You might remember that in my last newsletter I talked about the decrease in cryptolock crimes. I also cautioned that cyber criminals would not give up, but become more creative in their approaches to new cyber security threats. Sadly, I’m seeing this firsthand as criminals continue to target small businesses.*
*According to the 2018 Verizon Data Breach Investigations Report, 58% of cyber attack victims were small businesses.
Hackers Impersonating Your Vendors
Phishing scams have become increasingly sophisticated and even harder to spot. Imagine a scenario where the phishing email is injected into a routine conversation between a vendor and one of your employees. The message is not unexpected. It is part of an ongoing conversation, and the headers and footers match the original email string. Yet in the body of the email, the vendor asks that payment be forwarded to a new bank account. It looks legitimate, but is actually a ‘vendor email compromise‘. I have seen this more than once recently. As a result, I cannot stress enough how critical it is to verbally verify any requests regarding financial transactions. Don’t send anything via email that you wouldn’t write on a postcard. Also mandate that your partners and vendors follow the same guidelines.
Domain Spoofing
The next item to stress is be vigilant about your domain. Your domain is the online identity for your business and a valuable asset. Criminals may target your domain using look-alike spoofing. In this scenario, the hacker creates a fake domain that closely mimics yours. Look-alike domains use visual perception and deception. For example, the look-alike domain may contain a typographical variation, such as omitting a letter, transposing letters, or substituting one letter for another, often next to it on a keyboard. Here’s an <exarnple> of a domain look-alike where the “r” and the “n” appear as the letter “m”. Here’s another example: < gooqle>. Look closely. Did you see the word “google”? This is similar to a spoof I recently saw where the hacker replaced “g” with “q”. Once the spoofed domain is in place, criminals use it for impersonation attacks that aim to trick targeted users into believing that they’re receiving an email message from a company, or business partner they know and trust.
Domain Hijacking
Even worse than domain spoofing is domain hijacking. This is a form of theft where the attacker takes access of a domain name without the consent of the original registrant. Usually, the hijacked domains become inaccessible. If the website was a source of income, you’ve started losing your money as well your online identity. The hacker may demand money to transfer the domain name back to you. Or they might replace your website with similar looking website and misuse it for phishing or other malicious activity. In the case I witnessed, the hacker transferred the domain’s ownership to an entity in China. The company is now suing to recover the domain name they had owned for nearly two decades. Be sure to review the email addresses associated with your domain registration. Remove any that are outdated or unnecessary.
To help combat these threats, Invario has actively identified and implemented security solutions for our customers. It has meant a big change for our business. Whether it’s our award-winning security awareness training platform, KnowBe4, or our DNS filtering solution using SonicWall, we constantly evaluate and update the tools we use. Our goal is to deliver security at a value that works for small and mid-sized customers. Our roadmap and scorecards can help identify the right model for your business, from basic security to meeting industry-specific compliance such as FINRA or NIST. If we haven’t done a cyber security scorecard for your company, send me an email and I’ll be happy to provide one.
Print This Post