Tag Archives: Phishing

Immediate Vault Immediate Access

Cyberrisk Management Tips for Businesses Amid the Russia-Ukraine War

Posted on by

A wide range of risks are trickling down from Russia’s assault on Ukraine, from sanctions compliance to supply chain disruption to business interruption. Cyberrisk has also drawn considerable concern and the threat landscape continues to evolve rapidly, though the details of increased cyberattack activity are not yet fully known and may be largely unfolding below the surface right now. Attacks attributed to Russia have been launched against a range of targets in Ukraine, including new destructive malware campaigns, targeted information-gathering against a range of civilian and government targets, and attacks on critical infrastructure.

Concerns about escalating cyber activity around the crisis are a vivid reminder of the importance of knowing your threat model and adjusting your risk management priorities accordingly. According to experts ranging from independent cybersecurity professionals to officials at the Cybersecurity and Infrastructure Security Agency (CISA), organizations at greatest risk right now include critical infrastructure, banks and other financial services firms, and of course key service providers in Ukraine or Russia.

Spill-over to other businesses is more likely with cyber conflict, however, particularly given Russia is one of the most advanced and aggressive nation-state cyber threat actors—remember the crippling global attack known as NotPetya that upended supply chains in 2017 resulted from a Russian cyberattack on Ukraine. That is not to say that there is necessarily cause for panic, simply that the effects of cyber conflict can be unexpected, widespread and potentially severe.

At this point, for most companies that are not in a high-risk position as a direct result of the war, the best course of action for risk professionals is to focus on ensuring your company has an updated and detailed incident response plan on hand and distributing it to relevant members of the organization, reviewing and potentially strengthening your general cybersecurity posture, and reminding employees about cyber hygiene.

For example, given the tragic events and breaking developments around the conflict, many may be glued to news or social media. Unfortunately malicious actors are known to take advantage of such situations by posting phishing links on social media with alleged news updates or email scams that purport to collect charity donations. Remind employees about these perils and offer refreshers on how to spot phishing scams and the need to exercise caution with links in emails or on social media.

“In addition to taking a fresh look at plans and other policies within an organization’s cybersecurity risk framework, businesses should consider a few common-sense tips to prepare for a potential cyber incident,” advised Annmarie Giblin, partner at Hinshaw & Culbertson and leader of the firm’s data privacy and cybersecurity practice. Giblin recommended risk professionals take the following steps to boost cyberrisk management efforts right now:

  1. Print out a hard copy of any necessary polices and plans, like the cyber incident response plan, the business’ cyber insurance policy and a contact list for the organization, so you have them available in the event you cannot access your system and need to communicate with employees through alternative methods.
  2. Remind your employees about common cyber scams and reiterate that there will be no retaliation for reporting a cybersecurity mistake, such as clicking on a bad link.
  3. Have key members of the executive team and incident response team set up a secure but alternate method of communication, such as sharing phone numbers or creating a different off system email address to communicate in the event the business’ systems are not available or not trusted.
  4. Keep track of the latest threats and get the research over to your IT team so they can update your firewall, and/or contact the business’ security services provider and make sure they are aware of and addressing these new malware strains.
  5. Evaluate and if possible, test your business continuity plans. Organizations should be asking themselves, “What does the work day look like without access to the business’ systems?” and “How can we still work without any technology support?”

Cyber insurance firm Coalition has put together a guide to basic cybersecurity measures to help organizations—policyholders and otherwise—proactively manage cyberrisk and reduce the likelihood of a cybersecurity incident. The guide provides 10 key steps to help improve cyberrisk management, highlighting the basics of each mitigation measure, tips on how to implement, and even some vendor suggestions for credible options, if desired. Coalition notes this may be particularly helpful for small and mid-sized businesses that do not necessarily have dedicated in-house information security experts, but it could also be worth a look for any risk professional who wants an overview of mitigations that should be in place or ways to fill those gaps. Check it out here: https://info.coalitioninc.com/rs/566-KWJ-784/images/DLC-2020-12-2021-Coalition-Cybersecurity-Guide.pdf

For more resources on cyberrisk management best practices, cyber incident response, cyber insurance considerations, and more, check out Risk Management Magazine’s extensive cyber coverage here. Some of the highlights below can help address key concerns that you—or your board—may have right now, and offer actionable strategies to strengthen your cyberrisk readiness and boost employee cyber hygiene:

