Hackers Are Imitating Government Agencies To Spread Malware

Researchers at Proofpoint have found evidence of a new threat actor who has been sending out convincing looking emails.

They are claiming to come from several government agencies.

These include the Italian Revenue Agency, the German Federal Ministry of Finance, and the United States Postal Service.

This is all part of a malicious campaign designed to infect targeted recipients with a variety of malware.

The bulletin Proofpoint released on matter reads, in part, as follows:

"Between October 16 and November 12, 2019, Proofpoint researchers observed the actor sending malicious email messages to organizations in Germany, Italy, and the United States, targeting no particular vertical but with recipients that were heavily weighted towards business and IT services, manufacturing, and healthcare.

These spoofs are notable for using convincing stolen branding and lookalike domains of European taxation agencies and other public-facing entities such as Internet service providers.  Most recently, the actor has attacked US organizations spoofing the United States Postal Service.  The increasing sophistication of these lures mirrors improved social engineering and a focus on effectiveness over quantity appearing in many campaigns globally across the email threat landscape."

In the US, emails claiming to be from the post office come with an attached Word Document called "USPS_Delivery.doc."  If a recipient clicks on the document to open it, they'll receive a message that the file has been encrypted for additional security and in order to view it, they'll be required to "enable content."

Naturally, clicking on the "enable content" button does nothing of the sort.  Instead, it installs whatever malware the senders have associated with the email in question.
The identity of the threat actor is not known at this time, but this is a serious issue that you should immediately alert all employees about in order to minimize the risk to your company.

Call SpartanTec, Inc. in Greenville and let our team set up the most suitable internet security protocols for your company to make sure that your network is protected from online threats.

SpartanTec, Inc.
Greenville, SC 29601
(864) 326-5914
https://spartantec-greenville.business.site/

Cities Served
Greenville, Spartansburg, Mauldin, East Park, Overbrook, West Greenville, Greer

Cybercriminals Are Taking Aim At Your Business… Is Your Network Protected?

Cybercriminals love to test your defenses. They love to see how far they can get into the networks of businesses all over the globe. Cybercriminals really love going after small businesses because they can all too often sneak onto a network, copy data and move on. Through the use of ransomware, they can hold your data hostage and refuse to cooperate until you pay them some amount of dollars – and if you don’t pay up, they threaten to delete all your data.

But protecting yourself is not as hard as you might think. While cybercriminals and hackers are an everyday threat to businesses, you can take steps to significantly reduce that threat and take that target off your back.

The first thing you need to do is understand why cybercriminals target small businesses and what makes your particular business vulnerable. There are many things small businesses do and don’t do that open them to attack and data theft. These may include not having enough (or any) security in place or not training employees on security protocols.
Realistically speaking, the biggest threat to your business does, in fact, come from your own employees. This doesn’t mean they are intentionally harming your business or leaving your network exposed to outside threats. It means they don’t have the proper training and knowledge to protect your business from a cyberthreat.

For instance, your team needs to be trained to use strong passwords, and those passwords must be changed periodically (every three months is a good rule of thumb). A lot of people push back on strong, complicated passwords or use the same password for everything, but this is just asking for trouble and should not be allowed at your company.
Once strong passwords are in place, enable two-factor authentication (2FA) on everything you possibly can, from network access to every account you and your employees use. This is an additional layer of security on top of standard password protection. This feature is generally tied to a mobile number or secondary e-mail, or it may be in the form of a PIN. For example, when 2FA is enabled, after you’ve put in your password, you will be prompted for your PIN for the associated account.

Another thing you must do to get that target off your back is to get anti-malware software installed. Every workstation or device should have some form of this protection. Not sure what to use? This is when working with a dedicated IT company can come in handy. They can help you get the right software that will meet your specific needs without slowing you down. They will install software that is compatible with your PCs and other networked equipment. Plus, they will make sure anti-malware software is working and is regularly updated.

On top of this, you want to have an active firewall in place. Every business should have its network protected by a firewall; like antimalware software, firewall security comes with a number of different settings, and you can customize it to fit the needs of your network. Firewalls help keep attackers and malicious software off your network. When paired with a good anti-malware software, your layers of security are multiplied. The more layers, the better protected you are.

Finally, with all of this in place, your employees need to know what it all means. Keep your team up-to-date on your business’s security protocols. This includes items like your password policy, malware protection policy and proper e-mail and web-surfing etiquette.

The bad guys are never going to stop attacking, but you have the power to protect your business from those attacks. Call SpartanTec, Inc. now and let our team help you with your cybersecurity needs.

SpartanTec, Inc.
Greenville, SC 29601
(864) 326-5914
https://spartantec-greenville.business.site/

Cities Served
Greenville, Spartansburg, Mauldin, East Park, Overbrook, West Greenville, Greer

Employees Targeted By Hackers Posing As HR Department

Just when you think scammers couldn't get any lower, they find new ways to prove you wrong.  Recently, a new phishing scam has been spotted in the wild, this one baiting potential victims with the possibility of pay raises.

