Most people who enjoy the sport of fishing prefer calm waters. Some who enjoy fly fishing prefer fast moving streams. Having lived through three hurricanes, I can assure you that no one wants to fish during a category 3 hurricane. Unfortunately, cyber criminals don’t think like sport fisherman when it comes to their form of phishing. They see opportunity in chaos and execute all out assaults in order to exploit those not using all of their attention span on potential cyber-attacks or fraudulent relief efforts.
Hurricane Florence Scams
You know there is something to worry about when your state Chief Risk Officer is sending out notifications to be wary of cybercrimes when a hurricane approaches. In this case State Chief Information Officer Eric Boyette and State Chief Risk Officer Maria Thompson are urging North Carolinians to be cautious of cybercrime before, during, and after Hurricane Florence as well as offer steps to prevent being taken advantage of by cybercriminals:
“Cyber criminals take advantage of natural disasters such as hurricanes to solicit personal information illegally and to take advantage of vulnerable infrastructures, disaster victims, and volunteers by phishing. Phishing is when a criminal sends out an email, text message, or even a phone call pretending to be a reputable and legitimate source in order to obtain personal information such as credit card and Social Security numbers.
KrebsOnSecurity has done the homework for you in his recent blog titled “Beware of Hurricane Florence Relief Scams” if you are interested in knowing what is potentially a fraudulent site for those wishing to help with Florence Hurricane Relief:
“Here is a Google spreadsheet that tracks some of the domains I’ve been monitoring, including notations about whether the domains are active and if they point to sites that ask for donations. I’ll update this sheet as the days go by; if anyone has any updates to add, please drop a comment below. All of the domains mentioned above have been reported to the Justice Department’s National Center for Disaster Fraud, which accepts tips at email@example.com.”
Phishing Still A Problem
It may sound like a bad pun, but phishing in a hurricane is a reality. Cyber criminals love to take advantage of natural disasters to distract your employees from potential ransomware and phishing attacks, so vigilance is the best bet for . According to Will Yakowicz in his INC article titled “The 3 Biggest Phishing Scams of 2018”:
“Phishing schemes are still one of the most serious threats to companies. Even internet giants like Google and Facebook got duped out of $100 million through an email phishing scheme when a hacker impersonated a computer-parts vendor.
According to the FBI, criminals made off with at least $676 million last year thanks to so-called business email compromise campaigns, which are attacks designed to trick company executives or accounting departments into sending money to fake vendors.”
In fact, just last week it was reported that “Phishing attack breaches 38,000 patient records at Legacy Health” and that while this had started as early as May it wasn’t until just now that it was identified. One of the biggest issues with preventing phishing attacks is the education of your employees, which is why Mimecast has also brought Ataata into the family fold.
Prevention Is The Ideal Protection
At the risk of stating the obvious, prevention is the ideal form of protection. Solebit’s SoleGATE, now part of the Mimecast family, gives you a leg up on preventing malicious entry into your cyber environment. Further enhancing Mimecast’s cyber resilience platform architecture, Solebit provides powerful threat protection to help customers face today’s broad threat landscape with evasion-aware, signature-less technology. SoleGATE uses a static analysis which is faster, more accurate, not OS version dependent and covers 100% of your code, with complete visibility. With SoleGATE, every line of code is evaluated, making Sandbox evasion techniques ineffective. On average, Solebit analysis time is between milliseconds up to a few seconds. Network Sandboxes typically take 5-15 minutes to perform the same analysis.
Using deep inspection and analysis methods, SoleGATE is able to interpret and detect code in real time and immediately block threats from penetrating your organization. DvC™ has no assumptions on threat heuristics and behavior and assumes that there is no legitimate reason for executable code to be present in a data file, it relies solely on identifying code existence on non-executables files. Bottom line is that you will finally have safe content!
Check out this whitepaper on an evasion-proof approach against modern cyber attacks that can keep your content safe. It will outline how to strengthen your cyber defenses dramatically by preventing attacks before they enter and harm your organization, your customers and your brand. Remediation is costly, prevention is not.