Preventing Paycheck Protection Program Loan Scams

Posted on by

The COVID-19 pandemic and subsequent shutdowns have meant perilous times for small businesses across the country, with many shutting down temporarily or even permanently. As part of the U.S. government’s efforts to forestall bankruptcies and layoffs, Congress allocated hundreds of billions of dollars for the Paycheck Protection Program (PPP). Small businesses can apply for loans from the U.S. Small Business Association (SBA), which the SBA will forgive if the receiving business meets certain criteria, like “if all of the company’s employees are kept on the payroll for eight weeks and the money from the loan is used to pay for rent, mortgage interest, utilities or payroll.”

The program has helped many businesses, but also left many stranded and desperate when they could not qualify for the loans. According to the Wall Street Journal, as of this week, the government has disbursed “4.6 million loans worth more than $513 billion.” But some businesses were forced to return the funds when they discovered they could not open soon enough to meet the eight-week deadline, and some did not even bother applying because they did not meet the criteria. The program has also faced criticism for not providing enough funds, and when larger and/or publicly traded companies (like restaurant chain Ruth’s Chris) received loans.

As with many other government programs that award payouts and may have confusing or labyrinthine application and approval processes (such as Social Security payments or tax refunds), scammers have targeted desperate businesses trying to access PPP funds. Online identity verification service Social Catfish recently published guidelines for avoiding PPP-related scams that small businesses are facing, including phishing and robocall scams.

As Risk Management recently reported, phishing scams—in which criminals use fraudulent emails to trick users into clicking malicious links or divulging sensitive personal information—have proliferated since the start of the COVID-19 pandemic, often specifically targeting pandemic-related concerns. According to Social Catfish, online scammers have been using emails posing as the SBA inviting the recipient to apply for a PPP loan, then installing malware or stealing any information provided. With this information, scammers can then pose as a business to apply for loans or steal funds.

Scammers may also try to contact businesses by phone, either in person or by robocall, asking for confidential information or demanding a fee for their PPP application, even promising faster processing after the payment. Similar to the IRS, the SBA does not call PPP applicants for information, and there are no fees associated with PPP applications. Businesses applying for PPP loans may also encounter fake companies claiming that they facilitate applications, which scammers then use to steal the confidential information victims provide.

 To avoid being scammed, Social Catfish recommended that businesses interested in applying for PPP loans do their due diligence by following the steps below:

  • Don’t pay for a PPP Loan application. The SBA doesn’t require payment to fill out and submit a PPP Loan application. If someone is charging you to fill out an application, chances are its a scam.
  • Don’t give your information in response to any suspicious email, text, or phone call. The SBA will not email you out of the blue to fill out a PPP Loan application. If someone is emailing you out of the blue to fill out an application and to give them your information, chances are they are trying to scam you.
  • Verify the lender before applying for the loan. Only lenders approved by the SBA can administer PPP Loans. To find out if the lender you are applying with is approved to distribute PPP Loans, click here.
  • Don’t click on links in emails. The links in the emails are often filled with viruses and malware that will infect your computer and steal your personal information. They also spoof the application so that you’ll have to give out your personal or business’ confidential information.
  • Don’t reply back to any text or email you don’t know. Replying back to them with your personal or company’s confidential information may lead to you getting scammed. The SBA will not email you encouraging you to apply for the loan, you would have to look for the loan yourself.

Spotting Coronavirus-Related Phishing Emails

Posted on by

Amid widespread public concern and constantly evolving news about the COVID-19 pandemic, cybercriminals are finding new fodder for phishing campaigns. With the eagerness for new information about the coronavirus outbreak, distraction during disruption, and the disorienting shift to remote work for many, employees may be particularly susceptible to falling for these schemes right now.

Some of these phishing emails play off companies having employees work from home to launch credential-stealing attacks. Such phishing campaigns may impersonate IT teams or may direct recipients to fake login pages to access work networks or accounts remotely. See the screenshot at right for an example. Email security firm Mimecast’s Threat Intel team reported seeing over 300 examples of such a campaign using a fake OneDrive login.

