Beware of COVID-19 Vaccine Related Hacking Tactics

Beware of COVID-19 Vaccine Related Hacking Tactics

The COVID-19 outbreak has provided cybercriminals with plenty of material to attract new victims. News headlines have changed with the progression of the pandemic and people are naturally drawn to COVID-19 related headlines. The latest of these is around news about the vaccine.

Cybercriminals often use headlines from current events to trick people into clicking on a link or opening an email attachment. Links can lead to websites that spread malware that can allow access to unauthorized users. Infected attachments can install malware that can also allow access or launch cyber-attacks like ransomware.

Will My Anti-Virus Program Block These Attacks?

One common misconception is that if you have an anti-virus program installed on your computer, you are safe from attacks. Anti-virus software is still an important security layer that every computer should have, but there are many factors to why it may not stop all threats.

Cybercrime is often conducted by organized crime rings, nation-states, and other groups. It can be a lucrative business, and these groups are often well funded and employ skilled hackers to continually develop new malware. Many new versions of malware will go undetected by anti-virus programs until the malware is discovered and the anti-virus program is updated.

It is very much like COVID-19. It took a while to develop a vaccine, and it will take a while to get everyone vaccinated. Fortunately, in the cyber world, the vaccine for new viruses and other malware comes out quickly and can be delivered in an instant through an update. This is one reason why updates are so important. If your anti-virus software is not up-to-date, it could be susceptible to a new virus or other malware.

Other Tactics that Anti-Virus Software May Not Catch

In recent years, hackers have been using a strategy to steal login credentials (user names and passwords). A phishing email used for this purpose often explains that an attachment is a “secure” document. A login screen that mimics a popular login window like Microsoft or Google appears when you open the attachment. The thief steals the login information and gains access to the account when the credentials are entered.

The hacker then uses that email account to redirect payments or further spread the attack to all the contacts available. Anti-virus programs often will miss this type of attack because no malware exists in the attachment.

The crooks will also clean up any evidence of their activity by deleting sent emails and redirecting responses to the junk folder. This method allows the crook to act as you via email and can go undetected for a long time.

Imagine if you received an email that appeared to come from the CDC, your County Health Department, or other trusted source of health information. There is an attachment that the email describes as your application to sign up for the COVID-19 vaccine. Would you open it? If you do without determining if it is legitimate or not, you could fall victim to a cyber attack.

How do I protect myself against these attacks?

Do not rely completely on anti-virus, spam filtering, or other security products to completely guard your safety online. You are often the last line of defense against attacks that use email to target their victims.

Be very cautious of any email that contains links or attachments. If you receive one, confirm with the sender that they sent it and what it contains. Do not do this via email because you could be conversing with a hacker who has hi-jacked the account. Instead, call them on the phone to verify the email or simply delete it. It is better to assume the worst until you know for certain that an email came from a trusted source.

Lastly, be aware that cybercriminals will try to manipulate your actions by adding urgency or using subject lines that stir your emotions. Millions of times each day, hackers are sending phishing emails containing words like COVID-19, coronavirus, or vaccine to take advantage of people’s concerns.

Dave HansenBeware of COVID-19 Vaccine Related Hacking Tactics
read more
Confusion over Internet Speeds

Confusion over Internet Speeds

How to choose the right internet plan for your needs.

Internet Service Providers (or ISPs) love to use buzz words to boast about the service they provide. Nearly every ISP that promotes their services will mention the fastest internet speed that they offer. You will often hear an advertisement for “Gig” speed, but what does that really mean?

“Gig” speed is most often referring to the internet service having the ability to transfer one gigabit of information per second through a connection with the internet. This could be a movie streaming to a smart TV or a computer file being sent to a cloud-based program. (If you are unsure of what “The Cloud” means, here is a good article and video that explains it well.)

This concept of sending and receiving is important when considering internet speeds. Streaming video on a computer or TV is an example of receiving data. The speed provided by an ISP to accommodate this activity is called download speed. Sending data to the cloud would therefore be using the upload speed. Knowing the difference and considering your specific needs for internet service is important in choosing the right plan.

