Cybersecurity Tips to Put into Practice During Remote Work

As the situation with Coronavirus COVID-19 advances, many state governments are now issuing orders to work from home for the purposes of slowing down the spread of the virus through “social distancing”. While this period of uncertainty and fear grows, so do the phishing attempts of cybercriminals who seek to take advantage of potential victims.  

European cybersecurity agency ENISA has been warning users to stay vigilant for any suspicious looking emails that arrive in users’ inboxes – especially those that mention the Coronavirus – urging people to avoid clicking links or downloading files that may otherwise include malware and infect devices. Instead, it is recommended to check the legitimacy of the email through methods such as checking the direct website or calling a company’s direct phone line if the email and sender looks suspicious. Any unusual requests through an email should be handled with skepticism and caution.

Aside from being careful of such emails, ENISA also recommends employees to follow these security measures to stay safe while working from home:

  1. Maintaining a secure WiFi connection and having WiFi password protected so as to keep others away from accessing your web traffic. Employees should also make certain their connection on WiFi is secure rather than using an untrusted network through public WiFi.
  2. Having an antivirus software downloaded on your device as you work on sensitive material
  3. Making sure your computer software is up-to-date with the latest security updates
  4. Locking your desktop screen when it is not in use 
  5. Making sure all files are being backed up in case of an emergency (e.g. a ransomware attack)

During this time with remote work, employers should also take responsibility in making sure all employees are well equipped with tools necessary to ensure business security. For example, having an emergency cybersecurity plan or support available for workers when facing technical issues, or having a protocol to follow when working from home in the case of accessing sensitive files.

4 Tips to Keep in Mind to Avoid SMS Scams

From time to time, we receive strange texts from numbers we don’t recognize telling us that our Amazon account has or needs a delivery update or that there is unusual activity detected in our bank account. Texts like these are accompanied with a suspicious looking link that asks you to click to log in. The issue with these messages is that sometimes it could be difficult to tell if it’s a scam when it mentions a company, bank, or other entity we typically interact with. While this may be so, we’ve outlined a few tips for you to keep in mind when you get that suspicious SMS message:

Tip #1: Don’t Click on Links from a Text You Don’t Recognize

It’s important to look out for one of the bigger signs that the text you received could be a scam: if it asks you to click on a link. Usually, you can tell when a link is fraudulent through the domain name. Other times it may be a bit more difficult to assess the link, especially if the company name is used within the link. In whichever case, it’s best practice to just avoid clicking on any such links sent to your phone. If you receive a delivery notification that asks you to check its status through a link, go to your web browser or application instead and log into your account to do so. 

Tip #2: Don’t Reply to Suspicious SMS Messages

Messages that you don’t recognize could ask you to reply “YES” or “NO” or to give them a call about your bank account that was experiencing suspicious activity. In any case, avoid replying back to such messages and note that call to action texts that you don’t recognize could very well be an SMS scam. 

Tip #3: Be Mindful of the Message Content

It’s important to look out for a few tell-tale signs within message content that may reveal the malicious nature of a text. Several things to spot include the greeting message, spelling, grammar, and the link provided. If anything seems out of character through the message, then you’re probably right to think it may be fraudulent. Again, it’s always best to sign into your account through the official website than clicking on a link you’re unsure of – especially if the domain doesn’t appear to be an official company website link. 

Tip #4: Use Your Phone’s Block Feature

To help you avoid receiving any further messages from a sender, iPhones come equipped with the ability to “Report Junk” for texts you don’t recognize. The option appears when your phone recognizes that the number is not part of your contacts list. You can also block a number that sends you malicious messages by pressing on the contact info button at the top of your iMessage, press on the number once more at the top, then scroll to the bottom to press “Block this Caller”.

Phishing Scam With Fake Invoices Spreads Across US and UK

A malware called Emotet is spreading through the US and UK, specifically targeting banks and financial sectors according to a report published by Menlo Security. Cybercriminals have implemented a malware campaign that spreads via phishing emails, with the attachment of a malicious Microsoft Word document attachment. The email is made to look official through mention of financial topics such as invoices or banking details in the subject line, attracting victims to click on the file. 

Emotet malware use was on the decline back in December 2019, yet began to pick up momentum again early into the new year as cybercriminals use it for new malicious purposes. 

These targeted attacks are meant to disrupt multiple sectors including media/entertainment, transportation, and food/beverage in locations such as the US, UK, Philippines, Spain, and India. Emotet attacks have largely been focused on the financial services sector, with half of these campaign attacks affecting the US and a quarter affecting the UK. 

After a user clicks to download the infected Word file and presses on “enable editing”, embedded macros are deployed onto the victim’s computer, which then successfully transfers the Emotet malware. Once transferred over to the user’s device, Emotet not only steals sensitive information, but can also facilitate the spread of more malware to other computers that use a shared network.  

