New Malware Hidden In Emails About Flu Protection

Fear is a fantastic way to spread malware, which is why hackers around the world are using the fear of a flu pandemic as a hook to install a nasty strain of ransomware. It is one of the many reasons why companies employ managed IT services to prevent such malicious software from taking over.

Researchers at MyOnlineSecurity have detected a cunning email campaign which spoofs the Centers for Disease Control and bears headlines warning of a Flu Pandemic.

The message is short and to the point, explaining that a flu pandemic has been detected and urges recipients to read the attached document for further instructions to protect their families and help keep it from spreading.  The instructions also helpfully include the note that in order to view the document properly you'll need to click the 'Enable Editing' button.

The attachment bears the name "Flu Pandemic Warning," which reinforces the message itself. It's an excellent choice from the perspective of the hackers, because they know that a relatively high percentage of those who receive this message from what appears to be a trusted agency will open it. This tactic will likely have a higher victim count and could affect businesses severely, which is why it is important to have managed IT services Greenville in place.

Unfortunately, the moment they open the file and click to enable editing, they doom themselves.  The word document is poisoned and contains scripts that will install the GrandCrab v5.2 ransomware on the victim's machine, which will promptly lock their files and demand a hefty payment.

While this is a nasty and especially effective campaign, it's not the only one that the creators of Grand Crab are engaged in.  Recently, the Chinese government issued their own alert, stating that beginning on March 11, various government departments were bombarded with phishing-style emails intent on installing ransomware on their servers. The incident highlights the need for a more comprehensive computer security system that prevents such cases from happening.

All that to say, vigilance is more important now than ever.  There's no telling how long this campaign will run, or what may come after it, but one thing you can be sure of.  They're not going to stop.

Does your company need a complete technology solution provider? Call SpartanTec, Inc. today.

SpartanTec, Inc.
Greenville, SC 29601
(864) 326-5914
https://spartantec-greenville.business.site/

Cities Served
Greenville, Spartansburg, Mauldin, East Park, Overbrook, West Greenville, Greer

Recent Breach Targeted MyPillow And Amerisleep Customer Data

If you've purchased bedding from either MyPillow or Amerisleep, your data may have been compromised. These companies are two popular mattress and bedding merchants operating in the US. This is according to a recent report coming to us from RiskIQ. The hacking group Magecart appears to be behind both breaches, which is bad news for both companies and their customers.

That is because Magecart is one of the most talented and active hacker groups on the scene today, having launched a number of successful attacks against high profile targets that have included Ticketmaster, Feedify, Shopper Approved, Newegg, and British Airways.

MyPillow entered into Magecart's crosshairs in October 2018, when the group compromised MyPillow's e-commerce and sales platform and began skimming credit card information submitted by the company's customers. The group also registered a similar domain, mypiltow.com and utilized 'Let's Encrypt' to implement an SSL certificate.  Unsuspecting visitors to the site had no idea they were on a domain controlled by the hacking group.

According to RiskIQ researcher Yonathan Klijnsma, "...this type of domain registration typosquatting means that the attackers had already breached MyPillow and started setting up infrastructure in its name."

Within a month's time, the hacking group moved onto the second phase of its attack, registering a new website called livechatinc.org, which mimicked the Live chat used by MyPillow.  With a poisoned script already running inside the company's infrastructure, Magecart was able to mimic the genuine tag used by the live support service. This was so that by all outward appearances, customers believed they were chatting with an actual MyPillow employee.

The attack on AmeriSleep dates back a bit further to April 2017, but followed a similar pattern.  The skimmer remained in operation between April through October of 2017.  The company rid themselves of Magecart's malicious software, only to come under attack again in December 2017.

In both cases, the skimmer domains have been taken offline, but both companies are still dealing with the malicious code injection issues. RiskIQ notes that given Magecart's history, even when both companies clear their servers of malicious code, they're likely to be re-infected in short order.  Watch your credit card statements if you've made a purchase from either company.

