Mother Lode: (209) 694-4599
Central Valley: (209) 790-4560

Tag: cybersecurity

  • Protect Your Employees Against Vishing

    Cybercriminals are always looking for new ways to scam users. Attacks continue to be more sophisticated and common. Organizations must remain vigilant and understand all the different avenues, including vishing (voice phishing), which uses the telephone as the channel for scamming.

    This post will define what vishing is and critical steps to take to protect your employees from falling prey to it.

    What is Vishing?

    Vishing is a cybercrime that uses voice communication, most often VoIP (voice over IP) phone systems. Cybercriminals use social engineering tactics to attempt to defraud the person on the other end.

    In many cases, these scammers impersonate the government, the IRS, a bank agent, the police, or another trustworthy organization. The content of the call is typically a threat of arrest, bank account closure, or other serious consequences.

    Unfortunately, many fall victim to it, giving in to the demands of the scammer. They may release private information, such as banking accounts, Social Security numbers, or other sensitive data.

    What’s the State of Vishing?

    Vishing grew tremendously in 2020, somewhat as a consequence of remote work. The FBI (Federal Bureau of Investigation) and CISA (Cybersecurity and Infrastructure Security Agency) released a joint advisory on the surge.

    They noted that in mid-July, a vishing campaign targeted various companies through VPN login pages. Actors created phishing pages for the internal VPN login page. They then created employee dossiers with social engineering tactics. The hackers often posed as another employee using spoofed numbers. They advised victims of a new VPN page, which they would send to the targeted employee. When the victim used the fake VPN page, the hacker could gain access to the company’s networks.

    The combination of VPNs and the elimination of in-person verification made these attacks fruitful for many.

    One example was the Twitter breach in July 2020. Hackers were able to hijack 130 accounts of prominent figures. The company admitted that social engineering and phone spear-phishing were the cause.

    Vishing Techniques

    There are several ways that cybercriminals can execute vishing.

    • VoIP: Creating fake numbers is easy for hackers. That can appear to be local or use the 1-800 prefix.
    • Wardialing: This approach uses software to call specific area codes and leave an urgent voicemail claiming that some security issue occurred. In the voicemail, they ask the victim to call back with account information.
    • Caller ID Spoofing: This is similar to VoIP vishing. Cybercriminals use a fake number or caller ID. It could appear as unknown or as a legitimate number, such as the phone number of a trusted government organization.

    These represent the more technologically forward tactics. However, there’s a low-tech way for hackers to get information—from your trash. They can collect vital information if documents aren’t shredded or properly destroyed.

    Now that we’ve covered the background of the topic, let’s discuss prevention

    Ways to Protect Against Vishing Attacks

    There are many ways to protect against cybercriminals that use these tactics. They fall into a few buckets of awareness, technology, and best practices.

    Ensure Every Employee Is Aware and Trained

    Employees are often the weak link in a cyber breach. Vishing is just one more way to isolate them. The best thing you can do is to create a continuous campaign of awareness around cyberattacks. It should be part of your wide-ranging cybersecurity education. Here are some ideas for implementing and maintaining such a campaign:

    • Every new employee should undergo training.
    • All employees should have at least yearly training if not more.
    • IT teams should work with marketing or HR to deliver bite-sized security content. You could distribute this via internal newsletters, intranet sites, or visually with signs and posters.
    • If employees receive a suspicious call, they should have a process to report it to security leaders.
    • Companies should issue advisories to employees about specific scams going on right now, so they’ll be more alert (i.e., scams related to COVID-19 or the IRS around tax time).
    Use Technology to Prevent Calls

    Most organizations employ cloud-based phone systems. Often these platforms have built-in spam caller protection. That’s a good first defense. The technology can detect calls from fraudsters. You then have the chance to either block them or send them to voicemail, so they never get answered.

    Further, phone systems today are often part of a unified communications (UC) platform. There are various security features you’ll want the system to have to protect it from hackers. Having these features in place will mitigate any attack if the hacker successfully gets information from the employee.

    • Advanced firewall systems that prevent intrusions and integrate with VPNs and traffic management
    • Intrusion protection systems (IPS) for detecting traffic that appears suspicious that made it through the firewall
    • DDoS (Distributed Denial of Service) protection
    • Commercial-grade edge routers, which are configured to resist IP-based network attacks
      Regular vulnerability scans
    Other Best Practices to Protect Against Vishing

    There are several other practices to put into place to keep vishing attacks at bay. The use of mobile apps via your UC platform will keep calls routing through your company’s VoIP. Calls won’t come directly to your smartphone number.