Emotet can’t be traced to just one source of administration, since its function as a botnet infects Windows computers globally, which then spreads further through those infected devices. 

As Emotet continues to wreak havoc, business employees should take precautionary measures in avoiding any suspicious emails that arrive in their inbox, as documents or any links attached could very well be infected with malware. Users should be cautious of those emails that ask to “enable macros”. Keeping computer operating systems up-to-date is also an important step to take in order to stay safe.

5 Cybersecurity Threats That You Should Look Out for

Ransomware attacks, cyber attacks, data breaches – these are just a few cybersecurity threats that catches one’s attention. However, here are some other types of threats you may not have expected:

Malicious USBs That Could Carry Viruses 

Some USB Sticks could be very dangerous if initially tampered with and – once plugged in – can install a backdoor on PCs. You should be very cautious of plugging in a USB drive to your PC if you are unsure of where it’s from. Other USB sticks may not start causing immediate damage once inserted. Instead, such USBs could carry viruses that could wreak havoc on your computer after initial download. Always make sure you know where the USB comes from, keep your computer’s operating system up-to-date, and have the proper security tools installed.  

Browser Extensions That May Do More Harm Than Good

Browser extensions have everyday useful features, but some extensions need close evaluation from its users. Extension developers could use these programs to collect data on what you search online. If you happen to choose the wrong extension, it could end up annoying you with pop-ups, installing unneeded software, and could also sell your browser data. To help prevent this, minimize your extension downloads, do your research on the developers behind each extension, and just stick to the ones you know of. 

Charging Cables That Could Give Hackers Access To Your Device

The purpose of a charging cable is to give power to your device and help sync information. However, there are some charging cables out there that look very similar to your everyday charger, but they could give hackers access to your device’s information. All you would have to do is click “trust this computer” when a malicious cable is plugged in, and the hacker would have access to your device. To help prevent this issue, be mindful of the charging cables you purchase or only use the charging cables that come with your device.

Photo Uploads That Give More Information Away Than Wanted

There’s nothing wrong with posting photos on social media. However, you should be careful with putting your pictures on “public”, as uploaded photos can carry your location data. Apps like Facebook and Instagram remove this information, but apps like Google Photos track the location of where the photo has been taken. Posting the photo online with a location tag can add the location back to a photo even if you remove the location data. This photo data can put you at risk of identity theft or online stalking if a cybercriminal were to use your pictures for these malicious purposes. To prevent this, keep your social profiles on “private” mode.

Smart Home Devices That Could Be Hacked

As homes get smarter, hackers have the chance to target them. If hackers are able to access homes, they could make sure doors remain unlocked or check your security cameras. To combat this, buy devices that are well-known and make certain that all your devices – including your router – are always up-to-date with the latest software. Also, do not keep default passwords for your smart home device accounts. Make sure your passwords are hard to guess and are not used elsewhere. For more protection, turn on two-factor authentication for your device accounts.

Google’s New Application Tools for Maps, YouTube, and Assistant Put Privacy in the Hands of Its Users

Image Source: www.iStock.com/IngusKruklitis

Just in time for National Cybersecurity Awareness Month, Google Maps, YouTube, and Google Assistant were recently announced to have new tools related to user privacy and security. The new updates to these applications give users more control over what data Google can retrieve, and even gives the option for users to delete already collected data such as within Google Voice Assistant. 

Google Maps has now included an incognito mode to keep the application from tracking which places you search for and where you travel to, this thus giving its application users more control over privacy. Incognito mode also helps to keep users’ personalized recommendations from including any locations that would otherwise be irrelevant. Android and iOS users are expected to have this feature available to their Maps application this month.

Image Source: Google | https://www.blog.google/technology/safety-security/keeping-privacy-and-security-simple-you/

 

YouTube is receiving an update as well, with users now able to choose when the app will automatically delete accumulated history. You can choose to keep your watch history for three or 18 months, or just choose to keep the data until you delete it manually.

Google Assistant is also getting an update that allows users to delete any saved voice data. By saying phrases like “Hey Google, delete the last thing I said to you,” or “Hey Google, delete everything I said to you last week,” to your device, Google Assistant will delete its “Assistant Activity”. Deleting voice data from a while back would require you to go into account settings.

After it was revealed that actual people could listen to voice recordings for the purposes of improving voice assistants, Google, Amazon, and Apple all took action to remedy the privacy situation. Alexa, for instance, was implemented with the option for consumers to choose whether recordings will be reviewed. Two months ago, Apple also stated the suspension of its Siri grading program which similarly recorded user audio. The company commented on how they would incorporate consumer participation choice in the grading program with a future update. 

