RSS Feed
News
Feb
12
Tips from Virsage: Am I Hacked? - February 2019
Posted by Andrea Montgomery on 12 February 2019 01:25 PM

Tips from Virsage: Am I Hacked?

February 2018




Am I Hacked?

Just like driving a car, sooner or later you may have an accident no matter how secure you are. Below are clues to help figure out if you have been hacked and, if so, what to do. The sooner you identify something bad has happened, the more likely you can fix the problem.

Clues You Have Been Hacked

  • Your anti-virus program generates an alert that your system is infected. Make sure it is your anti-virus software generating the alert, and not a pop-up window from a website trying to fool you into calling a number or installing something else. Not sure? Open your anti-virus program.
  • You get a pop-up window saying your computer has been encrypted and you have to pay a ransom to get your files back.
  • Your browser is taking you to all sorts of websites that you did not want to go to.
  • Your computer or applications are constantly crashing or there are icons for unknown apps or strange windows popping up.
  • Your password no longer works even though you know it is correct.
  • Friends ask you why you are spamming them with emails that you know you never sent.
  • There are charges to your credit card or withdrawals from your bank account you never made.

How to Respond

If you suspect you have been hacked, the sooner you act the better. If the hack is work related, do not try to fix the problem yourself; instead, report it immediately. If it is a personal system or account that has been hacked, here are some steps you can take:

  • ***NOTIFY your IT Provider Virsage at support@virsage.com ***
  • Change Your Passwords: This includes not only changing the passwords on your computers and mobile devices, but for your online accounts. Do not use the hacked computer to change your passwords; use a different system that you know is secure. If you have a lot of accounts, start with the most important ones first. Can’t keep track of all your passwords? Use a password manager.
  • Financial: For issues with your credit card or any financial accounts, call your bank or credit card company right away. Use a trusted phone number to call them, such as from the back of your bank card, your financial statements, or visit their website from a trusted computer. In addition, consider putting a credit freeze on your credit files.
  • Anti-virus: If your anti-virus software informs you of an infected file, follow the actions it recommends. Most anti-virus software will have links you can follow to learn more about the specific infection.
  • Reinstalling: If you are unable to fix an infected computer or you want to be surer your system is safe, reinstall the operating system. Do not reinstall from backups; instead, backups should only be used for recovering your personal files. If you feel uncomfortable rebuilding, consider using a professional service to help you. Or, if your computer or device is old, it may be easier to purchase a new one. Finally, once you have rebuilt your system or purchased a new one, make sure it is updated and enable automatic updating whenever possible.
  • Backups: A key step to protecting yourself is to prepare ahead of time with regular backups. Many solutions will automatically back up your files daily or hourly. Regardless of which solution you use, periodically check that you are able to restore those files. Quite often, recovering your data backups is the only way you can recover from being hacked.
  • Law Enforcement: If you feel in any way threatened, report the incident to local law enforcement. If you are the victim of identity theft and are based in the United States, then visit https://www.identitytheft.gov.

Subscribe to OUCH! and receive the latest security tips in your email every month.

Resources

Backups

Passphrases 

Password Managers 

What Is Malware

Credit Freeze

OUCH! is published by SANS Security Awareness and is distributed under the Creative Commons BY-NC-ND 4.0 license. You are free to share or distribute this newsletter as long as you do not sell or modify it. Editorial Board: Walt Scrivens, Phil Hoffman, Alan Waggoner, Cheryl Conley

Find this article online:   https://www.sans.org/security-awareness-training/resources/am-i-hacked




Read more »



Jan
8
Tips from Virsage: Yes, You Are a Target - January 2019
Posted by Andrea Montgomery on 08 January 2019 10:21 AM

Tips from Virsage: Yes, You Are a Target

 January 2019 

 

Yes, You Are a Target 

Overview

Many people mistakenly believe they are not a target for cyber attackers: that they, their systems, or accounts do not have any value. This could not be further from the truth. If you use technology in anyway, at work or at home, trust us - you have value to the bad guys. But, you are in luck. You already have the best defense there is against these cyber attacks - you.

Why You Are a Target

There are lots of different cyber attackers on the Internet today, and they all have different motivations. So why would any of them want to attack you? Because by hacking you they help achieve their goal. Here are two common examples of cyber attackers and why they would target you.

