Tag

phishing Archives - Page 2 of 2 - thinkCSC

Jun 16
0

The Argument for Endpoint Security

By | Communication Security, Data Security, Email Security

endpoint securityAn organization is only as secure as its weakest access point, and certain endpoints – smartphones, laptops, and other portable devices that are often connected to public WiFi hotspots or are apt to be lost – are a weak spot for most organizations.

Endpoints are an easy target. Endpoint security is designed to thwart the most common risks these devices present, by detecting and blocking malware, as well as reducing vulnerabilities while ensuring a sensible balance between protection and user access.

Does Your Organization Need Endpoint Security?

Does your company use mobile devices? Do your employees have the ability to take these devices offsite and off-network? Would a data breach cost you customers, downtime, or lost business? If you answer yes to any of these questions, then endpoint security is something your organization should consider.

Endpoint Security and Phishing Scams

Email security is a challenge for every organization. Your employees, whose split-second decision to click on a link or open a file puts you at risk – are part of the solution. But can endpoint security help you prevent phishing attacks? As part of an overall strategy to implement multiple layers of security designed to block as much malware as possible, endpoint security can work at the device level by:

  • Requiring security and monitoring software that can detect rapid file encryption, even on employee-owned devices used for work
  • Making sure all operating systems used on devices are fully patched and up to date
  • Whitelisting apps
  • Implementing analytics that rapidly detect and block threats

Threats from phishing emails and malware, such as ransomware, worms, and bots, are a constant threat. Proactive measures must be taken to prevent existing and emerging threats, not just on your network and servers but at every point of access as well as through employee training and consistent reinforcement.

As cybersecurity remains a top concern for business leaders in every industry, taking the necessary steps to protect your organization becomes a high priority. Minimizing your risk is easier when you partner with a trusted managed IT service provider who partners with your organization, understands your needs, and provides customized solutions to ensure that you have the protection you need. thinkCSC is committed to helping you find the most economical solutions to meet their needs. For more information, contact us today.

Jan 06
0

Avoid Devastating Security Breaches with Sender Policy Framework

By | Communication Security

Over the last year we’ve seen a significant increase in the volume of “spoofed” email, where the sender of the email appears to be internal to the company, attempting to trick the recipient into initiating an action that appears to be legitimately requested, such as a wire transfer or the opening of an attachment that enables ransomware. These emails can be very deceptive. Often, company executives are impersonated, and emails are sent to people within the organization who would typically be involved in such transactions. While there is no foolproof way of stopping these messages – and the best line of defense, of course, is a well-trained staff who reacts with caution before opening attachments or sending money – we do recommend implementing Sender Policy Framework (SPF) technology to help prevent the spoofed emails from even reaching their destinations. 

Sender Policy Framework 

Sender Policy Framework is a technology used to establish approved email systems for a domain. To implement SPF, thinkCSC creates a special DNS record that identifies which servers are allowed to send email for your domain. This record is then read by supported mail systems and processed according to their configured policies. In other words, we create a special code that tells the email provider which messages are legitimate email, allowing the provider to better detect spoof messages and mark them as spam. Most major mail providers now factor SPF evaluation into their overall scoring mechanism for determining whether a message should be delivered or marked as spam, and some mail providers will automatically junk messages that fail an SPF evaluation. While this technique does not ensure that spoofed message will always be considered spam, it does increase the likelihood considerably.

In order to successfully implement an SPF record, it’s critical to identify all of the mail servers and third-party services that could be used to send email on behalf of a domain, including the email provider, company websites, relays, third-party SaaS tools (like CRM), and marketing software that sends emails on behalf of the organization. Once these are identified, thinkCSC will create the DNS record, test and validate email flow from known senders, and update the SPF record as needed.

If you have been the victim of phishing emails or would like to learn how to protect your organization from sender address forgeries, contact thinkCSC for more information.

Apr 08
0

Phishing Takes Advantage of Your Weakest Security Link

By | Data Security

phishing2Phishing is one of the most insidious data security threats to an individual and a business, taking advantage of your weakest security link: people. Phishing is the attempt to obtain personal and business security information by pretending to be a legitimate email communication from a trusted source.

Here’s a recent example of just such a communication that came in to our lead network engineer, Henry:

From: Apple Global Service Exchange <gsx_reply@apple.com>
Date: March 16, 2015 at 6:15:16 PM EDT
To: Undisclosed recipients:;
Subject: Your GSX account need update.

phishing

On the surface, the email looks legitimate and might immediately cause alarm to the recipient. But were you to click on “check your account,” the link would not take you to Apple; instead, it would take you to laflores.net, a website that looks like an exact replica of the Apple sign-in page. Had Henry fallen for the email and entered his information, laflores.net would have his Apple ID, access to whatever account information he had stored there, and possibly enough information to do real harm.

This is an example of a classic phishing attempt. From fake GSX requests to warnings from your bank that your account has been compromised, thereby encouraging you to log in and change your password, every individual who is duped into responding to one of these messages is putting personal and company information at harm.

How Can Your Business Protect Itself from Phishing?

The most important step you can take to protect yourself from phishing, or any cyber-attack, is to have the best network security and enterprise threat detection available. But as you can see from the email that Henry received, phishing emails are still going to reach your employees, so the other effort business leaders must make to protect themselves is to train employees to recognize and reject these emails.

Anti-Phishing Guide

Cybercriminals are insidious and will prey on fear. While emails are most common, pop-up messages warning you that something is wrong will also be used to create enough fear to get someone to click on the links. Some cybercriminals will even phone you to perpetrate the scam.

Teach your employees to watch for these indications of email phishing:

  • The email may not address you personally or refer to your specific user name.
  • The link will look legitimate on the surface but the url will go somewhere other than the company marketed. Hover over the link (without clicking) to see the actual URL. The link may even be very similar to the actual company URL, so be cautious. Rather than click the link, open a new browser and manually type in the actual link of the website in question if you need to check your account status.
  • Many phishing emails will contain syntax or grammar errors. They may have spelling mistakes. If you look closely at the sample above, you’ll see the grammar is off and there are punctuation errors. A professional organization would not send something like this.
  • The email may have a threatening overtone, making it seem that urgent action is required to protect your account.
  • Cybercriminals may even call, pretending to represent the company in question, then ask you for personal information in order to access your account. Most legitimate companies will not make outgoing calls to solicit this information. Hang up and call back to the company’s legitimate support number to verify.

Humans are easy targets because our emotions can be manipulated. A level of skepticism is required in order to keep your personal and business security intact. When in doubt:

  • Don’t click a link
  • Don’t open a file
  • Don’t provide personal information
  • Don’t download anything from unknown sources

Feel free to use this guide with your employees. If you are concerned about your business network security, contact thinkCSC to learn more.