Image Source: Google | https://www.blog.google/technology/safety-security/keeping-privacy-and-security-simple-you/

 

This Google Assistant feature is expected to be released in all languages by next month. The English commands will be available this month. 

Lastly, Google had released Password Checkup within its Password Manager tool. The Checkup feature notifies its users if their passwords have been compromised from a data breach, weak and need to be strengthened, or whether a password has been reused. Google will be adding this tool to Chrome soon, but users can still take advantage of the feature at passwords.google.com.

Instagram is Testing New Feature That Can Help Users Combat Hackers Stealing Accounts

Image Source: iStock.com/bigtunaonline

Instagram is working on putting user account security at a high priority by making it more difficult for hackers to steal accounts to hold them hostage for ransom or sell for high profit.  

Hackers are after big influencer accounts in a scheme reported by Motherboard which involves cybercriminals targeting big name Instagrammers. The attack works through an email link that – once clicked – directs users towards a fake Instagram login page. Once a hacker steals the login credentials and has access to the account, victims are unable to sign-back in or regain access to their own profiles, as hackers change both the recovery email address and phone numbers associated with the account.

Instagram had previously acknowledged the problem of users having difficulty in accessing their accounts, to which the company had advised in setting up two-factor authentication as well as implementation of stronger passwords, but adding these extra steps of security doesn’t exactly help when a cybercriminal has already accessed an account. Phishing links have been used as a primary means of tricking influencers into signing into bogus login pages made to look authentic. Furthermore, if an influencer has used the same account credentials that were previously involved in a data breach elsewhere, cybercriminals can use this information to their advantage to gain access to an account

After users have long complained about Instagram’s lack of responsibility and initiative in taking care of the hacker issue, the company recently announced new ways of combating this ransom tactic.

If a user can’t log in to his/her page, Instagram gives one the option of sending a six-digit authentication code to the account’s original phone number or email address that was used when the account was first created. Any other devices used by hackers that are logged in will be logged out, allowing a user to recover their page by resetting their email and password. This feature is currently under testing. 

Image Source: Instagram

 

Instagram has also promised to bring another feature – one already available for Android users – to iOS. The feature allows a user to change their Instagram handle while also allowing one to maintain their previous handle for 14 days. This upcoming update is meant to deter any hackers from taking popular usernames to sell for profit. After the 14 day period is over, the username becomes available for anyone to use.

Cybercrime Groups Still Operate Over Facebook Platform

Cisco’s Talos threat intelligence researchers have identified an ongoing cybersecurity problem that looms within Facebook: dozens of groups created to trade and purchase spamming and phishing services.

The groups have been noted as partaking in “shady (at best) and illegal (at worst) activities,” using easily identifiable and locatable names such as “Spammer & Hacker Professional” or “Facebook hack (Phishing)” and yet remained up and active without intervention from Facebook itself.

Researchers at Cisco have found approximately 74 groups that partook in cybercriminal activities such as selling stolen login and account credentials and banking information. Others would sell tools for email spamming. The groups had amassed around 385,000 members in total and were easy to search for through simple keyword phrases like “spam” and “carding” when one looked into Facebook group search.

Cisco’s Talos team had notified Facebook about the hacker groups through abuse reporting, to which Facebook had responded by removing a few of the groups while keeping others up and only removing some posts deemed as a violation of policy. After the Talos researchers spoke directly with Facebook’s security team, the groups were taken down, but the issue of cybercrime on the social media site still remains a prevalent problem as new groups always seem to emerge.

Such activity isn’t new to the Facebook community. Groups like these have been operating for years on the social media platform. Brian Krebs from KrebsonSecurity had found 120 cybercrime groups back in 2018, for example, notifying Facebook in order to have the groups removed.

A spokesperson told The Verge that “[Facebook] know[s] [it] needs to be more vigilant and [they’re] investing heavily to fight this type of activity.”

Beware: TrickBot Malware Is on the Rise for Tax Day

Tax Day is coming up on April 15th, and cyber criminals are out to seek profit at many victims’ expense. A tax theme malware called TrickBot is being sent to inboxes, the hackers impersonating payroll providers like Paychex and ADP and sending malware infected Excel documents to their recipients.

TrickBot works by exploiting network vulnerabilities to essentially enter and steal sensitive information such as passwords and bank account details in order to file fraudulent Tax forms to receive returns. Scams caused by TrickBot have cost the IRS over a million in losses back in 2016.

Researchers from IBM X-Force noted how cyber criminals are using domains that look highly similar to actual payroll providers in order to deceive recipients into thinking the email is from a legitimate source.

