teiss Cyber Brief - Example 3

“Don’t Click That Link!”

Latest scams: ”We’re closing your account”

Cyber criminals know exactly what buttons to push when they want you to make bad decisions regarding the security of your online accounts. Recently, there has been a spate of phishing attacks on people’s Twitter accounts. And the button the criminals have been pushing involves threatening to close your account for copyright infringement.

The attacks are sent from the dubiously named @copyrighttmedia Twitter account.

Did you spot it? The extra “t” in the name? If you go to @copyrightmedia (with one “t”) on Twitter youwill find an organisation whose aim is to reduce piracy. Imitating their name makes the criminals’ message seem legitimate.

The message sets the scene for an undesirable outcome by threatening you with something unpleasant, giving you an unreasonably short amount of time to fix a problem, and appearing to make it simple for you to fix it. All this makes it more likely that you will click the link provided to prevent the imminent closure of your account.

Of course, the aim of all of this is to panic you into logging into the screen at the end of the link and freely providing your credentials so that the criminal can steal your account.

In this scenario, here are some things to look for:

1. Poor spellling or
2. Slightly altered or odd company naming conventions.
3. A problem that removes something you value.
4. A strong sense of urgency to fix it.
5. A handy link, right there, for you to click on and resolve the problem.

If you receive a message like this, don’t respond to it. Instead go directly to the Twitter website and log in there. You probably won’t see anything amiss though.

Salutary tales: It happens to everyone

In a statement earlier this year, the Norwegian government claimed that Russian state-sponsored hackers were behind an attack on the Norwegian parliament in which lawmakers’ emails were stolen.

An incident like this could simply be chalked up to good old-fashioned spy craft updated for the new millennium. But it actually shows just how similar the tactics used by state sponsored hackers and cyber criminals are.

Although there were no technical details released by the Norwegian government, we can speculate that in all likelihood it wasn’t a highly technical, cutting edge, computer-to-computer attack. It probably started with an email and an attachment or link.

There is an old information security saying:

“Computers are hard to hack. Humans are easy to hack.”

Having the knowledge of what not to click on is vital. And so is knowing what the warning signs of a potential attack look like. Who knows, by arming yourself with this knowledge, you could stop the new cold war from escalating too.

Regular tips

Ransomware Payments

A ransomware attack is when somebody takes control of your computer, encrypts the contents of it and will only give you the key to unlock everything once you have paid a ransom (usually in untraceable Bitcoin). In many cases, even when the ransom is paid, the locked data is not recovered!

There have been reports of hospitals, universities and other institutions being attacked by criminals using ransomware. They are often targeted because the criminals know that their IT and security departments are underfunded and understaffed.

There has also been much talk of making ransomware payments illegal in order to deter the attacks in the first place. However, many companies are prepared to pay ransoms so that they can get back on track as soon as possible, simply seeing it as a cost of doing business. The argument rages on.

It is worth remembering these attacks can happen to individuals as well. So make sure you always have a backup of your data, and observe the tips in these newsletters to avoid clicking on the links in the first place.