Tips for Identifying a Phishing or Spoofing Email

Phishing

Unfortunately, no matter what companies do, some phishing emails will always make it to the inbox. Here are 10 tips on how to identify a phishing or spoofing email.

Tip 1: Don’t trust the display name
A favorite phishing tactic among cybercriminals is to spoof the display name of an email.

Here’s how it works: If an impostor wanted to spoof the hypothetical brand “ABC Bank,” the email may look something like:

This fraudulent email, once delivered, appears legitimate because most user inboxes only present the display name. Don’t trust the display name. Check the email address in the header “from” field. If it looks suspicious, don’t open the email.

Tip 2: Look but don’t click
Hover your mouse over any links embedded in the body of the email. If the link address looks weird, don’t click on it. If you want to test the link, open a new window and type in website address directly rather than clicking on the link from unsolicited emails.

Tip 3: Check for spelling mistakes
Legitimate messages usually do not have major spelling mistakes or poor grammar. Read your emails carefully and report anything that seems suspicious.

Tip 4: Analyze the salutation
Is the email addressed to a vague “Valued Customer?” If so, watch out—legitimate businesses will often use a personal salutation with your first and last name.

Tip 5: Don’t give up personal information
Legitimate banks and most other companies will never ask for personal credentials via email. Don’t give them up.

Tip 6: Beware of urgent or threatening language in the subject line
Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “account has been suspended” or your account had an “unauthorized login attempt.”

Tip 7: Review the signature
Lack of details about the signer or how you can contact a company strongly suggests a phish. Legitimate businesses always provide contact details.

Tip 8: Don’t click on attachments
Including malicious attachments that contain viruses and malware is a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. Don’t open any email attachments you weren’t expecting.

Tip 9: Don’t trust the header from an email address
Impostors not only spoof brands in the display name, but also spoof brands in the header from email address.

Tip 10: Don’t believe everything you see
Phishers are extremely good at what they do. Just because an email has convincing brand logos, language, and a seemingly valid email address, does not mean that it’s legitimate. Be skeptical when it comes to your email messages—if it looks even remotely suspicious, don’t open it.

Posted in Uncategorized | Leave a comment

“RobbinHood” ransomware takes down Baltimore City government networks

images

Baltimore Chief Information Officer confirmed that the malware attack was “the very aggressive RobbinHood ransomware” and that the FBI had identified it as a “fairly new variant of the malware”. Several new variants of RobbinHood have been emerging over the past month.

This malware appears to target only files on a single system and does not spread through network shares. “It is believed to be spread directly to the individual machines via psexec and/or domain controller compromise”. The ransomware itself does not have any network spreading capabilities and is meant to be deployed for each device individually.”

That would mean that the attacker would need to already have gained administrative-level access to a system on the network “due to the way the ransomware interacts with C:\Windows\Temp directory.

In addition to requiring execution on each individually targeted machine, RobbinHood also requires that a public RSA key already be present on the targeted computer in order to begin encryption of the files. “That means that the attacker likely deploys it in multiple steps, from obtaining access to the network in question, moving laterally to obtain administrative privileges for a domain controller or via psexec, deploy and save public RSA key and ransomware on each machine and then execute it”.

Before it begins encryption, RobbinHood malware shuts down all connections to shared network directories with a net use * /DELETE /Y command and then runs through 181 Windows service shutdown commands—including the disabling of multiple malware-protection tools, backup agents, and email, database, and Internet Information Server (IIS) administrative services. That string of commands—which starts with an attempt to shut down Kaspersky’s AVP agent—would create a lot of noise on any management system monitoring Windows systems’ event logs.

Posted in Uncategorized | Leave a comment

Malware Alert

There is nasty malware being spread through links and attachments in e-mails that either take you to an unsafe website or download attachments in the e-mail that contain malicious software. The name of this malware is CryptoLocker.  Below is a sample email you may receive containing the malware.

If the link within the e-mail is clicked or the attachment is opened, the software starts up and begins to encrypt your files making them inaccessible. The only recommended way to recover your infected system is to do a clean operating system reload on your computer and restore data from the most recent backup.

Under no circumstances would I recommend paying the ransom to the hackers. First, there is no guarantee they will provide you with the key needed to decrypt the files. Second, you run the risk of opening yourself up to future attacks.

Safeguards to Protect Your Computer from Ransomware

  • Make sure you have updated antivirus software on your computer.
  • Enable automated patches for your operating system and web browser.
  • Have strong passwords, and don’t use the same passwords for everything.
  • Use a pop-up blocker.
  • Only download software—especially free software—from sites you know and trust (malware can also come in downloadable games, file-sharing programs, and customized toolbars).
  • Don’t open attachments (especially zip files) in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in an unsolicited e-mail, even if you think it looks safe. Instead, close out the e-mail and go to the organization’s website directly.
  • Use the same precautions on your mobile phone as you would on your computer when using the Internet.
  • To prevent the loss of essential files due to a ransomware infection, it’s recommended that you always conduct regular system back-ups and store the backed-up data offline.
  • If something looks suspicious, it probably is, so just delete the email and clear your delete bin.