Cyber Criminals: These guys are out to make as much money as possible. What makes the Internet so valuable to them is they can now easily target everyone in the world with just the push of a button. And there are A LOT of ways they can make money from you. Examples include stealing money from your bank or retirement accounts, creating a credit card in your name and sending you the bill, using your computer to hack other people, or hacking your social media or gaming accounts and selling them to other criminals. The list is almost endless how bad guys can make money off you. There are hundreds of thousands of these bad guys who wake up each morning with the goal of hacking as many people as possible every single day, including you.

Targeted Attackers: These are highly trained cyber attackers, often working for governments, criminal syndicates, or competitors targeting you at work. You may feel your job would not attract much attention, but you would be very surprised.

  • The information you handle at work has tremendous value to different companies or governments.
  • Targeted attackers may target you at work not because they want to hack you, but to use you to hack one of
  • your co-workers or other systems.
  • These types of attackers may target you at work because of what other companies you work or partner with.

I Have Anti-Virus, I’m Safe

Okay, so I’m a target, not a problem. I’ll just install anti-virus and a firewall on my computer and I’m protected, right? Well unfortunately, no. Many people feel if they install some security tools then they are secure. Unfortunately, that is not entirely true. Cyber attackers continue to get better and better, and many of their attack methods now easily bypass security technologies. For example, they often create special malware that your antivirus cannot detect. They bypass your email filters with a customized phishing attack or call you on the phone and trick or scam you out of your credit card, money, or password. Technology plays an important role in protecting you, but ultimately you are the best defense.

Fortunately, being secure is not that hard; ultimately common sense and some basic behaviors are your best defense. If you get an email, message, or phone call that is extremely urgent, odd, or suspicious, it may be an attack. To ensure your computers and devices are secure, keep them current and enable automatic updating. Finally, use a strong, unique passphrase for each of your accounts. Staying cyber-aware is ultimately your best defense. Not sure where to start? Consider subscribing to the monthly OUCH! newsletter at sans.org/ouch.

Subscribe to OUCH! and receive the latest security tips in your email every month.

Resources

Stop That Malware
Social Engineering
Phone Call Scams
Passphrases
Poster - You Are a Target

OUCH! is published by SANS Security Awareness and is distributed under the Creative Commons BY-NC-ND 4.0 license. You are free to share or distribute this newsletter as long as you do not sell or modify it. Editorial Board: Walt Scrivens, Phil Hoffman, Alan Waggoner, Cheryl Conley

 

Find this article online:  https://www.sans.org/security-awareness-training/resources/yes-you-are-target


Read more »



Jan
8
Tips from Virsage: Shopping Online Securely - December 2018
Posted by Andrea Montgomery on 08 January 2019 10:20 AM

Tips from Virsage: Shopping Online Securely

 December 2018

 

Overview

The holiday season is nearing for many of us, and soon millions of people around the world will be looking to buy the perfect gifts. Many of us will choose to shop online in search of great deals and to avoid long lines and impatient crowds. Unfortunately, this is also the time of year many cyber criminals create fake shopping websites to scam and steal from others. Below, we explain the risks of shopping online and how to get that amazing deal safely.

Fake Online Stores

While many online stores are legitimate, there are some fake websites set up by cyber criminals. Criminals create these fake websites by replicating the look of real sites or using the names of well-known stores or brands. They then use these fraudulent websites to prey on people who are looking for the best deal possible. When you search online for the absolute lowest prices, you may find yourself directed to one of these fake websites. When selecting a website to make a purchase, be wary of websites advertising prices dramatically cheaper than anywhere else or offering products that are sold out nationwide. The reason their products are so cheap or available is because what you will receive is not legitimate, may be counterfeit or stolen, or may never even be delivered. Protect yourself by doing the following:

•  When possible, purchase from websites that you already know, trust, and have done business with previously.

  • Verify the website has a legitimate mailing address and a phone number for sales or support-related questions. If the site looks suspicious, call and speak to a human. If you can’t get a hold of someone to talk to, that is the first big sign you are dealing with a fake website.
  • Look for obvious warning signs, like deals that are obviously too good to be true or poor grammar and spelling.
  • Be very suspicious if a website appears to be an exact replica of a well-known website you have used in the past, but its domain name or the name of the store is slightly different. For example, you may be used to shopping online at Amazon, whose website is https://www.amazon.com. But be very suspicious if you find yourself at websites pretending to be Amazon, such as http://store-amazoncom.com.
  • Type the store’s name or URL into a search engine and see what other people have said about the website in the past. Look for terms like “fraud,” “scam,” “never again,” or “fake.” A lack of reviews can also be a sign indicating that the website is very new and might not be trustworthy.
  • Before purchasing any items, make sure your connection to the website is encrypted. Most browsers show a connection is encrypted by having a lock and/or the letters HTTPS in green right before the website’s name.

