own devices to work, and employers can reap the benefits. The problem that must be addressed is how to manage the considerable security risks. Many companies will decide the risks posed by the devices outweigh the benefits, and many will look to harness the power of web tools and cloud based applications.
We expect security polices will need to be put in place by organizations in 2013. Employees who are permitted to bring their own devices to work are likely to have more restrictions put in place on the use of those devices. Additional security measures to enforce policies will also be installed.
3. Cybercriminals will start to use social media as the main way of profiling targets
As the use of social media networks grows and consumers spend more time on the sites, cybercriminals will start to use the websites as a way of identifying and profiling their targets for spear phishing campaigns. Malware attacks via Facebook and other social media platforms are also likely to increase over the next 12 months. Criminals will also become more skilled at using social media networks to obtain the information necessary to defraud their targets.
Email spam volumes should continue to fall as criminals find it harder to profit from spamming campaigns. The past 2-3 years have seen spam volume decline and this is likely to continue in 2013. 3 years ago, the volume of spam emails stood at around 90% of all emails sent. Now the figure is around 70%. We expect the total to fall to around 60% this year.
4. Phishing attacks will primarily be conducted via social media websites
Phishing campaigns have been found to be highly effective on Facebook and Twitter. These two social media platforms were the most popular with phishers last year, and that is likely to continue in 2013. Social media campaigns can be conducted rapidly, and require little outlay. As the threat grows, we expect organizations to take action and implement defenses to reduce the risk of their employees falling for phishing schemes. They will be given little choice if they want to keep their networks protected.
5. Market consolidation to continue and businesses will increasingly consider alternative solution providers
The information security industry is likely to see even more market consolidation in 2013. Smaller companies will merge, with numerous takeovers expected. Last year, Trustwave bought out M86 Security, and Eleven GmbH was acquired by Commtouch.
However, end user businesses should find they can stay competitive if they concentrate on niche products. Specialist products will continue to be developed and fine-tuned, offering consumers more powerful security solutions for specific areas of network security.
Do you agree with our network and email security predictions for 2013? We expect, as an IT professional, you will have your own security predictions for 2013. What do you think the next 12 months have in store for IT security pro’s?
by titanadmin | Nov 25, 2012 | Spam News |
Cyber Monday is one of the busiest online shopping days of the year, in fact the four days from Black Friday to Cyber Monday see huge volumes of people head online rather than travel to the shops.
This period is the busiest time of year for online shopping, with millions of shoppers going online to buy presents for Christmas. Over $1.5 billion is expected to be spent online on this single day, according to figures from ComScore. That represents a 20% increase in spending year on year. Ever since 2005 – the first Cyber Monday – online criminals have taken advantage of the unsuspecting. This frenetic period of shopping sees many internet surfers and bargain hunters let their guard down.
There are bargains galore, huge discounts to be had and a small fortune can be saved. However, it is a time when users and businesses need to be particularly vigilant. Financial ruin awaits the unwary. Spammers, scammers, phishers and other cyber criminals are very active during this four-day period and are waiting to take advantage of Internet users that do not take precautions.
Retailers do tend to concentrate efforts on Cyber Monday, but that is not to say that the remaining days in the run up to Christmas will not be busy. Cyber Monday is just the start of a long spell of intensive online shopping. Cyber criminals are aware of this. Individuals failing to take care could well become victims of fraud and identity theft. A high percentage of victims are created during the period from Black Friday to Christmas Eve.
A cybercrime report issued earlier this year suggests that 431 million adult victims have become victims of cyber crime in the past 12 months. The global losses from online criminal activity have now reached an incredible $114 billion a year.
Shopping Frenzy Sees Basic Email Security Measures Forgotten
Cyber Monday is not a holiday. It is just a particularly busy day for online shoppers. Since people are at work, the time available for online browsing is therefore limited. Time pressures combined with amazing bargains is only a good mix for online scammers. They take advantage of lapses in security precautions that inevitably occur when shoppers are concentrating on special offers and discounts.
Scammers use this time of year to send huge volumes of spam emails containing links to exclusive deals and special offers. Email attachments are commonly sent containing vouchers providing even greater savings. This is not just a problem for shopping addicts. Employers face an elevated threat of having their networks compromised during this busy period. According to recent research, 80% of all online shopping occurs during working hours, with employees sneaking online while at the office.
Employers must therefore ensure that their employees are not taking unacceptable risks that could compromise their computers and networks. Should malware be downloaded, or phishing links clicked, the consequences could prove to be catastrophic.
Should Access to Shopping Sites Be Banned at Work?
Human resource consulting firm, Robert Half Technology, recently conducted a survey that showed CIOs do not typically block access to internet shopping sites from the workplace. 77% of CIOs allowed fairly free access to the internet from work, with only 23% of CIOs banning online shopping. However, that said, internet access is closely monitored and action taken against employees found to be excessively surfing and shopping from work computers.
By permitting casual internet surfing and online shopping at work, CIOs are allowing employees to potentially engage in risky behavior. Many choose to reduce the risk of users visiting phishing sites by restricting access to the internet to secure websites only. This is often achieved by implementing a web filtering solution, which prevents employees from visiting specific websites or certain types of websites.
This is arguably one of the best methods of protecting business networks, without placing too many restrictions on the staff. Internet access can be allowed, which leads to happier staff, yet networks can be protected from phishing websites, viruses and malware.
The use of anti-spam filters will similarly prevent spam emails from being delivered to inboxes, further reducing the risk of employees clicking on links and opening attachments that could compromise a network. If these email security measures are employed and security awareness training is provided, the Black Friday to Cyber Monday period can be enjoyed safely. Many data security headaches will also be prevented.
by titanadmin | Nov 5, 2012 | Spam Advice, Spam News, Spam Software |
Halloween has been and gone, and with it the threat from Halloween-related spam and phishing campaigns. Unfortunately, the ghoulish behavior of cybercriminals will not stop. They will just work on Thanksgiving-related scams, or target the millions of online shoppers on Black Friday, Cyber Monday and Free Shipping Day. They will also be preparing for Christmas, which is another excellent time to target the unwary and gullible. All of these holiday times see millions of spam emails sent, new phishing campaigns developed, and many old ones dusted off and used again. Internet users must therefore always be constantly vigilant for the next cyberattack or scam.
Internet security risks increase in the run up to Christmas
Employees lead busy lives and often do not find the time to do all of their Christmas shopping at home. Some do not have home computers so are unable to access the Internet outside office hours. Many just prefer to keep their free time free, and be paid by their employers to do their Christmas shopping.
Unfortunately, those employees are taking big risks that could seriously jeopardize the security of their corporate computer systems, according to the Information Systems Audit and Control Association. This risk naturally increases at times of the year when internet shopping increases.
The risk has also increased in recent years with the rise in popularity of BYOD. More devices are being used to access networks, many of which do not have the level of security of the desktop computers supplied by employers and configured by IT departments. These devices make it much easier for employees to bypass security and spam protection controls.
The bad news is the risk is not going to decrease. As more users take part on BYOD, and even more devices are allowed to connect to corporate networks, the risk of suffering network security breaches will also increase.
Many companies find the number of employees using computers for personal use, especially in the run up to Christmas, has reached a level where it is simply not possible to take action against each employee. The threshold for disciplinary action has had to be increased. Others target this by taking a much harder line, due to the amount of time that is being wasted by employees. HR departments are then run ragged.
