WHAT IS EMAIL BOMBARDMENT?

-
Image
An email bombing is an attack on your inbox that involves sending massive amounts of messages to it. Sometimes these messages are incomprehensible. But more often, they will be confirmation emails for newsletters and subscriptions. Thus, in the latter case, the attacker uses a script to search for forums and newsletters on the internet. Then they sign up for an account with your email address. Each will send you a confirmation email, asking you to confirm your address. Also, this process is repeated on as many unprotected sites as the script can find. The term Email Bombing or Email Bombing; it can also refer to flooding an email server with too many emails. In an attempt to overwhelm the server and disable it. But that's not the goal here; it would be a challenge to cut down on the modern email accounts used. Meanwhile, Google or Microsoft email servers, anyway. So instead of a denial of service (DOS) attack; against the email servers you are using. Also, the flood of messages...
2 comments

WHAT IS WHALING ATTACK?

-

A whaling attack is a method that cybercriminals use to simulate occupying higher-level positions in an organization and thus directly attack senior executives or other important people within it, in order to steal money, obtain confidential information or gain access to your computer systems for criminal purposes. Whaling, also known as CEO fraud, is similar to phishing in that it uses methods, such as spoofing of websites and emails, to trick the victim into revealing confidential information or making money transfers, among other actions.

 

Whailing attack

Unlike phishing scams (which don't have a specific target) and spear phishing (which target specific people), whaling takes the attack to the next level - it doesn't just target these important people, it also targets them in a way that makes it appear that the fraudulent communications are coming from an influential person or who has a higher level position within the organization. From this strategy comes the name "whaling" - a targeted attack targeting the "big shots" in companies, such as the chief executive officer (CEO) or finance manager. This brings an element of social engineering to the attack, as employees feel compelled to respond to requests from a person they consider important.

The threat is very present today and continues to grow. In 2016, Snapchat's payroll department received a whaling email that appeared to come from its CEO. In it, information on the payroll of employees was requested. Last year, Mattel (one of the major toy manufacturing companies) was the victim of a whaling attack after a senior financial executive received an email from a scammer impersonating the new CEO and requesting a transfer of money. As a result, the company almost lost $ 3 million.

HOW WHALING ATTACKS WORK AND HOW TO PROTECT YOURSELF FROM THEM?

As we mentioned earlier, whaling attacks differ from spear phishing in that the fraudulent communications appear to be coming from a higher-level person. These attacks take on a more legitimate appearance when cybercriminals carefully investigate available open resources, such as social media, to devise a tailored strategy for each victim they wish to deceive.

One strategy could be an email that appears to come from a higher-level manager and references information the attacker obtained online; For example, they could view photos of the company's Christmas party on social media and send an email with the following message: "Hi John, this is Steve. You were quite drunk at the party last Thursday! I hope you did managed to get the beer stain off your red shirt. "

Also, the sender's email address generally appears to be legitimate, and the email may even include company logos or links to fraudulent websites designed to look like the real thing. Given that these "big shots" often have high credibility and a high level of access within the organization, the cybercriminal has a very good reason to put more effort into designing an attack that appears more credible.

The first strategy to stay safe from whaling attacks is to educate the important people of the organization so that they stay alert to the possibility of being victims of these attacks. Ask key employees to exercise caution when they receive unexpected communications, especially about important information or financial transactions. Always ask yourself a few key questions: were you expecting to receive an email, an attachment or a link? Does the request have something strange?

They also need to be able to detect typical signs of an attack, such as spoofed (fraudulent) email addresses and sender names. By simply hovering over the sender's name in an email, the full email address can be seen. Thus, it is easy to study it carefully and determine if it exactly matches the name and format of the company. The IT department should carry out whaling tests to assess how key employees react to these attacks.

 

On the other hand, executives must be especially careful when posting and sharing information online on social media, such as Facebook, Twitter, and LinkedIn. Cybercriminals can use any type of personal information, such as birthdays, hobbies, vacations, job titles, promotions and relationships, to craft more sophisticated attacks.

A great way to reduce the damage that spoofed emails can cause is to have your IT department automatically flag all emails from external locations for review. Generally, whaling attacks are based on tricking important employees into thinking that the messages are coming from within the organization; for example, a money transfer request submitted by a finance manager. If external messages are flagged, it is easier to detect those that are false and at first glance appear legitimate, even to people who do not have much experience.

It is also recommended to implement phishing protection software that includes various services, such as URL checking and link validation. Another recommended step is to add an additional level of validation for sending sensitive information or large amounts of money. For example, instead of conducting exchanges electronically, an in-person meeting or phone call may be the best way to perform critical or confidential tasks.

Two is better than one when it comes to scams. Consider modifying the procedures so that two people must authorize payments, rather than one. This not only offers the perspective of a second person to resolve doubts, it also reduces the likelihood that the employee will fear retaliation from that higher level person in case they feel upset by the rejection of the request as fear is a key social engineering tactic on which attackers depend.

To be sure about the scam one should be aware of it and use the antivirus software to have complete security and be away from all the scan and “real looking” emails

Comments

Post a Comment

Popular posts from this blog

WHAT IS EMAIL BOMBARDMENT?

-
Image
An email bombing is an attack on your inbox that involves sending massive amounts of messages to it. Sometimes these messages are incomprehensible. But more often, they will be confirmation emails for newsletters and subscriptions. Thus, in the latter case, the attacker uses a script to search for forums and newsletters on the internet. Then they sign up for an account with your email address. Each will send you a confirmation email, asking you to confirm your address. Also, this process is repeated on as many unprotected sites as the script can find. The term Email Bombing or Email Bombing; it can also refer to flooding an email server with too many emails. In an attempt to overwhelm the server and disable it. But that's not the goal here; it would be a challenge to cut down on the modern email accounts used. Meanwhile, Google or Microsoft email servers, anyway. So instead of a denial of service (DOS) attack; against the email servers you are using. Also, the flood of messages...
Read more

TESTING THE ANTIVIRUS THAT YOU USE

-
Image
Have you ever wondered how antivirus is tested before it is available on the market? The truth is that, despite what you may think at first, these applications pass a series of tests that have the mission, obviously, of verifying their effectiveness. Well, for most IT security vendors these assessments are now out of date. Testing an antivirus before its launch is something that is done regularly. Thus, the AV Tests (name by which the aforementioned tests are known) allow users to choose which antivirus they want to install on their computers, knowing what their main characteristics are and what they protect against. So far everything normal. So what is the problem? Some manufacturers of security solutions have raised their voices against the fact that these tests are “not modernized”. In what sense? Some companies claim that, although the complexity of security applications has grown considerably in recent times, when conducting evaluations they do not test the new technologies w...
Read more

WHAT IS PAZERA TROJAN AND HOW TO AVOID IT

-
Image
Pazera Trojan is a recently discovered computer malware that spreads in active attack campaigns. The current wave of infections is due to a complex Android mobile threat, including this Windows-based malware. The mechanisms of infection depend on the manipulation of the victim. Once installed on a given computer, the built-in engine will lead to many dangerous actions. Read our in-depth analysis of the samples and learn how to eliminate active infections in this article. Pazera Trojan - Virus Infection Methods The Pazera Trojan is a dangerous threat that is sent as part of a targeted campaign with the main malware being the Trojan. Originally, this has been used in an attack carried out by an Android Trojan, seeking to infect mobile users. Through the elaborate and complex chain of infections, the Pazera Trojan will install itself. Some of the observations made by security experts who analyze this malware are that the main Trojan infection that has been created by an unknown hackin...
Read more