IBM global executive security advisor Limor Kessem stated how “this campaign [is] highly targeted in its efforts to infiltrate US organizations,” and the threat from TrickBot doesn’t look like it’ll cease. Kessem continues on by explaining that “TrickBot [is] one of the most prominent organized crime gangs in the bank fraud arena, [so] we…expect to see it maintain its position on the global malware chart, unless it is interrupted by law enforcement in 2019.”

Before clicking on any email link, it is highly advised to double check the legitimacy of the email by looking closely at the sender information. Hovering over an email link also allows you to check on where the URL leads before you actually click on it; just check the small window that pops up above the link to make sure the site is safe.

540 Million Facebook User Records Found On Public Amazon Storage Server

UpGuard security firm researchers have discovered an unpleasant surprise: millions of Facebook user records were found exposed publicly on an Amazon S3 storage server without a password to protect the data.

Two third-party companies – a Mexico based media company called Cultura Colectiva and an app developer At The Pool – had left user records available for public access. User record data such as comments, likes, reactions, and account names were all stored onto the servers. At The Pool stored sensitive information from approximately 22,000 users and included data such as photos, check-ins, and friends lists.  

UpGuard had not received a reply from Cultura Colectiva after warning them about the public server data back in January. After reaching out to Amazon as well, the security firm was yet again met with indifference as no one had taken action to resolve the issue. After Bloomberg’s reporting on April 3rd, the database was then secured.

A Facebook representative commented on the matter, explaining how “Facebook’s policies prohibit storing Facebook information in a public database. Once alerted to the issue, we worked with Amazon to take down the databases.” Spokespeople from the company also commented on how Facebook was not aware of the issue until the UpGuard team had brought it to their attention.

Both third-party companies had collected and stored the data in the past when Facebook was more lenient on data gathered by outside applications. However, after the Cambridge Analytica scandal, Facebook set tighter restrictions on what developers may access in regards to user data.

As of now, it is unclear on whether the data on the open storage servers were accessed by malicious actors who could potentially use it to their advantage in marketing or fraudulent schemes.

6 Security Tips to Keep in Mind When Using Device Apps

Nowadays, data breaches are happening more and more frequently, and an app you’ve once entrusted to keep your data and privacy safe can put your information at risk of being stolen through malicious hackers using security exploits, or through the developers’ means of using a third-party application to harvest your data. As you download your favorite applications from Apple’s App Store or Google’s Play Store, you’ll want to keep these security tips in mind:

  1. Using a password manager can help keep your accounts secure

Password manager applications are there to assist us when there are many accounts to keep track of. Often times, users rely upon using the same passwords which puts them at risk during massive data breaches. Easy-to-guess passwords like “Password” and “123456” are still among the top worst choices for users’ accounts, and slightly changing passwords to include a symbol or number is not always the best line of defense against hackers guessing your codes.

Using a password that is created by a random string of numbers and letters is assuredly a strong way of protecting your accounts. However, remembering these passwords comes as another issue at hand.

To help store your passwords in a secure and encrypted space, users can take advantage of password manager apps.

  1. Use a VPN when you use public WiFi

A virtual private network (VPN) can help keep your data secure when on public WiFi. VPNs can secure transactions and keep users anonymous when on the internet, ultimately masking any data transmissions.

When looking for a VPN provider via an app store, make certain you read the app’s data collection policies.

  1. Be aware of what permissions you grant to applications

Users should always be wary of what information apps ask to gain access to, such as contacts lists, location, and photos. A good form of practice is to always question an app’s request for certain permissions. For instance, if a note-keeping application asks for photo access, users should question the app’s motives in harvesting photo data.

It is also important to take note of any unusual behavior after certain application downloads. If your battery life performance drops or you notice your phone acting slower than usual, the malicious app could be collecting data in the background.

  1. Do your research on specific applications you want to download

Before you decide to download an app onto your phone, another good practice is to search the application on Google and see if it was involved in any recent data breaches or scams.

If previously involved in a data breach, take note of the way a company/developer handles the occurrence. A developer should take extreme precautionary measures to make certain this does not affect its users again, while also making sure the app’s security is heightened after a breach has already happened.

  1. Keep your phone’s software updated

Often times, OS updates are released to patch any device vulnerabilities that may allow hackers to access your data via malicious application downloads. By updating your device regularly, you can reduce the risk of hackers using data exploits to their advantage.

  1. Download legitimate applications from a trustworthy source, such as Apple’s App Store and Google’s Play Store

Most applications found within Apple’s and Google’s stores “meet a standard quality of data protection and [are]…required to produce a dedicated privacy policy [to]…protect your data,” says Stephen Hart in an interview with CNET.

It is better to avoid any untrustworthy sources outside of reputable app stores, as a user runs the risk of downloading an app that may contain a virus onto their device.