    You can also let employees know, especially those working in contact centers, that it’s okay to hang up the phone. If an employee can quickly define the call as vishing, the best thing to do is end the call.

    Finally, be sure you have strict security protocols about exchanging information, especially around accounts or wires. With this as part of your bedrock, employees won’t fall for scams.

  • Ransomware and Malware Threats: The State of Cybersecurity

    Cybersecurity is a growing concern for organizations all over the world. A single attack can lead to thousands or even millions in losses, and cybercriminals continue to come up with more sophisticated methods of attack. Ransomware and malware threats are some of the most common types of cyberattacks.

    Let’s take a look at how big of a risk these threats are right now and dive into what the average small to mid-sized business can do to protect itself from an attack.

    Ransomware and Malware – What’s the Difference?

    Ransomware and malware are sometimes used interchangeably, but they aren’t the same thing. It’s important to know the difference to ensure you have the right protocols and cyber protection in place to protect your business.

    Malware

    Malware is a blanket term that refers to all types of malicious code or files that are used to damage a user’s device or network.

    • Trojan horses, worms, spyware, and viruses are all types of malware.
    • Hackers send malware through emails, USB drives, and software installations. You can also open your computer or your network up to malware simply from browsing the internet.
    • Once malware is on your computer or network, it can cause a number of problems ranging from slowing down performance to a loss of control over your data.
    Ransomware

    Ransomware is one type of malware, and it’s generally the most difficult one to protect against. A cyber attacker will use ransomware specifically to stop you from accessing your system or your data until you pay them a fee. It’s essentially malware designed to hold your device or network for ransom.

    • Ransomware is primarily delivered via phishing emails. A tainted email will have a malicious attachment or a deceptive link that takes you to an infected website if you click on it. Cyber attackers can also send ransomware in an instant message.
    • With this type of threat, an attacker may lock you out of your system or encrypt your files so you can’t access them.

    How Big of a Threat Are They?

    Robust antivirus software and email encryption can help to protect against many malware threats. Ransomware, however, is a massive business threat. It doesn’t matter if you have a global enterprise or a small company – all organizations are vulnerable.

    To give you an idea of the size of the problem, look at these numbers:

    • In 2021, global ransomware damages are expected to cost organizations $20 billion – that’s 57 times more than the cost of damages in 2015.
    • By the end of 2021, a business will be attacked by ransomware every 11 seconds.
    • From 2019 to 2020, there was a 62 percent increase in the number of global ransomware attacks.
    • Last year, more than half of all successful ransomware attacks occurred in the US.

    NTELogic.com | The State of Cybersecurity

    Wondering what happens in a typical ransomware attack? Often, cyber attackers will lock your system and demand payment, usually in Bitcoin. Other times they will take down your IT system or wreak havoc in other ways. Because you can’t access your data when you’re under attack, you may also have to deal with days of downtime.

    No matter what the specifics are, ransomware attacks are always difficult and often very expensive. Your business may have to pay for:

    • A ransomware recovery IT team to get your company back online and to ensure the IT infrastructure is secure
    • A digital forensics team to identify exactly what happened
    • A public relations firm to help you with any reputational damage caused by the attack
    • The actual ransom – you can hire a ransomware negotiator to try and bring down the cost of the ransom and to manage the transaction on your behalf

    How to Protect Against Malware and Ransomware Threats

    While the threat of these cyberattacks is unnerving, there are many tools a business can use to mitigate risk and keep your systems protected.

    • Real-time backup. With real-time file backups, you can restore your files to any point you need to from the cloud. This enables fast recovery from ransomware attacks. It may save you from having to pay a ransom and reduce business downtime. Make sure your cloud backup solution includes advanced antimalware and antivirus software.
    • Employee training. Phishing emails are the main point of entry for ransomware attacks. All it takes is one individual unknowingly clicking on a malicious link or file attachment to put your business at risk. Make sure all of your employees are aware of the threat of ransomware attacks. They should know how to spot a phishing email and what to do if they think they may have clicked on a malicious link. Also, in general, all employees should be cautious of any email or instant message that they aren’t familiar with.
    • Advanced email protection. Because emails are ground zero for cyberattacks, it’s worth it to consider an advanced email protection solution. Ideally, your email protection comes with anti-phishing and anti-spoofing protection to help filter out external threats, malicious link protection, and outbound scanning. This helps to prevent malware from spreading if an employee clicks on a phishing link.

    NTELogic offers comprehensive, multi-layered email protection for SMBs, as well as secure backup and file management. Our expert team is also happy to talk to you about how Email Protection, ShareSync, and other Intermedia solutions can help protect your business from ransomware and malware threats. Contact us today to learn more.