Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Phishing Prevention. Show all posts
secure QR scanning
Cyber Security cybersecurity tips Phishing Prevention QR code scams QR code security secure QR scanning

How to Identify and Avoid Malicious QR Codes

 

QR codes are widely used for various legitimate purposes, from accessing restaurant menus to making digital payments. However, cybercriminals have found a way to exploit them by overlaying fraudulent QR codes on top of genuine ones. 

These altered codes typically direct users to deceptive websites designed to steal personal information or install malware. Without vigilance, unsuspecting individuals may fall victim to such scams.

Inspect the QR Code for Signs of Tampering

One of the most effective ways to avoid scanning a malicious QR code is by examining it carefully. Fraudsters often place their own QR codes over legitimate ones. If a QR code appears to be stuck over another or seems misaligned, proceed with caution. While not all modified QR codes are fraudulent—restaurants, for instance, may update their codes for new menus—it’s always best to verify before scanning.

Assess the Context Surrounding the QR Code

The environment in which a QR code appears can offer critical clues about its authenticity. If a QR code looks out of place or is presented in an unusual manner, such as an email requesting a scan instead of providing a direct URL, it could be a red flag. Vague messages accompanying QR codes, particularly in emails or promotional materials, may indicate phishing attempts.

Furthermore, QR codes placed in public spaces like bus stops or shopping malls should be approached with skepticism. Scammers often post fake codes in high-traffic areas to trick people into scanning them.

Verify the Website Destination

Fortunately, scanning a malicious QR code does not immediately compromise a device. Before interacting with any website it directs to, analyze the URL carefully. Many QR scanners display the destination URL before opening it—take a moment to check for inconsistencies or suspicious elements.

If a QR code leads to an app download, ensure it redirects to the official Google Play Store or Apple App Store. Cybercriminals often create fake websites mimicking legitimate platforms, tricking users into downloading malware-infected applications. When in doubt, manually search for the app in an official store instead of relying on the QR code.

Use a Secure QR Code Scanner

For added protection, consider using a secure QR code scanner app. Unlike standard scanners, these security-focused apps analyze the code’s destination and alert users to potential threats. For example, the Trend Micro QR code scanner evaluates scanned codes for safety before allowing access to a website or download link.

While QR codes provide convenience, they can also pose security risks. By inspecting QR codes for tampering, assessing their context, verifying their destination, and using secure scanner apps, individuals can significantly reduce the risk of falling victim to scams.
Read more »
Phishing Prevention
Cyber Security cybersecurity risks data security edge computing Gen Z Millennials Multi-factor authentication Phishing Prevention

Cybersecurity Risks and Solutions for Millennials and Gen Z

 

Millennials and Gen Z are the most concerned generations about the risk of cyber attacks on their organizations. They also worry about potentially leaving their organizations vulnerable and feel less prepared to handle such cyber threats. Research from Ernst & Young LLP (EY US) indicates that 53% of US employees are concerned about their organization being targeted by cyber attacks, with 34% worried that their actions might make their organization vulnerable.

Among Millennials and Gen Z, 58% and 64% respectively fear losing their jobs if they leave their organization exposed to a cyber attack. This anxiety can negatively impact cybersecurity, as it may lead to unreported cyber incidents due to fear of repercussions. Considering that 68% of cyber attacks involve a non-malicious human element, such as clicking on a phishing email link, addressing this fear is crucial.

To boost cyber confidence and improve response to cyber attacks, here are five steps to enhance cybersecurity for both individuals and their organizations. Phishing, a common cyber attack method, involves hackers sending deceptive emails to trick recipients into clicking on a link, downloading a file, or performing other actions that compromise security. Variants of phishing include smishing (via text), vishing (via phone call), and quishing (via QR codes).

Phishing attacks leverage psychological tactics to manipulate victims. Knowing how to respond to suspicious texts, emails, or calls is key to preventing these attacks. EY US research found that only 31% of Gen Z employees feel very confident in identifying phishing attempts, compared to 51% of Millennials, indicating a need for better employee training.

Here are some tips to identify and prevent phishing attacks:

1. Don't act immediately: Phishing emails often create a sense of urgency. Even if the email claims you must click a link or download a file, pause and evaluate its legitimacy.
2. Read the message carefully: Look for urgent language, differences from typical emails, grammatical mistakes, or unusual requests, such as resetting passwords or buying gift cards, which are signs of phishing.
3. Check the sender: Hackers may impersonate colleagues or executives. Verify the sender’s email address by hovering over the contact name and comparing it with known details. If unsure, contact the person directly.
4. Check the link: Hover over any links to reveal the actual URL. Be cautious, as hackers can create convincing fake websites. 
5. Report phishing attempts: Reporting suspected phishing attempts helps protect your organization by alerting others to potential threats.

Implementing these strategies can protect both individuals and organizations from phishing attacks.