Please be very careful and aware that hackers are always searching for victims. No one is exempt from a cyber-attack. Having a good antivirus and malware software is a good defense against such attacks, but nothing is full proof.

malware

Posted in Uncategorized | Leave a comment

How to Recognize Phishing Emails

Phishing email messages and websites are designed to steal money. Cybercriminals can do this by installing malicious software on your computer or stealing personal information off of your computer.

Cybercriminals also use social engineering to convince you to install malicious software or hand over your personal information under false pretenses. They might email you or convince you to download something off of a website.

What does a phishing email message look like?

Here is an example of what a phishing scam in an email message might look like:

Phishing

  • Spelling and bad grammar. Cybercriminals are not known for their grammar and spelling. Professional companies or organizations usually have a staff of copy editors that will not allow a mass email like this to go out to its users. If you notice mistakes in an email, it might be a scam.
  • Beware of links in email. If you see a link in a suspicious email message, don’t click on it. Rest your mouse (but don’t click) on the link to see if the address matches the link that was typed in the message. In the example below the link reveals the real web address, as shown in the box with the yellow background. The string of cryptic numbers looks nothing like the company’s web address. Links might also lead you to .exe files. These kinds of file are known to spread malicious software.  Phishing2
  • Threats. Have you ever received a threat that your account would be closed if you didn’t respond to an email message? The email message shown above is an example of the same trick. Cybercriminals often use threats that your security has been compromised.
  • Spoofing popular websites or companies. Scam artists use graphics in email that appear to be connected to legitimate websites but actually take you to phony scam sites or legitimate-looking pop-up windows. Cybercriminals also use web addresses that resemble the names of well-known companies but are slightly altered.
Posted in Uncategorized | Leave a comment

Major Google Update

th

Some months ago, Google announced they would be making some mobile-related algorithm changes.  The one that may have the most profound effect is used to detect a website’s mobile-friendliness as a ranking signal.

Google announced that the mobile-friendly signal would go into effect on April 21, 2015.

Is your website mobile-friendly? Use the link below to find out.

https://www.google.com/webmasters/tools/mobile-friendly/

Posted in Uncategorized | Leave a comment

Creating a Secure Password

 

password

Your password is a gateway to all of your important information. If your password falls into the wrong hands, that person could impersonate you online, access your bank or credit card accounts, sign your name to online service agreements or contracts, engage in financial transactions, or change your account information.

Unfortunately, many people are still not taking the necessary steps to protect their accounts by using strong passwords. Far too often, passwords with simple combinations such as 123456, password, qwerty, or abc123 are being used. In other cases, people simply use their pet’s name or their birth date — information that can be easily found online, such as on a Facebook page.

To protect yourself, passwords must be difficult for others to guess but at the same time easy for you to remember. Here are some recommendations:

  • Passwords should have at least eight characters and include upper case (capital letters) and lowercase letters, numbers and symbols.
  • Avoid words and proper names, regardless of language. Hackers use programs that try every word in a dictionary.
  • Don’t use personal information — name, children’s name, birth dates, etc. that someone might already know or easily obtain.
  • Change passwords regularly — at least every 60 days. If you believe your system, or an online account you access, has been compromised change your passwords immediately.
  • Use different passwords for each account you have.
  • Make sure your work passwords are different from your personal passwords.
  • DO NOT write down your passwords. If you need to remember your passwords, write down a hint to a password, but never the password itself. Store the hint in a safe place away from your computer.
  • Do not share your password with anyone – attackers may try to trick you via phone calls or email messages into sharing your password.
  •  Decline the “Remember Password” feature in browsers.
  • Always remember to log out when using a public computer.
Posted in Uncategorized | Leave a comment

Security Tips for your Mobile Device

Try practicing the following tips to keep your mobile device secure and avoid compromising your information:

• Never leave your mobile device security settings at the default level which is generally the lowest and most unsecured settings.
• Avoid the phishing email traps by not opening attachments or clicking on links from unfamiliar sources.
• Create passwords on your mobile devices to prevent others from accessing your information.
• You should only download files from trusted websites to your mobile devices.
• The use of Bluetooth to pair with your mobile devices should be done in an area where there is no one within 100 feet near to avoid attacks or hacking due to eavesdropping and your device being discovered during the pairing process.
• Disable the Discovery Mode of your mobile device once it has been successful paired to a source.
• Beware of attempts to attack your mobile device in public area through request to re-pair with another device.

Posted in Uncategorized | Leave a comment

Vulnerability in Microsoft’s Internet Explorer (IE) Browser

Users are being advised to avoid using Microsoft’s Internet Explorer  (IE) Browser to access websites. Until Microsoft has found a fix for the issue, we are recommending that everyone use the Firefox or Chrome Browser to surf the web. Read More…

 

Posted in Uncategorized | 16 Comments

Are you still running Windows XP on your device?

This should not be news to many, but Microsoft’s support for the Windows XP operating system will officially end on April 8, 2014. Microsoft will no longer provide you with new security updates, hotfixes or any type of support options for Windows XP. Read More…
 

 

Posted in Uncategorized | 6 Comments

Windows 8 Tutorial

If you’re new to Windows 8, I think you will find this video tutorial very helpful. See Video…

 

Posted in Uncategorized | 65 Comments