Friday, March 13, 2020

Ransomware Uses Secret Email

Emails Pretending To Be Secret Admirers Could Be Ransomware


Nemty Ransomware isn't an especially well-known threat, but it's dangerous and should not be discounted. Recently, researchers have discovered an ongoing spam-email driven campaign that's attempting to spread the ransomware far and wide.

An unknown group of hackers are sending out what appear to be love letters from secret admirers in a broad pattern.

They are probably simply using email addresses purchased in bulk on the Dark Web. The emails use a variety of subject lines like "Letter for You," "Will be our secret," "Can't Forget you," and "I love you." They have no body text and feature nothing more than a wink emoji. That is clearly a bid to entice recipients into responding by clicking on the enclosed attachment to see what all the fuss is about and get to the bottom of the mystery.
Unfortunately, those that do so doom themselves. The attached file is a poisoned Java Script that installs the ransomware, which promptly locks the user's files and then displays a ransom payment demand.

The fact that Nemty isn't widely known works in its favor, as it gives the malware a very low VirusTotal detection rate. That will undoubtedly lead to a higher than usual percentage of infections until an increasing number of antivirus companies add the malware to their definitions. It's a short-term advantage, but one the hackers will surely make full use of until the AV companies catch up.

Nemty's developers have also threatened to create a blog, which will be used to release sensitive information of those who refuse to pay the ransom.

Finally, be aware that Nemty is known for deleting shadow copies as it encrypts files. So if you're not in the habit of making regular backups, if you get hit with this strain, you will have no way of recovering your data. Make sure your employees are aware!

Call SpartanTec, Inc. and let our team of IT experts set in place cybersecurity measures that could protect you and your employees from fraudulent emails, ransomware, and other online threats. 


SpartanTec, Inc.
Greenville, SC 29601
(864) 326-5914
https://spartantec-greenville.business.site/

Cities Served
Greenville, Spartansburg, Mauldin, East Park, Overbrook, West Greenville, Greer

Thursday, March 5, 2020

Tax Information Theft Is On The Rise This Year

It's tax season, and if you're like many people, you make use of one of the numerous e-file platforms offered by TurboTax, TaxAct, and similar companies. Unfortunately, tax season also presents a tremendous opportunity for hackers. So much that the IRS has issued a formal warning to accountants and taxpayers alike, urging them to enable two-factor authentication to minimize the risk of identity theft.

The IRS warning grew out of the fact that over the last few weeks, they received dozens of reports from accountants around the country about data theft.

If you use a third-party, online tax service like the ones we mentioned above, it pays to heed the IRS' warning and enable 2FA on your account. That is, in order to provide better security and minimize the risk that your tax account could be hacked. If it is hacked, it will give hackers access to everything they need to steal your identity and make your life miserable for months, and possibly years to come.

If you have an accountant who handles your taxes for you, then it pays to at least have the conversation and find out what they're doing and how they're filing your taxes for you. You should find out if/when/where e-filing enters into the equation to be sure they're using 2FA as well to better protect your data. If they're not, it's a serious enough issue that it may be worth considering switching to someone who takes security more seriously.

Since 2015, the IRS has been working with Security Summit Partners, which is a cooperative agency that includes state tax agencies, tax preparation firms, software developers, payroll processors and banks. The purpose of the collaboration with the group is to ensure that multi-factor authentication features are widely available to everyone in the tax and tax preparation business.

Unfortunately, availability does not always translate into adoption. Either way, kudos to the IRS for being proactive and doing all they can to help protect taxpayers from opportunists. Long story short: If you're filing your taxes digitally, or someone's doing that for you, make sure 2FA is enabled.

Take the proactive approach when it comes to keeping your business and client information safe and secure from thieves, hackers, scammers, and other types of online threats. Call SpartanTec, Inc. now and let our team of IT experts help you. 


SpartanTec, Inc.
Greenville, SC 29601
(864) 326-5914
https://spartantec-greenville.business.site/
Cities Served
Greenville, Spartansburg, Mauldin, East Park, Overbrook, West Greenville, Greer