Speed versus Bandwidth

You have likely heard the term “internet bandwidth” and perhaps it thought it was different than “internet speed.” Bandwidth actually is a more accurate term than speed when describing the rate the data travels to and from the internet. For example, think of data files like a car travelling down a highway. If you have five files that are one megabit in size travelling down a one-lane highway at a speed of one megabit per second, it would take five seconds for them to make their trip from a computer to the cloud. Take those same five files travelling down a five-lane highway at the same speed and they would arrive in one second.

Internet speeds or bandwidth describe the capacity of the connection to transfer data. It does not turbo charge your data to travel faster as much of the advertising would lead you to believe.

Understanding Upload and Download Speeds

Many internet providers will promote the fastest speed (bandwidth) they offer, but there is often much more to consider beyond this rating. For instance, one ISP may offer “Gig” speeds, but only on downloads. This service may be excellent for home use to do things like stream video, stream music, browse websites, etc. However, this same service may include uploads speeds of only 30 Mbps (Megabits per second). There are eight Megabits in one Megabyte, so with this speed, you could upload 3.5 Megabytes per second.

This limited upload speed causes problems for businesses that use the cloud extensively. For instance, if your business has a marketing department that creates high-definition videos for use in a cloud-based software application like Adobe Premier, slow upload speeds will create big problems for you. One hi-def video could be several gigabytes in size. Moving it from a computer in your office to the cloud would use all of your upload bandwidth for a long time on that 30 Mbps connection. Other connections and upload activity, like sending emails, could be nearly ground to a halt.

Physical connection type

The physical means of how your internet connection is also important. Legacy internet providers may still be delivering the signal through copper wires called coaxial cable. This cable is the same type used when cable TV was first delivered to homes in the late 70s and early 80s.

Fiber connections provide much greater bandwidth and can also be private. Private fiber means that no other internet traffic will travel on the strand of fiber besides what the customer uses. This is a huge advantage over a copper connection because it eliminates peak usage times that can slow traffic down. Have you ever noticed that you internet slows down about the time kids are getting home from school? All that streaming and online gaming can really choke a limited internet connection.

If fiber is available for your business, I highly recommend it. Fiber connections generally offer symmetrical connections. Symmetrical connections simply mean that the bandwidth is equal for both upload and download. The cost will be a little more but the benefit of time savings will pay off for you.

Other connection types are available but none measure up to the bandwidth and reliability of a fiber connection. However, 5G wireless could possibly change that once it becomes more widely available. 5G wireless is expected to eventually be able to provide speeds of as high as 10 Gbps.

Don’t forget the other factors

Internet speed is important for sure, but the actual bandwidth you achieve can be impacted by many other factors. Old network wiring, for instance, can choke your connection speed considerably. Many other factors can impact speeds too. Outdated wifi access points, routers, older network switches, and other factors can cause slower speeds.

Check your connection speed using a speed test from a website like Ookla from various devices in your business to help isolate speed issues. If you cannot determine why you are not achieving the speeds you expect, have your internet service provider test their equipment. If they prove that are providing the speeds they promised, the problem is likely somewhere else on your network. Contact an IT services company to help you determine the problems and develop a plan to solve them.

Dave HansenConfusion over Internet Speeds
read more
Email Account Hi-Jacking on the Rise

Email Account Hi-Jacking on the Rise

It should be noted that while this article is focused on hi-jacking email accounts on Microsoft 365 for business email accounts. The same could apply to any cloud-hosted email service such as Gmail, Yahoo, Live, etc. 

A hi-jacked business email account can be a very valuable tool for a cybercriminal.  Once they have access to a business email account, there are several tactics they may employ. They may attempt to steal data, gain access to additional email accounts, or even trick someone into wiring money to their bank account.  This has long been a strategy of cybercriminals and there has been an increase in this approach recently.