It is no surprise that many employers opt for an easy solution and implement a web filter to block access to certain internet sites. The burden is eased on HR staff and employees waste less time and become more productive. They are also used to cut back on other time wasting activities, such as accessing social media sites and playing online games.
A web filtering solution, such as WebTitan, can be invaluable at this time of year. It will reduce risk to network security and improve productivity; however, risk cannot be totally eliminated especially with the volume of email spam campaigns and Christmas-related scams seen at this time of year.
Holiday season scams that threaten network security
The usual suspects come out at this time of year but, after 10 months’ “holiday” from Christmas scam emails, it is useful to remind employees of the spam and phishing emails that do the rounds at this time of year.
‘Must Have’ Gift Scams
Every year there are some gifts that every child wants. They are in short supply and usually sell out well before Christmas. Be late buying Christmas gifts and your child will have to make do with second best. UNLESS…… someone has a spare one or some excess stock. You will find offers of the latest gadgets or hot new products flood inboxes. Links take users to shopping websites that have just one or two left. A purchase is made and the gift is mailed. Unfortunately, many of these websites are fake, and all that happens is a credit card number is divulged to a criminal.
Christmas Phishing Scams
The run up to Christmas is a busy time and short cuts are taken by employees who are under pressure or daydreaming about roast turkey. People are less cautious and take more security risks. They forget to check that a website has a valid SSL Certificate or shows a padlock next to the URL. People are more likely to click on links to malicious websites and, when full of Christmas spirit, Christmas-related social media posts are visited more frequently. Users tend to reveal personal information at this time of year. A post asks you to create your Elf name by using the name of your first pet and the street where you grew up. Users unfortunately divulge the answers to their online banking security questions all too easily.
Fake Special Offers and Competitions
Everyone would like a free Christmas gift, and scammers know it is easy to obtain sensitive information via fake competitions if there is a cool prize on offer. It is a time to be very cautious about surveys or competitions that ask for personal information. Facebook is one of the preferred websites to launch a fake contest, and it is surprising how much personal information is disclosed. Once personal information has been divulged, an email often arrives offering a prize. Just a few more data fields need to be entered to claim the top prize. That prize is identity theft, not a shopping voucher or an Xbox.
How to avoid these Christmas scams
Vigilance is key. Employers must be particularly careful that their staff members do not fall for these scams. It is a great time for refresher training to be conducted or for an email bulletin to be sent. Be sure to warn the staff of the following:
- Never to click on a link contained in an email unless they are 100% sure of the identity of the sender
- Never open an attachment in an email from someone they don’t know
- Change passwords and make sure they are impossible to guess
- Be very careful about divulging sensitive information to anyone
- Social media websites contain many scams. Make employees aware of scam competitions or surveys that request personal information
- Be careful about installing mobile apps – they may not be as harmless as they appear
- Password protect Smartphones and use a lock screen – if stolen, criminals will not be able to access online accounts and company data
Stop and think before clicking any link, visiting a website or opening an email – Could it be a scam or phishing attempt?
by titanadmin | Oct 7, 2012 | Spam Software |
The SC Magazine Awards 2013 will soon be announced. Each year the periodical assesses the best IT security products and issues awards to the companies supplying the best, most innovative, and effective security products. Competition is fierce in the industry, and many companies have released new products this year. Others have released new versions of security products with even better protection.
This year SpamTitan Technologies has been selected and named as a finalist in the best Anti-Malware category. The provider of Anti-Spam and web filtering security products is one of the leading providers of security products that protect organizations from email and web borne threats.
SpamTitan Technologies Anti-Spam solutions incorporate dual AV protection; using the anti-virus engines of two leading providers – Bitdefender and Clam Anti-Virus. The spam-busting software conducts a heuristic scan analysis offering excellent protection. Potentially harmful and suspicious emails are caught in its spam filter and are quarantined rather than being delivered to end users’ email inboxes. The software has been shown to trap spam emails before patterns have even been identified, and even provides a zero-hour response to new email threats.
The inclusion in the best Anti-Malware category is the result of the hard work by the entire team at SpamTitan Technologies. A considerable amount of research and development has gone into the latest version of the spam-fighting software. The new version is even better, more efficient, and more effective than ever before.
The Readers Trust Anti-Malware finalists will be assessed by a panel of readers who have volunteered their time to vote for the best products on offer. These individuals have a high level of skill and will use their expertise in the area of IT security to determine which product will be voted the best Anti-Malware product of the year. The panel of judges have come from a wide range of organizations of all sizes and from all major market verticals.
The results of the final vote are eagerly awaited by all participants. The annual awards can be used as a guide to the best Anti-Malware, Anti-Virus and IT security products to install to protect users and computer networks from attack.
Have you tried SpamTitan’s Anti-Malware solution? Are you happy with the software and the catch rates?
If so, register your vote for the SC Magazine Awards 2013 today!
by titanadmin | Oct 3, 2012 | Spam Advice, Spam Software |
Cybercriminals are intent on breaking through security defenses to gain access to corporate databases. Once access has been gained, they steal data to sell on to other criminals to use for fraud and identity theft. There are some exceptionally talented individuals out there who are doing this, but there are many less talented individuals as well who are doing the same. In fact, there are individuals with next to no talent or skill who are doing who are making big money because it is so easy.
It doesn’t actually take a genius to steal data from companies, even when robust security measures are put in place. That is because massive security holes are left unplugged. The door is being left open, and cybercriminals are just walking through it.
To prevent major data breaches and cyberattacks it is essential to make hard for cybercriminals. If it is hard, they are likely to look for easier targets. There are plenty out there, you must just make sure you are not one of them. It is much easier for them to take the path of least resistance or, in many cases, they take the path of no resistance. Some companies make it ridiculously easy for hackers and criminals to steal their data.
How easy is it? The global information group Experian took a close look by conducting its “life in a box” experiment. That study produced some very interesting results. First of all, the study quantified the extent of the current problem.
Between the start of January and the end of June 2012, a period of only 6 months, 19.7 million pieces of information were illegally traded online. To put that figure into context, 19.04 million pieces of information were traded in 2011. That’s the whole of 2011, BTW, not just the first 6 months.
The Life in a Box Experiment
Meet Steve. He knows his stuff. He is a typical web user who is quite knowledgeable on security matters. He takes precautions when using the internet, holds down a normal job and pays his taxes. He is also in a hurry most of the time because he has a lot to get done. Consequently, he makes some mistakes. Basic security errors, even though he believes he is quite security conscious.
Steve was presented with a few challenges for the study. These online tasks were set to find out just how easy he was making it for criminals to steal his personal data. During the study, this reasonably security conscious guy made three fundamental security mistakes.
- He was found to be sharing his passwords across a number of different online accounts
- He did not bother to check that a website was secure (had a padlock next to the URL) before disclosing personal information
- He did not update his web browser to the latest version when a security update or critical patch was released
Steve had set up 8 temporary email addresses during the study. It took only 5 hours for all 8 to be hijacked. His data were actually in the hands of criminals in multiple countries around the world within 5 minutes of the study commencing. Mr. “Reasonably Security Conscious” was not making it difficult for cybercriminals at all. Most of his fellow employees would have performed equally badly, and many a whole lot worse.
