Tips for Wired Network Security Improvement – Part 2
November 21, 2016Zero-Day Vulnerability and Anti-Exploit Technology
November 30, 2016E-mail remains the predominant form of digital communication, despite the popularity of instant messaging applications. Cyber criminals favor e-mail as the primary method of delivering malware and phishing attacks. The following covers trends in these two internet security threats.
Malware
Malware distribution via e-mail uses social engineering to trick users into opening an attachment or clicking on a link. Attachments posing as legitimate documents exploit vulnerabilities in the software applications used to open files. In addition, malicious links lead users to hacked websites that drop malware into their computers. Targeting banking information for theft, many campaigns of cyber criminals typically use familiar company names in the addresses and bodies of spam e-mails.
Phishing
As time passes, phishing deployment has grown in ease due to the increasing sophistication of cyber criminals. Hackers now create and sell inexpensive phishing kits. Scammers who are not technically skilled can purchase such kits and mount their own phishing campaigns. The stolen data they gather may be used for their own purposes or sold in underground markets.
It may be astonishing, but several large companies have been scammed of millions of dollars through fake wire transfer requests. Employees were deceived into thinking they were authentic through social engineering. The campaigns can be deployed en masse and generic or focused on individuals in finance, legal, and accounting matters. The latter develops relationships and builds trust, supported by reconnaissance and research of the social media profiles and online activity of targets.
E-mail Security Tips
Employees and companies must be aware that although they may not seem to be obvious targets of cyber crime, they are still vulnerable. Individuals and organizations must remain ever vigilant. The following are e-mail security tips to be followed.
For employees:
- Do not open e-mails from unknown senders
- Confirm there is a padlock symbol and encryption certificate on sites before entering sensitive or confidential information.
- Do not use networks that are unsecured when accessing sensitive, financial, or confidential data.
For companies:
- E-mail encryption is deployed wherever possible.
- E-mails are scanned for malware and phishing attacks.
- Web security systems are utilized for blocking access to phishing sites.
Alpha Engineering Business Support
Choosing an expert computer technology-support provider is an important decision for your business. Alpha Engineering Associates has been a trusted partner of many companies in the Washington, Baltimore and Annapolis areas since 1990 and offer:
- 24/7 Managed Services for Business Computing Systems
- Network and Mobile Computing Support
- Disaster Recovery Planning
- Software Development
For affordable client-focused network consulting services and solutions, please call Alpha Engineering Associates today at 410-295-9500.