The scammers structured their email so that they appeared to come from the Human Resources department of their victims' companies.

They asked the recipient of their phishing email to open an Excel spreadsheet bearing the name "salary-increase-sheet-November-2019.xls."  A shortcut to the remotely hosted spreadsheet was naturally provided.

The body of the email explained that "The Years Wage increase will start in November 2019 and will be paid out for the first time in December, with recalculation as of November."  Needless to say, this tends to catch most people's attention.  After all, who doesn't want a raise, right?

If a recipient clicked on the link, he or she would then be asked to provide Office 365 login credentials in order to see the file.  Of course, the file contains dummy data and has nothing to do with getting a raise; it's simply a useful hook to get an unwitting user to hand over their credentials.

The scammers not only constructed a convincing looking email, but the Office 365 login screen looks exactly like a legitimate login screen. This goes far in explaining the campaign's unusually high success rate.

The researchers who have been following the issue urge Office 365 users to enable multi-factor authentication via Office 365 or a third-party solution. They also encourage business owners to enroll their staff in phishing awareness training programs designed to help employees spot and report phishing attempts more easily.

Be on high alert for this one.  So far it has proved to be a highly effective campaign. Always stay alert.

Let SpartanTec, Inc. in Greenville help you by setting up the appropriate cyber security measures to protect your computers and network. 

SpartanTec, Inc.
Greenville, SC 29601
(864) 326-5914
https://spartantec-greenville.business.site/

Cities Served
Greenville, Spartansburg, Mauldin, East Park, Overbrook, West Greenville, Greer

Importance Of Backup and Recovery Plans

In the past, backup was made to deal with prolonged outages, equipment failure, occasional virus, and natural disasters. What would it cost your business if you go to work one day and all the computers have been encrypted? Or the server that is responsible for your order processing system is down for five days and the hackers are demanding 50k to get it back up and running once again? 

What do you think your customers will feel if they can’t get in touch with you for a week? As a business owner, when you look at your company, it’s crucial to consider technology not only as your revenue enabler but also as a risk. Breaches, IP theft, and cyberattacks are not just geek issues. They are can easily become your worst nightmares. Small business comprise 58% of malware attack victims and cyber attacks cost a small medium businesses a whopping $22 million on average. Disaster recovery and business continuity is taking on a whole new meaning in the world of ransomware.

Although the cloud offers wonderful opportunities for cloudbased applications, offsite backups, and more, the cloud cannot solve everything. Most companies are not even aware that Microsoft does nto backup their calendars or mailboxes.

These days, MSPs will take the principles behind SOC II and cybersecurity framework into account as he works with you and your business to come up with a straightforward, practical, and real backup as well as disaster recovery plans for not just the conventional physical threats of outages and availability, but the new world of cloud scale and cyber security. The results of a well made and tested business continuity plan takes into account the inevitability of non technical workaround, breach, as well as independent software solutions that will make sure that you are among the 40% that makes it beyond the inevitable.

Training and Compliance

Although there’s some level of mystery linked to the word hacker, hacking a system isn’t rocket science. It can even be done by just an email. The shift from conventional to modern msp involves not only securing systems but also training and teaching end users. Any business’ weakest link is its people. It doesn’t matter how good your email and spam filtering solutions are or your perimeter systems, the threats will continue to evolve and people are going to be the main target to override your security system. Technology service providers and managed IT services could help test, validate, and train your employees so that they understand the risks involved and make sure that the integrity of your safeguards are maintained.

MSPs will provide dark web monitoring as well as automate testing for easily compromised and weak passwords. Credential sharing and phishing will be tested at random and staff trained, scored, and counselled not by the human resource department but by the IT department.

Support From The Cost Center To The Differentiator

Some things will never change, computers fail to boot, printers are going to jam, files will inadvertently disappear, and some power point presentation doesn’t display correctly. You and your business always needs support. A good IT department is results driven and customer focused. Support will not just be about tech geeks fixing issues, it will be about getting the problem fixed as soon as possible on your terms.

Call SpartanTec Inc. in Greenville if you want to know more about business continuity planning, IT consulting, or managed IT services.

Learn more about managed services by clicking on the links below:

https://www.spartantec.com/2019/10/31/what-you-need-to-know-about-managed-it-services/
https://spartantecfayetteville.blogspot.com/2019/11/why-should-businesses-get-managed_1.html
https://spartanteccolumbia.blogspot.com/2019/11/a-look-at-msps-today.html

https://spartan-tec.blogspot.com/2019/11/putting-together-effective-it-strategy.html

SpartanTec, Inc.
Greenville, SC 29601
(864) 326-5914
https://spartantec-greenville.business.site/

Cities Served
Greenville, Spartansburg, Mauldin, East Park, Overbrook, West Greenville, Greer