The world of phishing is an ever-evolving one. There are measures and countermeasures that keep coming back and forth. Cybersecurity specialists are always on the lookout for newer methods to create a firewall against such malicious events; anti-phishing is one of the major drives that cyber specialists undertake to safeguard their systems. However, the regular consumers of the technology can’t always take up those sophisticated measures to keep their information systems safe, which is why it is crucial to stay abreast of the latest modus operandi undertaken by these malicious actors. Here are the weekly news headlines to keep you informed of the same.
Phishing Hits Office 365: Inverts Images, Evades Detection
Phishers have adopted a new technique to lure Microsoft Office 365 users. This Office 365 phishing campaign has a unique way of avoiding getting flagged using inverted images as backgrounds, disrupting the flagging mechanism. This way, those threat actors evade the internal process of identification.
The inverted method is a usual way to clone legitimate login pages. It is done to capture the login credentials of bona fide users by tricking them into thinking it to be the real website. Users are advised to be careful while using the official pages of Microsoft Office 365.
Spoofed Emails: An Iranian Connection
The US presidential election is turning out to be a test for not just the incumbent and the contender but also for law enforcement agencies. An Iranian hacking group has been making repeated attempts to steal voter information from various election-related sites. The Federal Bureau of Investigation is trying to identify the various TTP that are being used for these activities.
On October the 30th, a joint CISA, and FBI advisory had warned of such an attempt by the same groups. It also mentioned that there would be countless phishing activities and that robust anti-phishing measures need to be put into place.
Cryptocurrency Services And Exchange: The New Malicious Battleground
Cryptocurrency has gained fame in a short period. It has illustrated how technology can be used to store money and enable transactions digitally.
However, it has also been in the crosshairs of cybercriminals. Recent reports suggest that funds (amounting to several millions of dollars) have been siphoned off by cybercriminals from the cryptocurrency services and exchanges, such as stealing approximately $24 million worth of cryptocurrency assets from Harvest Finance.
Strategies To Prevent Fraud: A Future Proof Journey
Newer standards have been established, and protocols changed to counter the ongoing coronavirus pandemic. However, the threat of fraud has remained largely unchanged. Online tricksters have been able to whisk away almost $156 million from January to October, in COVID-19, related fraudulent activities.
This has prompted CXOs from organizations worldwide to think of ways to stand up to the menace. There is also a thinking that focuses on continuing with the present protocols once the situation improves. To begin with, a process of understanding them and then categorizing them is currently underway.
Ransomware False Promises: Data Still Being Held By Cyber Adversaries
More and more companies are falling prey to ransomware attacks. Research has shown that there has been an increase of nearly 20% over year on year basis. However, what’s worrisome is the false promises made by threat actors, which has kept every ransomware victim on their tenterhooks. While companies have been paying to keep their data out of public view, Ransomware gangs are not deleting them after getting the payment.
The market has got more lucrative over the years. A cursory look will tell the viewer that the amount extorted on an average has grown bigger. This is because the targets have become more prominent, and more massive amounts are now being asked for ransom.
1.1 Million Accounts Hacked, Alibaba-Owned Lazada In A Tizzy
Singapore based e-commerce firm Lazada has had a major cyber breach. 1.1 million accounts have been hacked, and personal information and partial credit card numbers stolen. This is a catastrophic event considering the city of Singapore has a population of only 5.7 million.
The information that has been accessed illegally are:
- names
- phone numbers
- email and mailing addresses
- encrypted passwords
- partial credit card numbers
It has moved immediately to block access to the database so that current operations are not hampered.
SEC Hack Case: A Settlement Reached
In 2016, the SEC’s corporate database was hacked by two traders who went on to make an enormous profit from it. However, a settlement has now been reached whereby the two traders will be paying $425,000 as regulatory claims. This amount is minuscule compared to the amount of money they were able to earn as profits.
The hacking of the corporate database of the Security and Exchange Commission was a major embarrassment. It had led to much soul searching and fact-finding. But a travesty of the law is also evident from the fact that no dire consequences were faced by the guilty. The hackers, who are citizens of Ukraine, continue to live free.
Ransomware Against Hospitals: A New Reality
Hospitals have had a tough year so far. First, they had to deal with the dreaded virus and the ensuing pandemic, and now the ransomware attacks. Late September saw hundreds of hospitals under the United Health Services get attacked by a Ryuk ransomware infection.
This led to their systems getting disrupted. The existing anti-ransomware solutions were grossly inadequate in dealing with the event. Such was the interruption that there was a joint threat assessment advisory issued by CISA, FBI, and the Department of Health and Human Services regarding the same. It has been envisaged that future events could be even more catastrophic if no steps are taken now.
US Cyber Command Action Against Iran To Secure Election 2020
As part of its ongoing effort to secure the presidential elections, 2020, the US Cyber Command has undertaken cybersecurity measures to counter cyber threats that seem to be coming from Iran.
This was done in response to the action taken by hackers who worked for the Islamic Revolutionary Guard Corps. Threatening emails were to the voters whilst posing as a far-right group. A video was also sent to drive down confidence in the voting process. While no specifics were mentioned in the press conference, Gen. Paul Nakasone, who leads both the NSA and the military’s cyber command, was extremely pleased with the outcome of these operations while warning that many more were to come.
Campari The Latest Victim To A Ransomware Attack
The famed Campari group was not spared by ransomware as a large part of its IT infrastructure was taken down. This ransomware attack was linked to the RagnarLocker Ransomware gang.
The gang has been trying to extort ransom from the company, which has been dealt with firmly thus far. The gang has threatened to release files into the public domain if their demands are not met. Many of these files hacked by the ransomware gang include business deals which may affect their future business contracts.