A vast amount of personal data is uploaded to the Internet
An incredible amount of data about individuals’ lives are uploaded to the Internet. Names, dates of birth, passwords, usernames, answers to security questions, bank account details, Social Security numbers, credit card numbers, medical information, consumer information, likes and dislikes. The list goes on and on.
If you are a little sloppy and are not particularly security aware, this information can easily be accessed by criminals. With just a little information it is possible to commit identity theft. Criminals use that information to create or obtain fake IDs that can be used to obtain further proof of identity. Then credit cards, loans, prescriptions, medical services and much more can be obtained. Bad security habits at work can see employers’ systems compromised and corporate bank accounts plundered.
There has never been an easier time to get into online crime
Personal information can be obtained using a number of very straightforward techniques. It is not necessary to be a hacker to do this. Any would-be criminal could pay to use an exploit kit and even be instructed how to use it. Phishing campaigns can be easily launched, social engineering scams developed, viruses and malware sent via email, and malicious code loaded onto pages and adverts on social media networks.
As long as web users continue to make it easy for criminals to take advantage, there will not be a shortage of individuals willing to try to defraud them. It may not be possible to prevent all cyberattacks but it is possible to make sure that only the most skilled and creative cybercriminals will have a chance of success.
Security awareness must improve in order to prevent corporate cyberattacks
Unfortunately, even with excellent security defenses installed, the sloppy security habits of employees can result in networks being compromised. All it takes is for an employee to respond to a phishing campaign, visit a website containing malicious code, install malware by mistake, or hand over sensitive information to a scammer and the door can be opened.
The Life in a Box study shows just how easy some people are making it for cybercriminals to take advantage. You can tell employees to only use websites that have a SSL certificate in place, or to look for a padlock next to the URL before disclosing personal or company information, but they will continue to make basic security errors.
They must be instructed on the risks, trained how to avoid risky behavior, and told about the methods cyber criminals use to obtain data, steal identities, and break through corporate cybersecurity defenses. They do not need to be turned into IT security experts, they just need to be taught how to act responsibly online.
You also need to put additional security defenses in place because everyone will make mistakes from time to time. You need to make it harder for cybercriminals to take advantage, and you need to reduce the number of times your employee’s security skills are put to the test. A Spam filter is a good place to start, and a web filter is also wise protection. Alongside security training, your network will be much better protected from attack.
by titanadmin | Aug 30, 2012 | Spam News |
The news that Google will pull the plug on Postini spam filtering software may not come as a shock to the 26 million businesses and consumers who use the product to keep their inboxes clear of email spam. There have been rumors circulating for a while now about the Postini Anti-Spam pull out. However, now it is time to actually start looking for an alternative email spam filtering provider, as the rumor has been confirmed as being true.
Google is attempting to move all Postini customers over to Google Apps, which the search engine giant hopes will be a smooth process. Not all Postini customers will welcome the move. For them, they will need to put effort into assessing the alternative spam filtering to Postini and will need to choose another vendor.
Google Apps may offer email security solutions but there are drawbacks, the main one relating to privacy. Google does like to know everything about its customers and many organizations are unhappy about giving Google so much information about them and their business.
A new Anti-Spam solution is critical
Since email spam filtering is a critical business system, there cannot be a gap between the termination of the Postini service and the implementation of a new spam filter. Due to the volume of spam emails now being sent, inboxes are likely to be swamped with spam the second the Postini service expires. Spammers are likely to seize the opportunity and send out even more emails hoping to capitalize on the gap in service that many companies may experience.
Changing provider is a pain. Small enterprises are typically short staffed and switching any service provider means a lot more work needs to be done. When staff are already stretched and overworked, the time needed to assess new service providers and install and test a new Anti-Spam system must be found from somewhere.
It doesn’t take a long time to change an MX record, but changes allow errors to creep in. If a period is entered in the wrong place it could result in the email system grinding to a halt. Email crashes can take a long time to resolve.
Postini’s exit from the email filtering market may not be a shock, but Webroot customers are likely to have one. They too will have to find a new Anti-Spam service provider. It would appear that by the end of 2013, Webroot will also be pulling the plug on its anti-spam products.
SpamTitan is the natural choice for soon to be ex-customers of Webroot and Postini
SpamTitan email filtering solutions are an ideal alternative for Webroot and Postini customers. SpamTitan is an up and coming company that is growing at an impressive rate. The company has now topped the honors list in recent industry awards – SpamTitan has just been voted the Number 1 Anti-Spam solution in July’s Virus Bulletin Test – and in addition to an impressive catch rate and low false positive rate, its anti-spam solutions represent excellent value for money.
SpamTitan advantages
Businesses located in over 100 countries around the world have adopted SpamTitan as their preferred Anti-Spam solution. The company’s products are highly effective at blocking spam email, with SpamTitan filters preventing 99.97% of spam emails from being delivered thanks to the powerful dual AV engines at the heart of the software. Tests have shown a false positive rate of virtually 0%, and additional protection is also provided by an anti-phishing module.
Summary of benefits of SpamTitan Anti-Spam solutions
- Catch rate of over 99.97% – Fewer spam emails will be delivered
- Virtually 0% false positive rate – Genuine emails will not be caught in its filter
- Dual AV engines employed– Bitdefender and Clam Anti-Virus stop more spam
- Anti-phishing capability – Anti-phishing protection to prevent malware infections
- Multiple deployment choices – Choose from ISO, SpamTitan on Demand, and VMware
- Competitive prices offer cost savings over competitors
- Seamless migration from existing Anti-Spam service providers
- Excellent customer service
For further information on migration, pricing, and implementation timescales, just give the SpamTitan team a call.
by titanadmin | Jun 26, 2012 | Spam Software |
If you have a Facebook account and follow the news, you are likely to already have heard of a new Facebook chat phishing scam that has been devised by online criminals in an effort to get you to part with your credit card information.
It is no surprise that another Facebook chat phishing scam has been uncovered, but what is particularly interesting is the amount of effort that has gone into the latest scam. The latest Facebook chat phishing campaign shows how sophisticated the campaigns are becoming, and how easy it is to fall for one of these scams.
Convincing Facebook Chat Phishing Scam Uncovered
The criminals behind the latest Facebook phishing scam are trying to obtain a considerable amount of data and, if successful, will obtain credit card numbers, expiry dates, CSC codes and login names and passwords. The scam was discovered by Kaspersky Labs, and it operates via the Facebook chat function. Phishing is more commonly associated with randomly sent spam emails, targeted emails, and malicious websites, yet the techniques work equally well on social media websites. Perhaps even better.
In this case, the Facebook chat phishing scam is not just convincing, it is scarily good. The scammers compromise a Facebook account, and alter the account name to ‘Facebook security’. They then use the chat function to send a message to the entire contact list of that person, warning them that their account has been compromised. If login details are not confirmed, their account will be shut down. Since the message comes from “Facebook Security”, it appears legitimate.
The message also contains a link that must be used to confirm the account details. Clicking on that link will direct the soon to be victim to a mock up Facebook site that looks reasonably legitimate. The victim then enters their login credentials to access that site and, by doing so, gives the scammer access to their entire account, including their contact list. In this case that is not all. The fake website then asks the user to confirm their email password, compromising that account as well. Since users often share passwords among many different online sites, other accounts could all to easily also be compromised as well. Kaspersky Labs has also reported that this Facebook chat phishing scam then requires users to make a payment, for which they will need to divulge their credit or debit card number, expiry date and CSC code.