SpartanTec, Inc. works with local businesses to ensure their data is safe from hackers. Call us today for a free dark web scan or complete this form https://www.spartantec.com/dark-web-scan/

SpartanTec, Inc.
Greenville, SC 29601
(864) 326-5914
https://spartantec-greenville.business.site/

Cities Served
Greenville, Spartansburg, Mauldin, East Park, Overbrook, West Greenville, Greer

Criminals Are Also Tapping Into Social Media

Just over a few years ago, establishing global presence was a very hard thing to do especially if you’re a small startup company. Getting known meant shelling out a lot of money on advertising. However, the times have changed and a new mainstream means of advertisement is now ruling the internet, social media. Businesses and your everyday person can make it big in social media. Unfortunately, they are not the only ones who are taking advantage of social media. Criminals also want to make it big on social media and they’re getting good at it by the day. That is why businesses must have managed IT services in place to protect their presence online.

The reason why cybercriminals are turning to social media is the limitless amount of money it can generate. Attacks on social media alone can generate up to $3.25 billion each year and this figure keeps on rising. Since 2013, the number of attacks on social media rose 400%. The malicious incidents vary in form, but follow a pattern of abusing the social media ecosystem.

Bromium CEO Gregory Webb highlighted the dangers that await business owners. Webb said that hackers are using social media to infiltrate corporate networks through employees of a particular business who are on social media. Hackers could gain access to a backdoor that leads to valuable company assets. This is the reason why many major businesses nowadays have managed IT services Greenville set in place. Malicious attacks evolve rapidly, which is why businesses must also have update protection.

Information security is a major factor that businesses must focus on. In the end, social media is a powerful tool that can generate income for businesses and private individuals alike. However, hackers are also making their way into social media, making safety a priority. This is why businesses must take precaution, telling employees to limit the workplace information they share on social media.

Is your business in need of a complete technology solution provider? Call SpartanTec, Inc. today!

SpartanTec, Inc.
Greenville, SC 29601
(864) 326-5914
https://spartantec-greenville.business.site/

Cities Served
Greenville, Spartansburg, Mauldin, East Park, Overbrook, West Greenville, Greer

Identity Theft A New Norm For Americans According To New Survey

America is quickly becoming a commonplace for hacking and identity theft. But how problematic is identity theft in America? Based on the findings of a recent survey done by nCipher, 17.6% of the respondents claimed that they had been victims of identity theft. Although it may not be that huge of a number, a big part of the community is still affected which is still reason for alarm. Businesses are also at risk. Employees could have their identities stolen which could not only endanger their personal lives, but other aspects like their business as well. That is why businesses must have managed ITservices for complete protection online.

17.6 percent may sound a little small, but considering it is the United States, it’s still a big deal. Overall, around 58,080,000 would have been affected by identity theft if the survey results would speak for the entire country. However, it is still a dilemma due to the number of people involved in such cases. After all, identity theft can change lived in an entirely negative way.

When compared to data in 2017 where around 16.7 million identity theft cases were recorded, the growth is quite alarming. What’s even more bothersome is that 16.5% of the respondents said they are uncertain whether their identity has already been compromised or not. Though it wouldn’t be fair to assume that these people did have their identities stolen without them knowing it. However, the mere fact that people are starting to be bothered about their information security is quite disturbing.

 With the rapid growth of identity theft in the country, companies need to step up their game and add more security measures like managed IT services Greenville for added protection. Hackers nowadays have become more sophisticated and more capable of stealing data from people online. This only means businesses and everyday people should find ways to protect themselves and their data online.

Want to secure your business online? Call SpartanTec, Inc. today!

SpartanTec, Inc.
Greenville, SC 29601
(864) 326-5914
https://spartantec-greenville.business.site/

Cities Served
Greenville, Spartansburg, Mauldin, East Park, Overbrook, West Greenville, Greer