Bad actors are always looking for ways into networks to cause mayhem. Sometimes hackers use brute force attacks in which they simply set up systems to try endless combinations of letters and numbers to guess passwords; other times, they might find a vulnerability in a company’s website that allows them to insert malicious code so they can bypass security protocols. By far, however, the majority of cyberattacks begin as phishing emails that trick people into downloading malware using social engineering techniques.
Phishing emails could be designed to appear as though they’re from any number of legitimate businesses, including banks, shipping companies, and charities. More targeted attacks, referred to as “spear phishing,” might appear to be from the leadership of your organization or a specific entity you’ve done business with. In all of these attacks, bad actors are using social engineering to work their way into your network. By playing on common fears or expectations, they trick people into clicking malicious links or downloading files that contain malware, and once they’re in, they can carry out their ultimate goal of stealing information or money, or simply causing as much chaos as they can.
Phishing isn’t exclusive to email; phishing attacks via social media are on the rise. Recently, an Advanced Persistent Threat (APT) group was able to breach at least two European defense companies by sending fake job postings to employees on LinkedIn. The employees were fooled into downloading a PDF of a job offer, but the file really contained malware.
It’s crucial to stay vigilant against attacks in all aspects of online life. Here are some tips to avoid falling prey to someone attempting a phishing or spear phishing attack.
We all like to think that our hard work has been noticed and rewarded. But if someone you’ve never met sends you a message gushing over you, be suspicious. In the recent attacks that started via LinkedIn messaging, victims were told they were “elite” who had new jobs waiting for them at large US defense companies, with the “job offer” document attached. Legitimate recruiting messages focus much more on learning whether you’re a good fit for a position, not on convincing you to take a new job, and it’s extremely unlikely to secure a new position without even an interview. Remember, if it sounds too good to be true, it probably is.
If you receive a LinkedIn message from someone you don’t know, check out their profile. How complete is it? Do they have activity going back longer than a few days? How many connections do they have? Are there significant differences in the use of grammar or language between the profile and the message you received? What happens if you copy some of the text and put it into your favorite search engine? Often, bad actors copy and paste information from legitimate profiles into fake ones that they only stand up long enough to complete their attack.
Hackers don’t want you to stop and think; they want you to be afraid of missing an opportunity or problem. In this case, messages from the attackers started out in a friendly way, but subsequent messages put pressure on the victims to answer quickly. Buying in to this sense of urgency can cause you to make mistakes, such as downloading a file or clicking a link that you might not have otherwise.
This one may seem obvious, but sensitive information isn’t just your Social Security number or financial data. The attackers in the LinkedIn case used issues opening the attachments they included as avenues to ask about the specific computer the victims used, which is valuable information for a hacker wanting to deploy malware. While we’re at it, be wary of memes or social media games that involve your middle or maiden name, the street you grew up on, or other tidbits of information that could be used as a password reset question. It’s all fun and games until someone gets hacked!
Staying current on what’s happening in the cyber threat landscape is crucial to defending your organization. But with 80% of all cyberattacks beginning in the supply chain, you’re only as secure as your weakest supplier. The Cyber Defense Network, powered by Celerium, helps SMB companies that often make up an enterprise supply chain. Learn more today!