Hosted email from Microsoft 365 (formerly called Office 365) has grown rapidly in popularity over the past few years. Many companies have moved to it from other email solutions.  The benefits of Microsoft 365 can be very attractive because most subscriptions include additional useful applications. Microsoft Teams, for instance, offers video conferencing, virtual meetings, and other communications technologies. OneDrive for cloud storage and file sharing among other great features.  Microsoft 365 is a cloud-based service so it can also reduce the cost of expensive hardware to a business.

Despite all the benefits of using Microsoft 365, there are new risks that arise.  Being a cloud-based product means it could be accessed from anywhere in the world via the internet.  This fact, along with its widespread use by businesses, makes it a prime target for cyber-criminals.

How do criminals hi-jack an email account?

There are countless tactics that a hacker could use to steal login credentials to a cloud-based email account.  One approach that our company has witnessed is through phishing emails that contain an attachment.  The message in the email explains that the attachment is confidential and had to be sent in this manner to keep it secure.  When the recipient attempts to open the attachment, they are required to login to the Microsoft 365 account.  This is a clever strategy because many businesses send secure, encrypted emails that require a login of some sort to retrieve the message.

The trick in this case, however, is that when the user enters their Microsoft 365 login credentials, nothing appears to happen.  The attachment doesn’t open, and nothing seems to change.  What they often don’t realize is that a hacker has just captured the login information to their email account.  With this information, they can log in to the account and use it for their own devious purposes. 

How could a criminal use a hi-jacked email account?

There are many possible ways for a criminal to benefit from having access to someone’s email account.  If they are attempting to collect passwords for as many email accounts as possible, it is likely they are stealing them for resale on the dark web.  Anyone can go on the dark web to purchase stolen login information to use however they choose.  It is illegal, but also very difficult to trace any transactions that occur there.

A skilled criminal can do a lot of damage when they control a legitimate email account.  For instance, if they have control over the email account of a person in a company’s accounting department, they could convince someone to direct receivables to a “new” account.  The criminal could set up this account to steal payments from the business.  This type of communication could seem routine to the recipient if the business is regularly processing invoices and receiving payments in this manner. This ultimately increases the likelihood of a successful theft.

Consider what someone with bad intentions could do if they had access to your email account.  That person can act as you through email.  The crook could send requests for money to be wired to an account, send offensive or inappropriate emails to your important contacts, or even use the account to trick others into providing their login or other private information. 

Shouldn’t my SPAM filter be catching these?

You may wonder why an email designed to steal email login credentials can get through a SPAM filter.  The answer is generally quite simple.  These emails almost always come from a hi-jacked email account.  This account has had communications with your email account in the past which is how you received the email in the first place.

SPAM filters are designed to look for email that is coming from a server or servers that blast out masses of email.  Today’s technology generally does a great job of filtering out these emails.  As a matter of fact, it is common for an established email account with a SPAM filter to receive hundreds or even thousands of SPAM messages per day that never reach the user.  They are so obviously SPAM that the filter simply blocks them from reaching their intended recipient.  Reducing the mass of email clutter is truly the primary function of a SPAM filter.

A SPAM filter, however, will not catch all phishing emails. Spear-phishing email, for instance, is targeted at specific individuals and is often not caught by SPAM filters.  With spear-phishing, the criminal is attempting to trick an individual into doing something they want.  When the spear-phishing email comes from an email address that has had previous communications, and it does not contain anything malicious like a virus, even the most robust email filters will likely not block it.

How to prevent email hi-jacking crimes

Many of us rely heavily on email communication which leaves us with a greater trust for communicating this way.  When an email comes from a familiar email address, particularly if it is from a trusted colleague, friend, or even an authority figure, we tend not to be suspicious of it.  However, developing a couple of habits for email security can go a long way towards preventing these crimes.

Always be cautious when receiving an unexpected email with an attachment or link contained in the message.  If you receive an unexpected email containing a link or with an attachment, call, text, or ask in person who sent it before clicking on anything.  Remember, even if it is coming from a familiar email address doesn’t mean that person sent it to you.  Just be sure that you don’t simply reply to the email to ask about it. You could be conversing with the criminal who is attempting to trick you.