Remember, just because the site looks professional does not mean it’s legitimate. If you aren’t comfortable with the website, don’t use it. Instead, find a well-known website you can trust or have safely used in the past. You may not find that absolutely amazing deal, but you are much more likely to end up with a legitimate product and avoid having your personal and financial data stolen.

Your Computer/Mobile Device

In addition to shopping at legitimate websites, you want to ensure your computer or mobile device is secure. Cyber criminals will try to infect your devices so they can harvest your bank accounts, credit card information, and passwords. Take the following steps to keep your devices secured:

  • If you have children in your house, consider having two devices, one for your kids and one for the adults. Kids are curious and interactive with technology; as a result, they are more likely to infect their own device. By using a separate computer or tablet just for online transactions, such as online banking and shopping, you reduce the chance of becoming infected.
  • Always install the latest updates and run up-to-date anti-virus software. This makes it much harder for a cyber criminal to infect your device.

Your Credit Card

Regularly review your credit card statements to identify suspicious charges, especially after you used your cards to make many online purchases or used a new site. Some credit card providers give you the option of notifying you by email or text messages every time a charge is made to your card or when charges exceed a set amount. Another option is to have one credit card just for online purchases. That way, if it is compromised, you can easily change the card without impacting any of your other payment activities. If you believe fraud has been committed, call your credit card company right away. This is also why you want to use credit cards for all online purchases and avoid using debit cards whenever possible. Debit cards take money directly from your bank account, so if fraud has been committed, it can be far more difficult to get your money back.  Finally, consider using credit cards that generate a unique card number for every online purchase, gift cards, or well-known payment services, such as PayPal, which do not require you to disclose your credit card number to the vendor.

License

OUCH! newsletter is under the Creative Commons license.  You are free to share / distribute it but may not sell or modify it.

This Newsletter can be found online at:  https://www.sans.org/security-awareness-training/resources/shopping-online-securely


Read more »



Nov
13
Tips from Virsage: Phone Call Attacks and Scams - November 2018
Posted by Andrea Montgomery on 13 November 2018 10:21 AM

Tips from Virsage: Phone call Attacks and Scams

 

November 2018

Phone Call Attacks & Scams

Overview

When you think of cyber criminals, you probably think of an evil mastermind sitting behind a computer launching sophisticated attacks over the Internet. While many of today’s cyber criminals do use technologies like email or instant messaging, bad guys are also using the phone to trick their victims. There are two big advantages to using a phone. First, unlike email, there are fewer security technologies that monitor phone calls and can detect and stop an attack. Second, it is much easier for bad guys to convey emotion over the phone, which makes it more likely they can trick their victims. Let’s learn how to spot and stop these attacks.

How do Phone Call Attacks Work?

First, you have to understand what these attackers are after. They usually want your money, information, or access to your computer (or all three). They do this by tricking you into doing what they want. The bad guys call people around the world, creating situations that seem very urgent. They want to get you off-balance by scaring you, so you won’t think clearly, and then rush you into making a mistake. Some of the most common examples include:

  • The caller pretends that they are from a government tax department or a tax collection service and that you have unpaid taxes. They explain that if you don’t pay your taxes right away you will go to jail. They then pressure you to pay your taxes with your credit card over the phone. This is a scam. Many tax departments, including the IRS, never call or email people. All official tax notifications are sent by regular mail.
  • The caller pretends they are Microsoft Tech Support and explain that your computer is infected. Once they convince you that you are infected, they pressure you into buying their software or giving them remote access to your computer. Microsoft will not call you at home.
  • You get an automated voicemail message that your bank account has been canceled, and that you have to call a number to reactivate it. When you call, you get an automated system that asks you to confirm your identity and asks you all sorts of private questions. This is really not your bank, they are simply recording all your information for identity fraud.

Protecting Yourself

The greatest defense you have against phone call attacks is yourself. Keep these things in mind:

  • Anytime anyone calls you and creates a tremendous sense of urgency, pressuring you to do something, be extremely suspicious. Even if the phone call seems OK at first, but then starts to feel strange, you can stop and say no at any time.
  • If you believe a phone call is an attack, simply hang up. If you want to confirm if the phone call was legitimate, go to the organization’s website (such as your bank) and get the customer support phone number and call them directly yourself. That way, you really know you are talking to the real organization.
  • Never trust Caller ID. Bad guys will often spoof the caller number so it looks like it is coming from a legitimate organization or has the same area code as your phone number.
  • Never allow a caller to take temporary control of your computer or trick you into downloading software. This is how bad guys can infect your computer.
  • If a phone call is coming from someone you do not personally know, let the call go directly to voicemail. This way, you can review unknown calls on your own time. Even better, you can enable this by default on many phones with the “Do Not Disturb” feature.