Of course, this last step should get alarm bells ringing, as Facebook does not charge users for the service it provides. However, many will fall for this scam out of fear of loss of their account. Sometimes, reason flies out the window and only after information has been divulged do users wonder if they may have been scammed. Even if credit cards are not provided, the scammers will have access to contact lists to try the scam on others
This scam is complex, but it relies on the user falling for the initial Facebook security message. However, it is important to remember that Facebook or any other reputable company, will not ask for a credit card (plus expiry date and CSC code) to verify identity. You should also bear in mind, that it is not in Facebook’s interests to shut down your account, and highly unlikely that they would do so and prevent you from gaining access to it again.
Be Wary Online – Criminals are Devising Ever More Complex Ways of Obtaining your Data
Phishing is used by online criminals to obtain your data, and the campaigns take advantage of technical and social vulnerabilities. The situation is only likely to get worse, yet even with the current high risk of attack, not everyone is implementing measures to protect themselves, in fact many are leaving themselves wide open to identity theft and fraud. All it takes is one successful phishing scam and everything can be lost. For businesses the problem is just as bad. Fraud and network damage can be considerable, and in many cases catastrophic.
Unfortunately for businesses, all it takes is for one employee to fall for a phishing scam and a network can be compromised, and that can come from a Facebook chat phishing scam just as easily as a bogus email attachment. Once access to a PC has been gained, a network can be accessed and sabotaged, or data and corporate secrets can be stolen.
It is therefore vital for companies to take precautions. Training staff about phishing avoidance is advisable, and continued training essential, but to reduce the risk of employees’ phishing identification skills being put to the test, it is worthwhile installing powerful web filtering software as well as email security software.
by titanadmin | Jun 20, 2012 | Spam News, Website Filtering |
Ransomware is all the rage these days. Employees are fooled into downloading malware onto work computers, and hackers lock company data with powerful encryption software. Once encrypted, the data can only be accessed by using a security key. Unfortunately, they are all held by the hackers and will not be released unless a ransom is paid. Agree to pay the ransom and the data will be unencrypted. There is no guarantee that this will happen of course, but companies are often given no choice.
Ransoms are also demanded following the theft of corporate data. The criminals responsible are not looking to use the data personally. They just want a quick and easy payout. AmeriCash Advance, a well-known U.S. Pay Day loan provider, was recently attacked and had customer data stolen by a hacking group called Rex Mundi.
The group asked for a ransom to be paid, but AmeriCash refused to give in to the demand for $15,000. The company had been warned that if it didn’t pay up the stolen data would be posted online. Loan applicants and the company’s customers would then have their financial information sent out via Twitter and social media networks. This would place those individuals at a high risk of suffering fraud, having their identities stolen, or being targeted by phishers and scammers. That would likely result in customers taking their business elsewhere.
The refusal to pay means that is likely to now happen. Previous applicants for loans and AmeriCash customers must therefore be on their guard.
How much risk do victims face?
The level of risk depends on the data that have been stolen. If credit card numbers, full bank account information, Social Security numbers and account logins have been compromised, the risk of identity theft and fraud being suffered will be very high.
Any individual affected would need to put a credit freeze on their accounts, register for credit monitoring services and be extremely careful responding to emails and divulging any information. In the case of the latest attack, individuals had the last four digits of their Social Security numbers exposed, the amount of money they requested or had had loaned, and their names and email addresses. In this case only a small quantity of data was stolen and, although customers are still at risk, it could have been a whole lot worse.
Any person in possession of the data is unlikely to be able to steal the identities of the victims without obtaining further information. The first 5 digits of the Social Security number for example along with a date of birth. Criminals who have purchased data will likely attempt to obtain the further details they need. For that they will use phishing scams. These aim to fool users into revealing sensitive information and the campaigns can be very convincing.
What can be done to reduce risk following a successful cyberattack?
According to a report on CNet, AmeriCash did what all companies should to. The company made sure that its systems were secured to prevent further attacks. The relevant authorities were contacted and law enforcement agencies were notified.
Customers also needed to be advised that their data have been compromised and warned of the risk of phishing campaigns. That process was also performed.
Offering affected individuals free credit monitoring and identity theft resolution services can help reduce fallout. Some state laws demand that this is offered if Personally Identifiable Information (PII) or Protected Health Information (PHI) is exposed.
It is also wise to increase security measures to prevent future attacks. Web filtering solutions and anti-spam protection can reduce the risk of suffering data breaches. It can also prevent employees from falling for phishing campaigns that give hacking groups the information needed to gain access to corporate networks.
by titanadmin | Jun 12, 2012 | Spam Advice, Spam Software, Website Filtering |
The European Football Championships are almost upon us, which is fantastic news for football (soccer) fans, but terrible news haters of ‘The Beautiful Game’. It is also something of a nightmare for employers.
It is easier to manage than the World Cup of course. There are only a very limited number of time zones across Europe, so no matter where the games are played, most kick-off times are outside of normal business hours. Unfortunately, standard business hours are becoming a thing of the past for many workers and not all qualifying games are played in the evening. Many employees will face a dilemma. Watch the game at work and risk the ire of an employer, or miss out on some live football action. A great many will choose the former and will use streaming websites to see the games live.
IT security risks are introduced during major sporting events
Major sporting tournaments have a knock on effect on productivity, but that is actually a relatively minor issue compared to the increased network security threat that comes from sports streaming websites. Streaming websites breach copyright laws. The owners of websites showing live sports games run a risk of arrest, heavy fines and even prison terms for their deeds. They must therefore make enough money to make it worthwhile.
To do this they show adverts on their sites. However, few people click on standard adverts. They go on the sites to watch sports, not click on links. The site owners therefore have to be sneaky. They make it hard for the adverts to be closed. The put multiple X’s in the adverts, which launch pop ups. This means that your standard football addict will end up clicking on multiple adverts in an attempt to close them.
Cyber criminals are well aware of the tactics used by the site owners, and know that ad’s will be clicked by everyone using the sites. If they are able to get their adverts on ad networks, getting visitors to their malicious websites could not be easier. That means more individuals will inadvertently download their malware, more computers will be infected, and they will make more money.
So are the European Football Championships all bad news for employers?
The European Football Championships mean owners of streaming websites will make money, it’s a win for cyber criminals and hackers, and great for Football fans. Employers don’t fare too well, and neither to IT security professionals. Bandwidth is chewed up by employees streaming games, the malware risk increases and it is a potentially unproductive time for a few weeks.
That said, it’s not all bad for employers. Research conducted by Robert Half Technologies shows that there are positives. In a poll of HR directors, 44% thought that the European Football Championships would actually have a positive impact on morale and employees would be more motivated. This happened during the Olympics. IT professionals were not so complimentary about the benefits. In fact, 57% will be banning access at work due to the high network security risk and bandwidth issues.
A ban can be implemented easily. All it takes is an email, or a mention in a staff meeting. But how can the ban be enforced?
How can you block streaming websites, control Internet usage at work, and manage risk?
There are many ways to block website access, but it can be time consuming to set up. It is also hard to block access to ALL websites used for streaming. These often change or are shut down and new ones opened. Blanket bans can result in legitimate websites being blocked, and setting rules on individual browsers is just not an option. It is far too time consuming, and too easy for users to change their own settings to allow temporary access.
