phishing Tag

Holiday Season brings Security Risks – how to stay safe

The folks behind all sorts of online threats know that the holiday season is their most wonderful time of the year. As people are participating in unprecedented e-commerce, introducing new hardware into their environments, and rushing around with easily-skimmed cards it can be hard to defend yourself from all angles of attack.

 

Security Risks while Shopping

Online shopping can be a huge time-saver but it’s also a big risk. Amazon has done a pretty good job of securing customer data, but big firms like Target and Home Depot have been the victims of cyber attacks. Here are a couple of easy tips to keep yourself safer while shopping:

  • Use strong passwords and change them often
  • Don’t use the same password across multiple accounts
  • Pay in cash when shopping in person
  • Only order over a secure connection (when you can see the little lock in the URL bar)
  • Don’t shop on open wireless networks (like those at a college or a coffee shop)

 

Changing Hardware Environments

New kinds of tech get introduced around the holidays, but they aren’t always the safest things to bring into your ecosystem. Google Home and Echo Dot are cool toys, but they can store your searches. Web-connected devices like cameras or robots can be hacked to turn your device into part of a botnet. Even gifts like backup drives or a new phone for the office can pose a threat. Here are some things to keep you new hardware from becoming a headache:

  • Manage the settings on your home assistant devices to prevent them from collecting data
  • Change the default passwords on your IoT devices to prevent them from being hijacked by botnets
  • Keep an up-to-date antivirus to prevent infections from new hardware like hard drives or flash drives
  • Be cautious about downloading new apps for you phone – many of them are phishing scams or keyloggers

 

Defending Yourself can be difficult

There are all kinds of threats out in the world, but you can lower your personal risk by taking simple steps like updating programs and changing passwords frequently. Everyone should be running a strong, regularly-updated antivirus (we recommend ESET and you can call us if you’d like to purchase a license), and everyone should learn how to identify and avoid phishing attacks.

But what do you do to protect your business? What do you do to keep your work devices safe?

 

Business Protection is Priority One

Maybe more people are accessing your site this time of year, maybe your employees are handling heavier loads. There are a million things that can go wrong during this busy season and at PMCS we pride ourselves on preventing those problems. We take security very seriously and are proud of the ways that we can minimize risks to your business. PMCS relies on a suite of tools we can use to help you keep your business safe, including:

  • Enterprise-grade SonicWall Firewall devices
  • ESET Endpoint Protection Advanced – Antivirus for five or more users with an up-to-date threat console and remote monitoring
  • Proactive Maintenance Plans that check your systems for security risks
  • Backup Assist to keep your data safe and protect you from downtime in the event of an attack.

Don’t let yourself or your business be brought down by online threats this holiday season – call PMCS at (818)957-5647 for a free system assessment to identify any security risks. We’ll make sure your network is secure, your backups are stable, and that no downtime will plague you during this busy season.

Most businesses think their IT companies have done a great job of securing them, but when we come in with our tools we find gaps in coverage and all the flaws from previous systems. Give us a chance to explore your network and you’ll be shocked by the ways we can improve your security and protect your business and your customers.

Call to schedule your free assessment today!

(818)957-5647

Onliner Spambot dumps 711 million records

A spambot called Onliner been dumping batches of email addresses and passwords into text files on a server hosted in the Netherlands. The data appears to be at least partially related to LinkedIn breaches. The information has been collected by the Onliner Spambot as part of a campaign of social media phishing, data-collection malware, and responses to email spam.

How do Spambots collect data?

In addition to collecting and dumping records in plaintext Onliner is also sending banking malware to the email addresses it has collected, extending its reach and the amount of data it has amassed.

Onliner primarily works by scraping data from previous breaches or vulnerabilities, like Heartbleed in 2014, and then sending out test emails to the addresses it has collected. The test emails will appear to be legitimate but will have a hidden pixel-sized image that, when opened, will collect information such as your IP address, operating system, and device information and send that information back to its servers. Once it has that info Onliner will send phishing messages to attempt to collect more saleable data.

Why a Spambot? What’s the point?

The goal of spambots like Onliner is to perpetuate themselves and steal data. It uses stolen data to steal more data, then uses its new stolen data to generate “trusted” emails to install malware on desktops to steal further data. Onliner is like a perpetual motion machine dedicated to stealing your credentials and infecting your computer.

Even if your computer isn’t being infected by a spambot simply having phishing attacks levied against your business can be a risk – untrained employees, busy schedules, and hectic environments can create an opportunity for abuse from spammers and phishers. Someone with a data snapshot from Onliner’s hidden image emails might be enough to convince someone in your business (or one of your customers or one of your vendors) to share more information or pay money to a malicious attacker, a situation that recently cost a Canadian university 10 million dollars.

Am I at risk?

If you use social media, have a LinkedIn account, have ever used the same password across multiple accounts, let your antivirus expire, or just have an email address there’s probably a chance that your data has been scraped from the internet at some point. You can find out by checking out a wonderful tool called Have I Been Pwned? that was put together by malware researcher Troy Hunt. Hunt’s website also includes a list of websites that have had their data pulled. For major breaches Hunt has organized a short summary of how the breach occurred and its history to help users decide if it’s secure to create accounts with those sites.

If you want to know if your email address has been picked up or if your data is at risk check out Hunt’s page and take a look around; at the very least it will let you know if perhaps it’s time to change your email address or password.

Moving Forward

So how do we go on when this kind of thing is becoming more and more common? Aside from practicing good internet hygiene like logging out of accounts, not using unprotected wireless access, and changing passwords frequently PMCS recommends a strong spam filter to keep you safe. We offer Spam Filtering in the form of Nuked Spam, a service that passes your email through our secure servers before it goes to your inboxes, insuring that anything potentially harmful stays out of your server environment. Because we work with industry leaders in spam identification and tagging we are able to keep bots like Onliner off of your system, so that they’re never able to collect data about your users or infect their desktops. In addition to strong spam filtering the protection of a good firewall will go a long way toward protecting your network and keeping your business up and running.

If you’re interested in improving your spam filter or would like to talk to us about security in the era of spambots like Onliner please give us a call at 818-957-5647 and we’ll create a solution perfectly tailored to your needs.