Set Up Multi-Factor Authentication (MFA)
MFA enhances security by requiring users to verify their identity with a code sent via text, email, or an authentication app. This not only confirms legitimate logins but also alerts the company to unauthorized access attempts. The importance of MFA is highlighted by incidents like the cyber attack on Change Healthcare, where the lack of MFA on a Citrix profile allowed hackers to infiltrate their network. While MFA might not completely prevent cyber attacks, it can significantly delay them and provide early warnings.

Use Strong Passwords
Weak passwords are a common security risk, with research showing that 37% of people have risky workplace security habits and 39% use weak login credentials. Strong passwords are crucial as the first line of defense against unauthorized access. If remembering secure passwords is challenging, using a password manager can help generate and store strong passwords. Some regions, like the UK, are moving towards making weak default passwords illegal, a measure that may extend to workplace security in the future.
Read more »
Tips
Authentication Cloud Defense Cyber Security Fraud MFA Multi-Factor Authentication (MFA) Online phishing Phishing Prevention Prevention Privacy Protection Scams Security Tips

Defend Against Phishing with Multi-Factor Authentication

 

Phishing has been a favored attack vector for threat actors for nearly three decades, and its utilization persists until it loses its effectiveness. The success of phishing largely hinges on exploiting the weakest link in an organization's cybersecurity chain—human behavior.

“Phishing is largely the same whether in the cloud or on-prem[ise], in that it’s exploiting human behavior more than it’s exploiting technology,” said Emily Phelps, director at Cyware.

These attacks primarily aim to pilfer credentials, granting threat actors unfettered access within an organization's infrastructure. Yet, successful cloud-based phishing assaults might be more intricate due to the nuanced ownership of the environment.

Phelps explained that in an on-premise scenario, a compromised ecosystem would be under the jurisdiction of an organization's security and IT team. However, in the cloud—like AWS or Azure—a breached environment is managed by respective organizations yet ultimately owned by Amazon or Microsoft.

Cloud Emerges as the Preferred Phishing Arena

As an increasing number of applications gravitate toward cloud computing, threat actors are unsurprisingly drawn to exploit this realm. Palo Alto Networks Unit 42's report unveiled a staggering 1100% surge in newly identified phishing URLs on legitimate SaaS platforms from June 2021 to June 2022.

The report delineated a tactic where visitors to legitimate web pages are enticed to click a link directing them to a credential-stealing site. By leveraging a legitimate webpage as the principal phishing site, attackers can modify the link to direct victims to a new malicious page, thereby sustaining the original campaign's efficacy.

Cloud applications provide an ideal launchpad for phishing assaults due to their ability to bypass conventional security systems. Cloud-based phishing is further facilitated by the ease of luring unsuspecting users into clicking malevolent email links. Beyond SaaS platforms, cloud applications such as video conferencing and workforce messaging are also being increasingly exploited for launching attacks.

The Role of Phishing-Resistant MFA

Among the most robust defenses against credential-stealing phishing attacks is multifactor authentication (MFA). This approach incorporates several security factors, including something known (like a password), something possessed (such as a phone or email for code reception), and/or something inherent (like a fingerprint). By requiring an additional code-sharing device or a biometric tool for authentication, MFA heightens the difficulty for attackers to breach these security layers.

In the event of a user falling prey to a phishing attack and credentials being compromised, MFA introduces an additional layer of verification inaccessible to threat actors. This may involve SMS verification, email confirmation, or an authenticator app, with the latter being recommended by Phelps.

However, as MFA proves effective against credential theft, threat actors have escalated their strategies to compromise MFA credentials. Phishing remains one of their favored methods, as cautioned by the Cybersecurity and Infrastructure Security Agency (CISA):

"In a widely used phishing technique, a threat actor sends an email to a target that convinces the user to visit a threat actor-controlled website that mimics a company’s legitimate login portal. The user submits their username, password, as well as the 6-digit code from their mobile phone’s authenticator app.”

To counter this, CISA endorses phishing-resistant MFA as a strategy to enhance overall cloud security against phishing attacks. Fast ID Online/WebAuthn authentication stands out as a popular option. It operates through separate physical tokens linked to USB or NFC devices or embedded authenticators within laptops and mobile devices.

An alternative approach, albeit less common, is PKI-based phishing-resistant MFA, employing security-chip embedded smart cards linked to both an organization and the individual user. While highly secure, this method necessitates mature security and identity management systems.

While any form of MFA contributes to safeguarding cloud data against phishing, relying solely on commonly used code-sharing methods falls short. Threat actors have devised ways to manipulate users into revealing these codes, often relying on users' inconsistent MFA setup practices. Adopting phishing-resistant MFA and incorporating multiple layers of authentication offers the utmost security against this prevalent cyber threat.
Read more »
Subscribe to: Posts (Atom)