The best solution is to use web filtering software. This allows internet usage to be centrally controlled by a system administrator. You could even block all games apart from those involving those played by your home country. It really is very simple to have that level of control (if you have the right web filter installed).
SpamTitan Technologies web filtering solutions have highly granular controls, which will allow you to:
- Block websites by domain, category, URL pattern, or content
- Prevent users from downloading certain file types
- Block or permit certain websites for specific groups or individuals
- Set restrictions based on time-frames – i.e. allowing workers to stay after work to watch games, but block access during working hours for groups or individuals
- Prevent end users from visiting links to malicious websites
- Block malicious adverts from being displayed
- Blocking all streaming services, including music and video
- Block online gaming websites
- Compile reports to see who is trying to access banned sites.
Add a SpamTitan Technologies Anti-Spam solution and you can also block the barrage of spam and phishing emails that are sent whenever major sporting events take place.
by titanadmin | Apr 3, 2012 | Spam Advice, Spam News |
The 2012 London Olympics spam email campaigns have already started to be sent, even though we are still months away from the opening ceremony. That has not stopped cybercriminals from starting their phishing campaigns and cyberattacks. The run up to a big sporting tournament can be an even better time to get the unwary to download malware to their devices and reveal sensitive information. When people are excited they tend to take more risks, and people are very excited about the Olympics, especially those living in the British Isles.
2012 London Olympics spam email ticket scams
How often do the Olympics come to a country close enough for it to be feasible to actually attend an event or two? For most people that is very rare occurrence. People living in Britain or Ireland will see the 2012 sports extravaganza as finally being within reach. Unfortunately, the combined population of the UK and Ireland is around 68 million people, which is a few too many to fit into the London Olympic stadium and the other venues housing this year’s Olympic events. Tickets are therefore difficult to obtain.
A ticketing system exists that allows people to enter their names for the events they want to see; however, it is something of a lottery as to whether a ticket can be purchased. Only a lucky few will get to see their preferred events. Everyone wants to see the 100M final, but not so many are interested in the early handball heats. Where there is high demand there is money to be made, and criminals use the huge popularity of the sports events to launch Olympics ticket scams. Many of these scams are delivered by email.
Unwanted tickets are being offered online, touts are pushing their over-priced tickets, and cybercriminals are selling fake tickets to popular events. It is a time to be cautious. It is important that tickets are not bought from anywhere other than an authorized seller. If that means you cannot see an event, that is unfortunately just the way it is. If you are being offered a ticket via email by a stranger, chances are it is a scam.
That scam may not just be designed to get you to pay £1,000 for your fake ticket. In many cases, the purpose of the spam email is to get you to reveal your bank account details, credit card number, or install malware on your computer or portable device.
Phishing attacks are popular with cybercriminals, and 2012 London Olympics spam email campaigns are one of the preferred methods of launching attacks. Individuals are also being targeted with spear phishing emails. Instead of sending millions of emails offering tickets to the 100M final or opening ceremony, some scammers are researching their targets to maximize the probability of getting a response.
There is no point offering 3-day event tickets to your average soccer fan. They are unlikely to respond. However, if you know a soccer fan is planning to travel to London from France, offering that person a ticket to see a France soccer game is likely to get a better response. Especially if they are known to be in the UK at the time, and have said on social media they are trying to get a ticket. Criminals research individuals on social media and create highly targeted phishing emails.
Employers must be particularly careful as Olympic fever will grip many workers. They may respond to a 2012 London Olympics spam email at work and inadvertently download a virus or nasty malware. Protecting the network is going to be harder over the coming months.
Now is therefore a good time to issue warnings to the staff to be wary. Advise employees of the methods that can be used to identify a spam email and you will minimize the probability of an employee responding. Such tactics are reasonably effective at preventing malware infections and accidental disclosures of confidential company information.
Unfortunately, all it takes is for one individual to respond to a 2012 London Olympics spam email for a network to be compromised, so other tactics should also be employed. We recommend installing an Anti-Spam solution to stop the 2012 London Olympics spam email campaigns from ever reaching end users.
As for Anti-phishing protections, a web filter is the solution. This will prevent users from visiting Olympics-themed websites that have been infected with malware, contain malicious code, or featuring ads that have been placed by cybercriminals.
by titanadmin | Feb 23, 2012 | Spam News, Spam Software |
Following the news that Boulder-based Internet security company, Webroot, is set to leave the email security market, many IT security professionals have started looking for an alternative solution to deal with their organizations’ spam problems. A great many IT security professionals will be sorry to lose Webroot email security products, having relied on their protection for a number of years. Webroot email security solutions were popular and effective.
Two months previously, Webroot was reported to be looking to leave the email security market, and is to retire support for its products as 2013 comes to a close. A lack of support means a change will be necessary for any company currently running Webroot email security solutions if they are to keep their email systems protected. Fortunately, SpamTitan is well positioned to take up the reins.
The company offers industry leading cloud-based anti-spam service tailored to the needs of individual businesses. Not only do the company’s products boast a high success rate – blocking over 99% of spam emails – they also have a very low false positive rate.
SpamTitan also boasts one of the most competitive pricing models of any anti-email spam service. With IT security budgets stretched to breaking point already, this will come as very welcome news to CIOs, CISOs and IT security professionals.
SpamTitan Enterprise Anti-Spam Solutions
To date, SpamTitan has been deployed in over 100 different countries around the world, with IT security professionals choosing the company’s products for their exceptionally high spam catch rates. The products have consistently scored highly in independent anti-spam tests, and boast a catch rate in excess of 99.97%. The high catch rate is achieved, in part, by using dual AV engines. This ensures that if one engine fails to catch a spam message or phishing email, there is an excellent chance that the second engine will. The two industry-leading AV engines used by SpamTitan are those developed by Bitdefender and Clam Anti-Virus.
Additionally, the products have a false positive rate of virtually 0%, with next to no genuine emails mistakenly caught up in the spam filters. Businesses can therefore use the products with confidence, knowing that important, genuine emails will be delivered to the correct recipients. As a result, IT professionals will not be bombarded with requests by employees to look for expected emails that have not been received.
SpamTitan is much loved by users because of the ease at which the company’s solution can be implemented. System administrators love the products for the easy-to-use interface and level of customization possible. This allows tweaks to be made to suit each organization’s needs and requirements. Multiple deployment options are also offered, such as ISO, Vmware, in addition to the ever popular SpamTitan On Demand.
The products also boast excellent protection from phishing emails thanks to a powerful and robust anti-phishing email module. Phishing emails are a growing threat to network security, and with higher volumes of malicious emails now being sent, this is a very important feature to help ensure network security.
Need to Switch from Webroot to Another Anti-Spam Service Provider?
Any organization looking to make the switch from the soon-to-be unsupported Webroot to a new anti-spam solution provider should contact SpamTitan to discuss the options available. Advice can be offered on migration from Webroot and other anti-spam providers to ensure a seamless transition.
New SpamTitan customers also benefit from a totally free 30-day trial period, with prices starting from as little as $395 per month.
Further information on anti-spam, anti-phishing, and web-filtering solutions can be obtained by emailing the Customer Service team on info@spamtitan.com
by titanadmin | Feb 12, 2012 | Spam Advice, Spam News |
There are only two days to go before the red roses arrive, you get a box of chocolates, are taken out for a meal and treated to a night of passion (well, we hope so!). You may therefore want to start preparing. Maybe get a nice dress or a swanky new suit so you can look at your best.