Scams and attacks over the phone are on the rise. You are the best defense you have at detecting and stopping them.

Subscribe to OUCH! and receive the latest security tips in your email every month - www.sans.org/security-awareness/ouch-newsletter.

Guest Editor

Jen Fox provides security awareness, social engineering, and risk assessment services as a Sr. Security Consultant at All Covered. Find Jen on Twitter as @j_fox.

Resources

Consumer Information about Identity, Privacy, & Online Security: https://www.consumer.ftc.gov/topics/privacy-identity-online-security
Report a Phone Scam (in the US):      https://www.ftccomplaintassistant.gov/#crnt
Social Engineering:                              https://www.sans.org/u/Fi5

License

OUCH! is published by SANS Security Awareness and is distributed under the Creative Commons BY-NC-ND 4.0 license. You are free to share or distribute this newsletter as long as you do not sell or modify it. Editorial Board: Walt Scrivens, Phil Hoffman, Cathy Click, Cheryl Conley

 

This Newsletter can be found online at:  https://www.sans.org/security-awareness-training/resources/phone-call-attacks-scams


Read more »



Oct
16
Tips from Virsage: CEO Fraud - October 2018
Posted by Andrea Montgomery on 16 October 2018 12:00 PM

Tips from Virsage: CEO Fraud

 

October 2018

CEO Fraud – What to Watch Out For

What is CEO Fraud/BEC?

Cyber attackers continue to evolve an email attack called CEO Fraud, or Business Email Compromise (BEC). These are targeted email attacks that trick their victim into taking an action they should not take. In most cases, the bad guys are after money. What makes these attacks so dangerous is cyber attackers research their victims before launching their attack. It is also very hard for security technologies to stop these attacks because there are no infected email attachments or malicious links to detect. Here is how the attack works.

The cyber attacker uses the Internet to research their intended victim and people their victim interacts with. For example, if they target you, they would research who your boss is at work or perhaps a real estate agent you are working with from home. The cyber attacker then crafts an email pretending to be one of these people and sends it to you. The email is urgent, requiring you to take an action right away, such as processing an invoice, changing who you make a payment to, or convincing you to reply with sensitive documents. The email works by pressuring you into doing what they want. Here are two examples of how just such an attack could work:

 

Wire Transfer: A cyber criminal is after money. They research the company you work for, such as identifying who works in accounts payable or anyone responsible for transferring funds. The criminals then craft and send an email to these individuals pretending to be their boss or a senior executive. The email tells them there is an emergency and money needs to be transferred right away to a new bank account. The email pressures them into making a mistake, and in reality, they are sending money to the cyber criminal.

Tax Fraud: Cyber criminals are after people’s personal information to use for tax fraud. One of the fastest ways to get this is to steal the information of all the employees at a company. The cyber criminals research and identify who works in Human Resources. They then send fake emails to these individuals, pretending to be a senior executive or someone from legal. The emails create an urgent story, that the tax information on all the employees has to be submitted right away. The people in Human Resources think they are sending the sensitive documents to the senior executive, when they are really sending them to a cyber criminal.

Protecting Yourself

So, what can you do to protect yourself? Common sense is your best defense. Here are the most common clues to look for:

  • The email is very short (often only a couple of sentences), urgent, and the signature says the email was sent from a mobile device.
  • There’s a strong sense of urgency, pressuring you to ignore or bypass your employer’s policies. Always follow work-related policies and procedures, even if the email appears to come from your boss or the CEO.
  • The email is work related but uses a personal email address, such as @gmail.com or @hotmail.com.
  • The email appears to come from a senior leader, coworker, or vendor you know or work with, but the tone of the message does not sound like them.
  • Payment instructions are provided, but these instructions differ from ones you already received, such as requesting immediate payment to a different bank account.

If you suspect you have been targeted at work, stop all interaction with the attacker and report it to your supervisor [and create a new email to send to Virsage at support@virsage.com then attach the suspicious email so that Virsage can review it for validity] . If you have been targeted at home or you have fallen victim and a wire transfer was made, immediately report it to your bank, then to law enforcement.

