The cyber-world remains dynamic because of the many attacks that are launched on companies and individuals every day. The following news headlines from the past week in cybersecurity shall help you better plan your phishing prevention strategy:
Phishing Scam Targets Linkedin Accounts
The Security Incident Investigation and Response Department of Heimdal have discovered a new phishing scam that targets LinkedIn accounts. In this attack, a malicious link embedded in a Microsoft Word document is shared via OneDrive. If a victim falls for the trick and clicks on the OneDrive link, then he gets redirected to the fraudulent OneDrive page. This page asks you to log in to your Microsoft account even if you already are logged in. Another page appears after the victim enters his details in the credential-stealing form, which is an error page.
To protect yourself from phishing attacks of this sort, you must incorporate specialized anti-phishing solutions such as DNS and HTTPS filtering. Although no cases have been reported so far, people are still advised to remain vigilant and prepared.
Security Threat To NIH’s Record System
The Health and Human Services’ Office of Inspector General audit revealed that the phishing protection measures of the National Institutes of Health (NIH) are not adequate to safeguard its electronic health records system from prospective phishing attacks. Weaknesses in its access controls, contingency planning, and IT maintenance were pointed out. The NIH had not updated its servers and software in addition to not deactivating outdated user accounts.
However, they are now working to ensure protection against phishing by following NIST guidelines.
Serious Hints At Phishing: Akamai CDN
The Akamai Content Delivery Network (CDN) recently conducted research where it found over 2.4 million people to be victims of some 1,221 phishing domains using Akamai’s network. Security researcher Or Katz from Akamai said that these phishing attacks targeted these many people in just four months only. A rise in attacks was seen during the festive season. The research further revealed that attackers mostly target media and e-commerce.
The research findings highlight the bleak anti-phishing protection measures that are in place and suggest that phishing is not moving out of the picture any time soon.
Fake Tech Support Company Owner Penalized
A technical support call-centre company called Tech Support was formed by an Indian college drop-out Amit Chauhan and his friend Sumit Kumar in January 2019. To date, they have successfully conned over 40,000 victims out of over Rs. 60 crores (8 million USD).
Their scam was discovered by a British victim Jim Browning in a YouTube video where Jim mentioned how Tech Support claimed to resolve technical glitches by sending malicious pop-ups. The two cons from Gurugram (New Delhi in northern India) are now penalized under India’s IT Act.
Beware Of Sextortion Emails With A Friend’s Reference
Researchers from IBM X-Force Threat Intelligence recently discovered the newest tactic of Raccoon attackers. They are sending out emails to victims with nude extortion pictures of a friend’s girlfriend. This is, however, a trick to make people curious enough to click on the attachment and grant permissions.
Once permissions are granted, the malware payload gets automatically downloaded and installs the Raccoon info stealer. As per the updates from IBM X-Force Threat Intelligence researchers, the affected domain has been brought down. But people should still subscribe to email phishing protection services to ensure their safety.
Week-Long Cyber Attacks On Factum Magazine
The Factum Magazine had to endure a week-long cyber attack for investigating on the lack of transparency of El Salvador’s government. The government had launched a phishing campaign on the magazine via a computer engineer from the University of Oriente, El Salvador.
Reportedly, the attacks on the magazine were part of a more significant attack to discredit the media. Anti-phishing measures by Qurium’s forensics investigation located the attacker to be from the Universidad de Oriente (UNIVO). The university, too, cooperated to particular extentrity beyond which it chose to remain silent.
Cyber Attack Hits ENTSO-E
The European Network of Transmission System Operators for Electricity (ENTSO-E), which regulates Europe’s electricity markets underwent a cyber attack recently. However, the attack did not affect any critical control systems and only brought down the IT systems.
ENTSO-E is now taking measures to ensure protection from phishing to reduce losses from this attack and stop such attacks from targeting them in the future.
Ransomware Hits Fort Worth ISD
A ransomware attack hit the Fort Worth Independent School District last week. As they recover from the attack, utmost care is being taken to ensure that the most effective phishing protection service is used. Hopefully, things shall function normally from next Monday, but there are chances of that getting delayed. They are asking teachers not to rely on computers for some time and go back to the old school ways of imparting lessons.
Spokesperson Clint Bond said that he, too, has been affected by the attack along with other district teachers and staff. The attack also brought down the district website. But the district shall not succumb before attackers and do not plan to pay any ransom. No personal or financial information on employees of students has been compromised in the attack.
New Phishing Tactic Uses HIV Fear
After the COVID-19 trick, attackers are now using HIV test results to make people open malicious email attachments that ultimately install malware on users’ devices. The adversaries have sent out over 200 emails to employees of big pharmaceutical, health care, and insurance companies in North America with fake HIV test results. These emails may not necessarily convince the victim that it’s an actual report but triggers his curiosity, which is all that is needed to fall for the trap.
This scheme was first discovered by security firm Proofpoint who has already begun blocking all such fake emails sent to its client. But their anti-phishing tools cannot possibly save all users targeted by the attackers. Hence being cautious at a personal level is the only effective defense mechanism.
Secret Sharing App Leaks Data
The secret-sharing app Whisper has left a database unprotected online since its inception in 2012. This database without passwords can be opened by anyone and reveals the private information of users such as their nicknames, stated ages, ethnicities, genders, hometowns, group memberships, and location details.
This database was found and reported by independent researchers Matthew Porter and Dan Ehrlich. It leaked information belonging to around 900 million users. To prevent phishing attacks, Whisper restricted access, and plugged the authentication security gap.