You should also prepare for the onslaught of spam and phishing emails that are likely to be heading your way. Cyber criminals, spammers and scammers have fallen in love with St. Valentine’s Day. They take advantage of the human need to be loved and send out just the type of email people are hoping to receive.
Unfortunately, if you respond, you will not be treated to a night of passion and you will not discover a new secret admirer. You are likely to have malware installed or your bank account emptied.
Beware of scam emails and St. Valentine’s social media scams
In years gone by, scammers primarily used email or the telephone to fraudulently obtain money from the unwary or gullible. The meteoric rise in popularity of social media networks has given criminals a much easier opportunity to make money. There are phishing scams aplenty on social media networks.
However, email continues to work well for the scammers. Many people look for ways to save money on St. Valentine’s Day, and respond to emails offering discounts on flowers, chocolates, gifts, and holidays.
Spam emails typically sent by criminals tend to have subject lines such as “Will you be my Valentine?”, “Valentine’s Day Jewelry”, and “Cheap Flowers for Valentine’s Day”. The same subject lines that could possibly be sent by legitimate retailers or potential lovers. This is why the emails are opened by so many people.
In March, 2010, the results of a new study were published by the Messaging Anti-Abuse Working Group. The study looked at why people fall for email scams. The study was conducted on 3,716 individuals and they were asked questions about their response to spam email.
In some cases, it was not a failure to identify an email as spam that resulted in the email being opened, but because the recipient was genuinely interested in the products or services being offered. 11% of respondents opened the messages, knowing that the email was spam and 15% of those individuals did so because they liked the sound of the offer or product.
Scammers are aware that a percentage of their emails will be opened, and also that many people will respond and disclose information. The more emails that can be sent, the bigger the response will be and the more money will be made. The volume of spam emails being sent is therefore unlikely to decrease. The only thing that will stop the emails is when it is no longer profitable to send them.
How to avoid becoming a victim of a scam or phishing campaign this Valentine’s Day
Businesses need to be particularly wary this Valentine’s Day. If these malicious emails are delivered to employees’ inboxes, a percentage (11% according to the study) of those employees will open them. Many may visit malicious websites as a result – a link to a malicious website offering cut price jewelry with free next day delivery. They may even open malware-infected attachments – a JPEG picture of an admirer for example that is really a cunningly masked executable file.
By installing a spam filter with an anti-phishing component, the vast majority of these emails will be caught and quarantined and, if one does get through, the user will be prevented from visiting a malicious website. In the case of SpamTitan, 99.97% of those emails can be blocked. This is one of the best steps that can be taken to protect networks from malware delivered via email.
Additional protections include:
- Instructing employees how to identify a phishing attack, and teaching best practices to follow to avoid compromising a network or becoming a victim of a scam.
- Develop a culture of security awareness. Get employees to stop and think before taking an action and always to suspect that an email may be a phishing attack
- Never to unsubscribe from an email mailing list they haven’t joined. The email can be marked as junk and all future emails will be delivered to the spam folder, or caught in an Anti-Spam filter if one has been installed
- If an offer is interesting enough to warrant a response, contact the company via its official website or use the telephone. The contact details can be found in the phone book or through the search engines. Do not contact the company using the details supplied in the email
- Keep all Anti-Virus, Anti-Malware, and Anti-Spam definitions up to date
- Tell staff not to trust any unsolicited email they receive
by titanadmin | Dec 14, 2011 | Spam Advice |
The network security nightmare that is Black Friday to Cyber Monday has now passed, but Free Shipping Day is not much better for IT security professionals. They now have to cope with another of the busiest online shopping days of the year.
Fortunately, Free Shipping Day is tomorrow, Friday 16th December. That means the weekend starts the day after. It will be needed. Free Shipping Day means long hours need to be put in by IT security professionals! Spam emails are likely to arrive by the bucket load as the scammers take advantage of so many consumers buying online.
The cost of shipping can be expensive. Even very low priced items are not such a bargain when postage and packaging charges have been added. Shoppers finally find an ideally priced gift item for Christmas that is still in stock, available in the right color and size, and then they are hit with a massive shipping charge. Free Shipping Day removes any uncertainty.
Purchase from any of the 2,000+ U.S. retailers who take part, and you can forget about shipping charges. You can purchase in confidence knowing that the price displayed next to the product is all you will have to pay.
The day is a fairly new initiative to get consumers to spend more, but tomorrow is not a holiday. That means online shopping will have to take place from work. Wait until the evening and you will not pay postage charges, but will there be anything left to buy?
Many employees are banned from online shopping websites at work but, even with a ban in place, Free Shipping Day often proves too much of a temptation. Research shows that more money is spent online during working hours than any other time, so many employees are using work computers for online shopping – even if it is not allowed by employers.
Interestingly, research from AOL suggests 20% of workers use work time to do shopping or view pornography. Employers may allow a little of the former, but certainly don’t permit the latter. Yet that still happens.
Regardless which is chosen, both are a nightmare for network security professionals. Shopping websites and adult sites are targeted by malvertisers who are attracted by the high traffic that the sites receive. Malvertisers place adverts on the sites through legitimate advertising networks. They then direct users to malicious websites. A busy online shopping day means a busy day for online criminals.
Employers and their IT departments must be particularly vigilant for inappropriate Internet use and must keep a close eye on the websites that employees are visiting. A malware infection acquired from a malicious website could compromise a computer or, worse still, the network.
A recent survey conducted by Robert Half Technology indicates 23% of CIOs do allow employees some online shopping time at work; although those employers often monitor the visited sites and check to make sure staff are not wasting an excessive amount of time on personal matters.
Employees are happier without Draconian bans on Internet use and happy employees are generally more productive. However, to make sure this privilege is not abused and networks are not placed at risk, companies need to implement web filtering solutions.
This is an important precaution. Over 431 million adults became victims of cybercriminal activity this year. The cost to business is estimated to be $114 billion per year.
by titanadmin | Oct 26, 2011 | Spam Advice |
Halloween brings out the ghouls, ghosts, and trick or treaters – and also plenty of cybercriminals. The latter use All Hallows Eve (and the run up to Halloween) to launch new cyberattacks and scams to trick internet users into revealing their personal information. Their treat is the emptying of a personal or business bank account and they reap the rewards that can be gained from identity theft. Halloween-Themed spam attacks are common in the run up to Halloween.
For SpamTitan, Halloween is a busy time with numerous new Halloween-themed spam and phishing scams uncovered. This holiday time is expected to be no exception. Many new Halloween phishing scams can be expected to be launched this year as cybercriminals try to take advantage of the unwary.
Halloween-Themed Spam Warning!
So far we have seen a number of new spam emails being sent, as well as some old favorites from years gone by. One of the most common themes is a “Halloween Sale,” which exploits the human need to find a bargain. This year pirated goods are being advertised in the thousands, along with cut price Halloween costumes, free gifts, special offers, Halloween-themed surveys and links to online videos.
The aim of all of these spam emails is to get users to reveal their personal information, such as account login details and credit card numbers. Often the emails deliver malware and viruses to inboxes, other times they send links to phishing websites that harvest information. It is not always credit card details that the scammers seek. Social Security numbers, dates of birth and other personal information are highly valuable; as are telephone numbers which can be used by scammers to make bogus phone calls.
