Earlier this week, I had a great topic in mind and a hot cup of coffee to help write it, but with a phone call I received, all plans were off.
An employee at a financial firm client of ours (let’s call them ABC Finance) had exchanged emails with a known contact of theirs who was requesting a money transfer. Though most of the correspondence seemed business as usual, the ABC Finance employee was suspicious enough to contact us before money was sent. I was able to verify this was a phishing attempt before any funds were released.
This week I want to break down how situations like this unfold, as well as highlight how important you are as a last defense to your company. While I unpack the behinds the scenes of this story, I will provide security tips in parenthesis. Hopefully taking you through a real-world situation will help you catch bad actors next time they knock on your door. The combination of old school hacking and socially engineered attacks is the most popular combo today, and hackers continuously refine their methods to go undetected. So, let’s begin breaking down how they do this.
First, they gain access to an unsuspecting user’s email account. In this case, it was our client’s known contact. Sometimes they use computer bots (software) to scan and crack the password, but most often they get a hold of leaked passwords on the DarkNet from breaches you hear on the news (TIP: enable multi-factor authentication for your mailbox and monitor DarkNet against leaks on passwords you use most often).
Once they gain access to the user’s email account, a real person takes over studying the contents of their mailbox. This is where the socially engineered part comes into play. The hacker looks for people they communicate with often, learn their business patterns, and select a suitable target from their contact list. In our example from this week, the hacker picked a lower level employee at ABC Finance to target, which is a great choice if you ask me. (TIP: Never communicate sensitive information via email unless you utilize an encryption service. Never make a habit of authorizing financial transactions via email as this relationship can be exploited).
Once the target is picked and their plan of attack is solidified, the bad actor creates mailbox rules inside the hacked account so they can hide their communications. To start, when an email is sent from the hacked account, it is immediately deleted from the sent mailbox. Then, the mailbox rules automatically route replies from the target into an unsuspecting folder on the hacked user’s mailbox. This system allows the user to continue using their mailbox without any idea that someone else is using it to request a wire transfer. (TIP: Check your mailbox rules and folders time to time. If you have folders that are not needed, delete them. Don’t leave unread messages in mailbox folders so if a message arrives and is sorted into folder, you can immediately detect it).
Unfortunately, the bad guys often manage to convince people to send wires. Our financial firm client has multi-factor authentication enabled so their accounts are secured and we use two layers of email security, which does an incredible job keeping automated attacks, malicious attachments, and suspicious activity at bay. However, when there is a regular communication about finances between two people, and a wire transfer request comes in as it so happens time to time, no security service can make a judgement on its legitimacy. This is where you become our last line of defense. If there is any tiny amount of suspicion, pick up the phone and call the person emailing you – especially when there is money involved. Hackers don’t look like the person in the picture above. They can use the same words and make the same jokes as the person whose account they hacked.
My team and I are here to secure you with the best security tools possible, including knowledge of the ever-changing security landscape so together we can stay one step ahead of the bad guys.
– Burak Sarac, Team Lead
Vacation-Friendly Google Map Updates
Google Maps keeps rolling out new features, the latest of which are super helpful for anyone planning a vacation this summer. Toll price & navigation map features are being improved, along with other iOS specific updates. Check out this article for details.
National Arbor Day is April 29th
Broadleaf. Evergreen. Conifer. How well do you really know your trees? Now you have a goal for National Arbor Day. America’s first Arbor Day took place toward the start of the 1870s; here is the official website for the holiday. Fun fact: this year is the 150th anniversary of Arbor Day! Check out this list of ideas on how to celebrate.
How to Temporarily Disable FaceID (5 second hack)
Our most personal info is stored on our smartphones, so keeping that data safe is important. But you put your info at risk whenever anyone else gets a hold of your iPhone. Thankfully there are some ways to boost your smartphone safety. One such hack is the “double click” trick, which takes about 5 second to do or undo. Learn more here.
National Sense of Smell Day
Appreciation for our sense of smell & taste has vastly increased since the onset of the pandemic. For many people, loosing the ability to smell was never a reality that crossed their mind. National Sense of Smell Day is an annual event held on the last Saturday in April to start the conversation around the sense of smell. Smell is one of the five senses and helps people to recognize things in their environment, like food, locations, and even people. It is vital to assessing dangers all around us. For example, what is the first warning sign that your milk has gone bad or that your piolet light is out? As people age, there is a natural decline in the sense of smell. The reduced ability to smell makes it vital to raise awareness about detecting such loss in the early stages so as to prevent it from getting worse by taking appropriate remedial action. Check out this article for more information on how smell impacts our life & experiences.