It’s October and it’s Cyber Security Awareness month and there is no better time to share a little wisdom, if not spread a little fear, on the boogie man that’s out to get you, or your data anyway.
While there are many out there, and they keep mutating and regenerating and all manner of terrifying multiplications, I want to focus on three of the lesser known, yet very dangerous threats out there.
The first nightmare threat is DNS hijacking. DNS, or Domain Name System, can be considered the phone book of the Internet. It is how your computer knows what you are looking for when you type in youtube.com. It will search for the name to find the corresponding IP address and take you there.
A DNS hijacking attack alters the computer’s settings to either use a DNS server controlled by hackers or ignore DNS altogether. In this way, the attackers gain control over your browsing and redirect you to fraudulent site. Normally, this sites are expertly set up to look like login pages for banks or other important online services, when in fact they are fake and are being used to steal your credentials.
The next boogieman is the fake antivirus. This one is pretty common which speaks to its efficacy. With this threat in effect, the fake antivirus malware will report that the computer has a slew of non-existent threats in an attempt to scare the user into paying for unnecessary product registration and cleanup, or install another malicious software promising to clean the computer. Often a phone number will appear on the screen as the computer screeches to heighten the sense of urgency.
This is commonly known as scareware, for obvious reasons. Usually, the fake antivirus is installed through either malicious or infected websites and quickly seems to present as an online scan, though it is all just animation. Traffic is driven to these sites through either spam containing links or by compromising legitimate websites. Additionally, there is increased effort in attempting to unduly influence search engine results in order to gain targeted traffic from individuals conducting specific searches.
Like all other targeted threats, cybercriminals make these efforts for financial gain, and this one is a money maker. The profits made from this gets reinvested in order to capitalize on the opportunities. Hacking gangs are adept at producing bogus website that are near clones of legitimate institutions at break neck speeds.
Keeping your legitimate antivirus and endpoint security software up to date will keep you safe from these fake antivirus scams. User awareness training regarding these threats will also go a long way.
Lastly, a threat that can cost you tens of thousands in one shot: spearphishing. Spearfishing is laser targeted phishing using spoof emails to influence users within an organization to divulge sensitive information or credentials.
Unlike phishing, which is the execution of a mass-email of random individuals, spearphishing is well targeted and focused to a small, select group, where the target is a single organization. The spoofed emails are created to appear as if they are from another staff member at the same organization, or that of a trusted vendor. They can be used to ask to confirm username or passwords, or even to initiate transfer of funds to a supposed vendor. Links in the email will redirect to a cloned version of the company website, set up to steal credentials, or that of the vendor to add credibility.
All of these are serious threats that can confuse, compromise and cost businesses a great deal. Each one has a method to protect against it, but what they have in common is that they each require acknowledgement. Unlike the boogieman of your childhood, these really do exist and pulling your blanket over your head do much to protect you these days.