New Halloween-Themed Spam Doing the Rounds
Some old favorites are seen year after year, yet they prove to be just as effective second, third and fourth time around. One of these scams was first launched in 2007 and involves scammers sending a link to a video of a dancing skeleton. By clicking the link users do not only get to see the video, they are also delivered a Halloween package of malware.
The malware-ridden web archive file in this campaign is automatically downloaded to computers. It has been estimated that millions of individuals have already fallen for this campaign and have infected their phones, laptops, tablets, and desktops.
It is not just links to infected websites that are the problem. Scams are sent via Facebook, Twitter and other social networking sites. These social media spam campaigns are proving to be highly effective. Emails are often sent containing Halloween-themed attachments, which appear genuine with file suffixes look safe. PDF files and word documents for example do not tend to arouse suspicion, yet they can easily contain malware and hidden malicious code.
It is all too easy for the unwary to accidentally click and open these attachments. The result of doing so could prove very expensive indeed. The malware contained in these email attachments can log keystrokes or even give hackers full access to the computer used to access the messages.
With so many elaborate email phishing scams now being devised, it is essential that all computer users take precautions. One of the best methods of protecting against phishing campaigns, and spam emails in general, is to block them and make sure they never arrive in an inbox. For that, a spam filer is essential. The cost of not using an effective spam filter does not even bear thinking about.
The Huge Cost of Halloween-Themed Spam and Phishing Attacks
You may be thinking “I would never fall for a phishing campaign,” but millions do. Can you be so sure that your employees will be able to identify a fake email or website, or a sophisticated phishing campaign? Will they be able to identify these scams 100% of the time?
Even if one email proves to be successful, the damage caused can be considerable, as Sean Doherty, senior engineer with SpamTitan Technologies explains. “To date it is estimated that over $40 billion has been lost to 419 scams alone.”
Given the huge sums of cash that criminals can obtain from these emails, it is clear why the threat is growing and more and more campaigns are launched every year. If a scheme is profitable, it will be repeated and new campaigns are sure to be developed.
If criminals did not profit from these types of scams, they would very rapidly stop using them. However, the reality is they do, as Doherty points out, “These scam emails continue to exist and grow in frequency and ferocity. The simple fact is that these scams wouldn’t be repeated if they didn’t reap rewards for the cybercriminals.”
All it takes is for an absent minded employee to click on a Twitter link that directs them to a phishing website, and malware can be automatically downloaded to their computer. After that, a network can be compromised. Data is then stolen, deleted, or encrypted and only released when a ransom is paid. The cost of cyber attack resolution can be considerable. If all of your company data was suddenly encrypted, would you pay a ransom to get it back? Would you have a choice?
Holiday season is a time to enjoy, but it is also a time when everyone needs to be vigilant. Be on the lookout for scams, phishing campaigns, and unknown email attachments, and make sure all of your security software is up to date. Be careful, and you will be able to enjoy the holiday period.
by titanadmin | Oct 23, 2011 | Spam Advice, Spam News |
The death of Muammar Gaddafi has dominated the news headlines and as is typical following such a major news event, cybercriminals have taken advantage, and have launched a number of Gaddafi phishing attacks.
Analysists at SpamTitan Technologies have uncovered many new malicious emails in the past few days. The emails were caught by the SpamTitan Anti-Spam filter and placed in quarantine to prevent users from clicking on malicious links or opening infected email attachments.
The emails contain links to websites containing videos of the death of Muammar Gaddafi, including well as “previously unseen footage” of the colonel and his family. Some emails contain attachments which users can open to view new and grisly videos or pictures. When the do this they will also install malware on their computers.
New Gaddafi phishing attacks uncovered
Two of the emails that have been captured recently have the titles “Gaddafi death video – I shot and killed him”, and “Inside Aisha Gaddafi’s bathroom.” A number of similarly themed emails have also been intercepted and quarantined by SpamTitan.
The Advance Free Fraud scheme commonly used by Nigerian criminal gangs (419 scams) have been tailored and used to piggyback the news of Col. Gaddafi’s death. These schemes are used to try to get victims to reveal their bank details to criminals. Private and confidential information is disclosed in the belief that a large sum of money will be deposited in the victim’s account. They receive a transfer of cash, it is then moved on, and in exchange for this they are given a very healthy commission.
One of the latest Gaddafi phishing attacks involves an email request from Mrs. Gaddafi who requires assistance moving a considerable amount of the colonel’s capital. She reportedly has gold reserves stored in secret locations, which she needs to cash in. In order to do that undetected, she needs European and American bank accounts. Money will be transferred and then moved on, and a sizeable payment will be offered to anyone who is able to offer her help. Needless to say, no funds will be deposited, at least not in the victims’ accounts.
These scams net criminals millions of dollars because many people fall for these phishing attacks and scams. The FBI estimates that around $40 billion has been obtained from 419 scams such as this. Because spamming is so profitable, many criminals are getting in on the act. The more spam that is delivered to inboxes, the greater the chance of people responding to the scams and handing over control of their bank accounts. Spamming is a numbers game.
Consumers need to be wary and should never respond to requests such as these, as tempting as it may be to be paid tens of thousands of dollars for receiving a transfer of cash. Businesses need to be particularly careful too. Employees may not reveal company bank account information, but many campaigns result in malware being installed on the victim’s computer. If employees respond to the emails at work, this could result in malware being installed on a work computer or worse still, the access could be given to a company network.
Fortunately, SpamTitan’s Anti-Spam solutions will capture these scam emails, preventing them from being delivered. WebTitan will protect businesses from phishing attacks and stop end users from visiting phishing websites. Staff training can help to reduce the risk of malware infections; however, for total peace of mind anti-spam and anti-phishing solutions should be installed. There will always be one individual who believes they can get rich quickly by responding to one of these 419 scams.
by titanadmin | Sep 20, 2011 | Spam Advice, Spam News |
Out of curiosity I decided to take a look at some of the emails that were blocked by the SpamTitan filter this morning. Boy am I glad I did. There was an amazing opportunity to be had! I had been selected by a very generous individual who wanted to give me a percentage of an enormous pot of cash if I could just spend a few minutes of my time helping him out.
A large amount of money needed to be sent to Col. Muammer Gaddafi, but there was an issue with the transfer to his account. Sometimes, it can be hard to transfer £17,500,000 from South African bank accounts into Libya. It had taken this guy almost four years of trying and he still hadn’t been able to move the funds. Fortunately, he had found a way to do it, and a percentage of that money would be coming my way if I could help him.
The problem, you see, is the authorities are trying to rob the colonel of all of his cash. They are doing a good job of it too, but have not found this South African bank account yet. That money is safe for now, but not for long. The money couldn’t be easily accessed from Libya as the authorities were watching. The money would therefore need to be transferred into a holding account to get it out of Africa. That holding account could be my account. Once the authorities stop sniffing around, the money could be moved on, minus my cut for just supplying my account details for the transfer.
I was even thanked in advance for my kindness. What a very nice and generous man he is. I have summarized the email because as nice as he was, his spelling and grammar were atrocious. Well, he is foreign and English is not his first language! He also pointed out he was not a criminal. Boy, that was a relief. I would have hated to get involved in any sort of crime. I wonder what my cut will be? He failed to mention it in the email!
Some people will fall for it!
Of course, it doesn’t take SpamTitan’s dual Anti-Virus engines to figure out that this offer is a bit suspect. But you would be surprised how many people fall for these scams. Criminals net a huge amount of money from campaigns such as this. Sometimes, people are even willing to take a chance when their common sense tells then that something isn’t right.
