Rather than to bombard our posts with security alerts(which is an inevitability), I’d like to focus users’ attention towards the age-old Holiday scams that are emerging like clockwork this time of year. For example, fake invoices are being sent out from various companies such as Apple and Amazon.com, with what looks like a receipt for something you didn’t purchase. The E-mail itself has the companies’ respective logos, making it more difficult to decipher. Extenuated by the fact that there are links labeled “View/Download” and “Not Your Order”, which both redirect you to downloads for infection, these sorts of breaches are sometimes difficult to catch.
The best defense requires you and your company standardizing the procedure should anything like this happen to you. Consider any E-mails which indicate you’ve made a purchase that you know you didn’t as suspect, and contact that business directly on the phone. I cannot emphasize this enough— Dealing with account payments through E-mail is a high risk undertaking, even with a secure network. At any given time, your network is constantly being hit with millions of packets of information, both malicious(network sniffers) and benign(your bluetooth smartphone) . Malware developers are also using creative innuendo to fool a user into mistakenly allowing malicious content to download on the internet and through deceptive E-mail links/downloads. Information is a profitable business these days, as proven by hackers currently selling ‘kits’- the software that can run routines to steal your bank account information, for example. Malicious traffic far exceeds what can reasonably be contained, stressing the need for consumers and business to make smarter choices.
While there is convenience with online banking, for example, this sort of automated payment/statement process sometimes softens our vision causing us to mistakenly open an Email based on name recognition. We see an error message instructing you to press a button labeled ‘scan now with Windows Antivirus 2012’ and most of us will not think twice and press the button. But do you ever recall downloading a Windows Antivirus 2012? As a matter of fact, Windows Antivirus 2012 is a long-standing malware infection that routinely brings computers grinding to a halt by locking the user out of it until it pays for the ‘software’, which is the actual virus. This are simple ploys to bait victims into a ransom situation. By standardizing a method in which your company and its employees perform a little investigation into the charge, rather than clicking on it to direct them to a quick fix, you can avoid this sort of complication. You can a technical breakdown of this particular exploit here. Secure The World can assess your business’ setup and recommend a rubric for your employees to follow and sideskirt the ills of hackers, through the synergy of Social IT.