Subscribe to OUCH! and receive the latest security tips in your email every month - www.sans.org/security-awareness/ouch-newsletter.

OUCH! is published by SANS Security Awareness and is distributed under the Creative Commons BY-NC-ND 4.0 license. You are free to share or distribute this newsletter as long as you do not sell or modify it. Editorial Board: Walt Scrivens, Phil Hoffman, Cathy Click, Cheryl Conley.

 

This Newsletter can be found online at:  https://www.sans.org/security-awareness-training/resources/ceo-fraudbec

 

Resources

Social Engineering

Stop That Phish

Stop That Malware

Lock Down Your Login

OUCH! is published by SANS Security Awareness and is distributed under the Creative Commons BY-NC-ND 4.0 license. You are free to share or distribute this newsletter as long as you do not sell or modify it. Editorial Board: Walt Scrivens, Phil Hoffman, Cathy Click, Cheryl Conley.


Read more »



Sep
12
Tips from Virsage: Lock Down Your Login - September 2018
Posted by Andrea Montgomery on 12 September 2018 01:23 PM

Tips from Virsage: Lock Down Your Login

  

September 2018

 

Lock Down Your Login

The process of authentication, or proving who you are, is key to protecting your information, such as your email, social media, or online banking accounts. You may not realize it, but there are three different ways to prove who you are: what you know, such as a password, what you have, such as your driver’s license, and some part of you, such as your fingerprint. Each one of these methods has advantages and disadvantages. The most common authentication method is passwords, which are something you know. Unfortunately, using passwords just by themselves is proving to be more and more insecure. In this newsletter, we teach you how to protect yourself and lock down your login with something far better than just passwords. It’s called two-factor authentication.

Passwords Are No Longer Enough

Passwords prove who you are based on something you know. But if someone can guess or gain access to your password, they can then pretend to be you and access all of your information. Compromised passwords have become one of the leading causes for hacked accounts. This is why you are taught to use passphrases that are hard for others to guess, a different one for every account, and to never share your passwords with others. While this advice remains valid, passwords are no longer as effective. Luckily, there’s a simple and quick way to put you in control and keep your personal information safe. It’s called two-factor authentication.

What Is Two-Factor Authentication?

Two-factor authentication (also called two-step verification, multi-factor authentication, or 2FA) is far stronger than just using passwords by themselves. It works by requiring not one, but two different methods to prove you are who you say you are. A good example is your ATM card. When you withdraw money from an ATM machine, you are actually using two-factor authentication. To access your cash, you need two things: your ATM card (something you have) and your PIN number (something you know). If your ATM card is lost or stolen, others cannot with draw your money without also knowing your PIN. A thief must have both your ATM card and pin to make a withdrawal. Two-factor authentication uses the same concept.


How It Works

Lock down your login by using two-factor authentication whenever possible. It is one of the strongest steps you can take.

Two-factor authentication is widely available on most major banking, email, social networking, and other sites. In addition, most of these sites offer simple step-by-step instructions how to turn on two-factor authentication. (For more information, see the Resources section at the end of this newsletter.) Once you enable two-factor authentication, you can expect it to work like this. First, you log in to your account using your username and password, just as you always have. This is the first of the two factors--something you know. Then you will receive a unique code, often by text to your smartphone. You then enter that code into the login screen. This is the second of the two factors--you must have your phone to receive that code. Now your account is truly locked down. Even if a cybercriminal steals your password, they cannot access your account unless they also have your phone.

Instead of receiving the unique code via text messaging, you can install a special authentication app on your smartphone. This mobile app generates a unique code for you every time you want to log in. The advantage of using a mobile app is it is even more secure, since the code is generated through the app and not sent via text messaging.  In addition, it is more convenient, since you do not need to be connected to a phone service to receive your unique code. The app is constantly generating new codes you can use to log in to your account.

While two-factor authentication may seem like more work at first, your personal information will be substantially more secure. Don’t wait until your accounts have been hacked; lock down your login by enabling two-factor authentication on your key accounts, such as email, banking, or social media, and enjoy a greater peace of mind knowing you are far more secure.

License

OUCH! newsletter is under the Creative Commons license.  You are free to share / distribute it but may not sell or modify it.

https://www.sans.org/security-awareness-training/ouch-newsletter/2017/lock-down-your-login

  

**Virsage offers multi-factor authentication services.  Let us know if you would like more information by submitting a ticket to support@virsage.com **



Read more »