“We see that threat actors are keeping up with the daily developments concerning the coronavirus,” said Mimecast’s Threat Intel team. “As the pandemic continues to spread and more and more people are made to work from home, we are seeing more phishing emails that are trying to trick users into giving their credentials through a faked login page. Threat actors are actively utilizing this pandemic to attempt to compromise individual’s accounts and organization’s networks. The potential for human error will inevitably increase in the coming weeks and we expect to see more of these phishing attempts in the coming days and weeks.”

Other phishing scams purport to be new updates from government authorities or public health organizations, directing recipients to click malicious links for updates on the spread of the COVID-19 pandemic, new containment measures ordered by governments, or local advisories. Last month, the World Health Organization warned that some criminals were spoofing WHO officials to send fraudulent emails, and Kaspersky Labs reportedly found emails spoofing the CDC asking for Bitcoin donations to help fund a coronavirus vaccine. Some other phishing emails include malicious attachments purporting to be tips for protecting yourself from the coronavirus or maps of the outbreak, for example, but actually contain malware.

“We are living in a heightened time of cyberrisk,” said David Simpson, Virginia Tech professor and former chief of the Federal Communications Commission’s Public Safety and Homeland Security Bureau. “Cybercriminals will take advantage of public fear and due diligence health measures to generate coronavirus-themed phishing attacks. We should be aware of unsolicited COVID-19 emails with specious links or attachments.”

To help employees detect these scams, check out the following infographic from Cofense’s Phishing Defense Center for tips on spotting coronavirus-related phishing emails:

Prevent Your Employees From Getting Tricked by Phishing Emails

Posted on by

We all know to watch for suspicious emails. But phishing emails are becoming increasingly more sophisticated, tricking even the savviest among us. The costs to consumers, businesses and institutions keep adding up: According to the FBI, online theft, fraud and exploitation totaled $2.7 billion in financial losses in 2018.

The most expensive complaints involve business email compromise (BEC), a tool that cybercriminals use to launch many types of cybercrimes, from misdirected payment and inventory fraud to ransomware attacks.

More than a third of businesses (37%) surveyed nationally for HSB by Zogby Analytics received an email from someone pretending to be a senior manager or vendor requesting payments. The businesses reported that almost half of employees receiving those emails (47%) responded by transferring company funds, resulting in tens of thousands of dollars in losses. For some types of businesses and government entities, the payment frauds can reach hundreds of thousands to millions of dollars.

Three Tips to Help Employees Avoid Cyber Fraud

What can a business or institution do to help prevent employees from falling for email phishing schemes? Here are three tips to avoid falling for the latest tricks:

  1. Check the Source

Before you open an email, take a moment to consider the source of the email and whether that person is likely to send you an attachment or link. Check the email address, screen name or phone number associated with the message.

online pharmacy estrace with best prices today in the USA

Hackers often mimic an email address that you would trust with one letter or number off from the original name or domain.

The address may even look exactly like a trusted contact but when you mouse-over the name, you can see that the address is different. A hacked email account can also be used to send malicious content, so be sure to evaluate the content of the message.

  1. Check the Content

Before you click on a link or download an attachment, take a good look. Many times, if you copy the link or name of the attachment into a search engine, you can find out whether cybercriminals are actively using the content to spread malicious content, like a virus or ransomware.

Ask yourself whether this is the type of content you usually receive from the sender. Are you expecting an attachment? Even if you are expecting an attachment, does it appear, from the name and type of file, that it is legitimate? Is the attachment or link the only content of the email?

If you have doubts, delete the message or call the sender at a number you have verified as theirs.

online pharmacy zetia with best prices today in the USA

Also, hackers often make an urgent request to trick victims into clicking on malicious links or files. Any urgent request sent via email should be verified in-person.

  1. What if I Clicked on the Wrong Thing?

Everyone makes mistakes. You would not be the first person to click on a bad link or download a bad file. But even if nothing happens immediately, there is no guarantee that the threat is gone.

Malware can lay dormant for weeks, months, or even years before activation. It may also be transmitting information in the background without your knowledge.

So, act as soon as you realize you clicked on a bad link or file. Alert your information technology security department right away. If you are a smaller operation, run a virus scan and keep an eye on your financial information.

online pharmacy cymbalta with best prices today in the USA