phishing

How to prevent your business from getting hacked ..

1) Use two-factor Authentication for Authentication to all your web and application services

Your password now is a single point of failure for your email or service getting hacked by unauthorized users. The chances are the account would be exploited in the first day against some social engineering trying to get money from your finance department. Your bank and financial institutions have been using 2fa for years now and it's the recommended solution now to add to the rest of your cloud and local services. 

2) Use SSL Certificates whether possible

This is usually added to company's Web Application such as a Document Management Solution or Content Management Solution which use certificates to encrypt traffic between your web browser and the app to make sure no prying eyes will see any confidential data.

SMTP emails should be set to use TLS for mail flow by default over normal port 25.

3) Have a fully up-to-date antivirus program that also Alerts

Windows 7 and Windows 10 now-a-days come with Free Antivirus checkers ( Windows Defencer and Security Essentials)  however these are only licensed for Home use. It's best to get a fully managed AV like Webroot where Virus detections are alerted on straight away.

4) Use a third party for Spam Filtering

Even with cloud providers such as Google's Google Apps for Email or Microsoft's Email Hosting 365 , they need that added layer of protection against Spoofing, Phishing and Virus.

Services such as Mimecast and Postini can help protect all the above and provide real time protection to new threats

5) Regularly change your password

Per Bullet point 1) the first form of defense if your password! Make sure this is changed once a month and sign up to https://haveibeenpwned.com/ to make sure this hasn't been compromised elsewhere

6) Keep your Equipment Up-To-Date

Make sure all the firmware on your Wireless Devices , Servers and Routers are kept up-to-date to make sure you install security updates as well as feature updates

7 ) User training

Make sure users are told regularly about current well-known attacks such as phishing , Spear Phishing or Cryptolocker so they can understand what to look out for and ask before clicking!

 

Spear Phishing what is it and how to protect yourself from it

As techtarget.com puts it : 

Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. Spear phishing attempts are not typically initiated by "random hackers" but are more likely to be conducted by perpetrators out for financial gain

How is this done

We have seen a few cases of this usually in the following order :

1) Attacker uses publically available resources e.g. Social Sites , company websites to get a name and email for a financial controller as well as the managing director of the company

2) Attacker uses a third party email server to fake [email protected] email and sends the below email to [email protected]. Attacker could also try emailing from [email protected] ( notice the ltd the end! ) 

Hey financecontrollername,
I'm in the middle of a meeting , not available on the cell phone , but need this actioned NOW please transfer $$$$$ to this bank account let me know when done
managingdirectorname

Attacker also tries to send emails to financecontrollername saying 'Hey are you there ?'

3) financecontrollername sends the money and emails managingdirectorname when done , only to find out managingdirectorname never asked for this transfer

How to protect yourself from this

1) Careful what information you have publically available such as emails as it can be used against you. Also be careful emailing people you don't know , the attacker copies your signature to validate the email as best as possible

2) Get your IT provider to use SPF Records along with DKIM records to either put all the emails from your organisation that are from unknown senders into SPAM , or mark the Subject as SPAM so the end user knows to be wary. This can be done with Spam Filters and Exchange

3) Financial Controllers should always speak to MD's when unsure of moving money around , better to be safe than sorry as they say!

If you have already been effected

Speak to your local Police by dialling 101, and report it.

Speak to your bank, there is a 24 hour window where bank transfers can be halted, speak to them as soon as possible