Question the legitimacy of any email that is requesting that you act on something or do something.  In particular, be cautious when an email is requesting that you make a financial transaction or share sensitive information. Once again, confirm with the apparent sender via call, text, or in-person that they are indeed making the request before acting.

Multi-factor Authentication

Lastly, if your email service offers multi-factor authentication, I highly suggest implementing it.  Multi-factor authentication adds a layer of security to a traditional login where a username or email address along with a password are all it takes to gain access to the email account. 

Multi-factor authentication requires the user to enter a code after providing valid login information.  The code can be sent to a cell phone or it could be generated by an app on a smartphone.  Either method requires the person to know the valid login credentials and to possess the device that generates the code.  This security strategy makes stolen login credentials useless without access to the user’s cell phone.

Dave HansenEmail Account Hi-Jacking on the Rise
read more
Business Risk of Cybercrime

Business Risk of Cybercrime

Understanding the threat of cybercrime against your business.

Business leaders clearly understand that many risks exist that may threaten the success of their business. Things like physical theft, lawsuits from customers or employees, damage from weather-related events, and a host of other things can cost money or damage your reputation.

Dave HansenBusiness Risk of Cybercrime
read more
Building a culture of information security

Building a culture of information security

How to create a data security policy for your company and get your staff to embrace it.

Do you know what data you have stored on your business network? Do you store sensitive information like credit card numbers, social security numbers, bank account numbers, personal information about your staff, or even trade secrets?

Dave HansenBuilding a culture of information security
read more
Credential Stuffing Attack Prevention

Credential Stuffing Attack Prevention

Reusing passwords on multiple logins lead to this cyber attack.

Cybercriminals use stolen login credentials (username and password) in an attempt to log in to other websites in a hacking strategy called credential stuffing. Hackers used this tactic to reveal over 500,000 sets of valid login credentials to Zoom recently. So what can be done to increase credential stuffing attack prevention?

Dave HansenCredential Stuffing Attack Prevention
read more
Password Management for Small Business

Password Management for Small Business

Why do I need a password manager?

Passwords are often the last line of defense against criminals gaining access to your applications and information.  Making them long and complex will go a long way towards being secure.  Unfortunately, long complex passwords are hard to remember.  Password management for small business provides a simple solution for securing your critical information.

Dave HansenPassword Management for Small Business
read more
HIPPA Fines for Small Businesses

HIPPA Fines for Small Businesses

Single doctor practice fined $100,000 for violations. 

A gastroenterology practice in Utah reached a settlement of $100,000 last week for failing to ever conduct a risk analysis. In a statement issued by the Office for Civil Rights (OCR), Steven A. Porter, M.D., has agreed to pay the $100,000 settlement and adopt a plan for corrective action. Unfortunately, this type of HIPAA fine is avoidable with appropriate steps.

Dave HansenHIPPA Fines for Small Businesses
read more
Cloud Storage Options with Microsoft OneDrive

Cloud Storage Options with Microsoft OneDrive

Part 1 of 2

Most of us use some sort of cloud storage service like Google Drive, DropBox or OneDrive. Perhaps you just use a cloud photo storage service like IDrive or Amazon Drive. Most have come to understand the benefits of having our files saved in the cloud. It allows us access to our stuff from anywhere we can connect to the internet. But have you really looked at the benefits of Microsoft OneDrive?

Dave HansenCloud Storage Options with Microsoft OneDrive
read more
Cloud Storage Options with Microsoft OneDrive

Cloud Storage Options with Microsoft OneDrive

Part 2 of 2

I suggest that you read part 1 before jumping into this post, particularly if you are new to OneDrive. In part 2, we’ll dig a little deeper into some of the tips and tricks for OneDrive like sharing files and recovering previous versions of files.

Dave HansenCloud Storage Options with Microsoft OneDrive
read more