These types of emails are known as 419 scams. You will not be surprised to find out that there is no £17,500,000 fund, and by supplying bank account details your balance will not suddenly increase. It is just a scam to get you to reveal your bank account information and other personal details. Criminals will then steal your money and your identity.
I say there is no £17,500,000 fund. That is because it is actually a lot closer to $40 billion. That is the amount of money that is estimated to have been made by criminals operating these 419 scams. Believe us. They do work. They are effective, they are incredibly lucrative, and people do fall for them. They are also increasing in number and complexity.
If you want to ensure your organization is protected from 419 scams, and your employees do not end up falling for these and more harmful spam campaigns, it’s time to start using SpamTitan’s Anti-Spam solutions. Not all 419 scams are this obviously fake, and greed often gets the better of common sense. Oftentimes it is not personal bank accounts that the criminals want access to. There is much more money to be made from accessing corporate accounts.
by titanadmin | Aug 7, 2011 | Spam News |
Firefox is a popular web browser created by a global non-for-profit organization. It boasts excellent controls against viruses and has proved popular for its security features, anti-tracking functionality, and its speed. However, as with all web browsers, it requires frequent updates to remain 100% virus-free.
Updates must be installed promptly to keep the browser secure. Users are alerted to these new updates as and when they are released, and installing them is a quick and simple process.
These updates are announced via the browser. Users of Firefox are not emailed reminders to update their browser to the latest version. That said, a number of emails have recently been received by users of Firefox alerting them to the urgent need to download the latest version of the browser. These emails are part of a fake Firefox update scam.
Fake Firefox Update Scam Discovered
If you receive an email telling you to update your Firefox version “for security reasons” you will not be alone. Many other users have received similar emails. These are not genuine. They are part of a new email spam campaign that attempts to fool recipients that their browser is out of date and an update is essential.
To make it as easy as possible to install the necessary security protections, a handy link is included in the email. This will take the user to the Firefox website where they can download the latest version of the web browser. However, be warned. The link is fake, and by clicking the link and attempting to improve security, all you will be doing is downloading a Trojan to your device. That Trojan will be used to steal your passwords.
This is a common tactic used by email spammers. Emails are sent which contain important information on security updates to fool the unwary into downloading malicious software. The emails play on data security fears and warn of repercussions for not taking the requested action. Many email recipients are fooled into clicking links or opening infected attachments as a result.
SpamTitan regularly issues warnings about the latest spam campaigns, fake emails and new malware as they are discovered. Internet users are instructed to take precautions to protect themselves against these attacks.
Fortunately, there are some very easy steps that can be taken to reduce the risk of attack via email. Receiving a spam or phishing email will not compromise your system (generally speaking) unless an action is taken, such as opening an email attachment or clicking on a link supplied in the email. Consequently, protecting yourself from attack can be quite straightforward.
SpamTitan Financial Preservation Tips
Don’t give hackers the data they need to empty your bank accounts and max out your credit cards. Follow the simple instructions below and you can protect your hard earned cash.
- Do not open any suspicious attachments sent to you by email and do not download them to your computer. You must be sure of the genuineness of an attachment before you open it
- Do not click on links to websites that you do not know
- Check all links before clicking as they may have been faked. Hover your mouse arrow over the link and you will find out where that link will direct you. If you are unsure, never click
- Check the ‘From’ field. The name may be familiar, but the email address from which the email has been sent may not be. Do not take any chances. The ‘From’ field can easily be faked
- If you have not requested a new password, never click on a link that asks you to reset it
- Never divulge sensitive information in an email, even if requested to do so. IT departments and legitimate web service providers will never ask for your login details and passwords to be sent by email
- Always keep your anti-virus and anti-malware definitions up to date. They are released on a daily basis and sometimes every few hours. Set your software to download these automatically
- Install a spam filter to prevent spam and phishing emails from being delivered to your inbox
by titanadmin | Aug 3, 2011 | Spam Advice, Website Filtering |
You will probably be aware of the term phishing: A method used by criminals and hackers to obtain sensitive information from individuals, usually with a view of using that information to gain access to bank accounts, computer networks, or commit identity theft.
Phishing is a growing phenomenon. Online criminals use social engineering techniques to get users to reveal sensitive data. They also convince end users to install malware that can be used to log keystrokes or even allow hackers to take full control of a device.
Phishing is highly effective and allows criminals to make billions of dollars every year. However, the way campaigns are conducted limits the earning potential of criminals. Campaigns are often sent via spam email and that is a numbers game.
Spam emails get caught up in email filters, are marked as junk, or are quarantined. Emails must therefore be sent out in the millions in order for a criminal to get just a few responses. Oftentimes, online criminals do not actually have enough real email addresses and have to resort to guessing, hoping that catch-all accounts exist and some will be delivered.
Whaling – A new phishing technique that is proving to be highly effective
Rather than sending emails by the million, criminals have worked out that it is possible to get the same number of responses by sending just a handful of emails. In order to successfully obtain the bank account login credentials of one individual, it may be necessary to send out a million emails using standard phishing techniques. It is also possible to do it with one: The email just needs to be very convincing.
The term whaling has been coined to describe this new tactic. Rather than using a very big net to catch a few small fry, a spear gun can be used to target a very big target. Whalers pursue one target and the payoff can be considerable. A whale is more valuable than a handful of sprats.
Whaling is not random and the technique requires skill and effort. A target must be identified and researched. A campaign must then be devised that will convince that individual, or a small group of individuals, to respond. Emails must be crafted that are realistic. Since the targets are usually senior executives in a company, they are likely to be extremely cautious about revealing information, opening files, or visiting websites.
Whaling therefore requires detailed information to be gained about the target. The more information that can be gained about the target’s likes and dislikes, their role within the company, contact information and family life, the easier it is to craft an email that they will respond to. This takes a lot of time and effort but the prize is worth it. Senior executives have access to highly valuable data.
Due to the effectiveness of whaling campaigns, many criminals are switching to this mode of attack. Many of those attacks are conducted not on email, but via social media channels.
Has improved security protections forced phishers to move from email to social media networks?
Opinion is divided within the IT security industry about the move from spam email to social media networks as the preferred vector for delivering phishing campaigns. Almost a third of respondents in a recent SpamTitan survey did not believe that improved Anti-spam technologies have triggered the move to social media networks.
The survey also showed that 37% of respondents believe that phishing is a growing phenomenon, and that additional protections are required to keep networks secure.
Many believe that the switch to social media networks is simply due to the number of individuals that have signed up for accounts, and phishing is therefore a natural response to the rise in popularity of online communities that encourage the sharing of personal information.
If personal information is uploaded by individuals onto social media networks, it is possible to build an accurate picture of an individual very easily indeed. Ask Facebook. The company doesn’t need to charge users as the information it gathers is incredibly valuable to advertisers. They can create highly targeted advertising campaigns with the data. Unfortunately, phishers can use that information too.
Corporations as well as individuals must therefore take great care when using social media sites. It is all too easy to reveal sensitive information and become a victim of a phishing or whaling attack. Fortunately, SpamTitan Technologies can offer protection from phishers, whalers, and other online scammers. Email phishing campaigns can be blocked, while the company’s web filtering solutions can prevent phishing websites from being visited.
