img not found!

Category IT Security

IT Security

Phishing Emails – Cautionary Tales – Part 1

https://media.licdn.com/dms/image/C4D12AQEvQ_COuNPGQg/article-cover_image-shrink_423_752/0?e=1556150400&v=beta&t=n1OPyqVhcOrRsiJ10LS8YupbnhDcwkHcmas5hphsoc0

9am Monday morning; “Jane” the finance director of a small roofing company turns on her PC, opens her Outlook and spends 5 minutes going through her emails.

5 minutes later her company has lost £8,500.

What happened was a failure on several levels; of procedure, of security and of system. And while the bank’s anti-fraud department was able to recover / cover the lost money, it was a mistake that nearly cost the business and took many months to recover from.

So just how did it happen?

Unfortunately; Jane’s company was something of a poster child of what not to do, their password policy was non-existent, their network security was out of date, and it was standard operating procedure for the managing director to send emails to Jane stating, ‘Please send £X to Y bank account’ without any verification.

Of course, Jane had received an email from her ‘MD’ asking her to transfer £8,500 to an anonymous bank account. The email was not from the MD but ‘spoofed’ to appear to have come from him and with the lack of proper security procedures and technical measures that was all it took.

Another day and another user; “Karen” the accounts manager at a hotel chain, receives a phone call from her contact at the business’ third party accountant firm. Her contact was concerned by the amount of money ‘Karen’ has been asking him to move to unknown accounts recently. Of course, the real Karen had no knowledge of this.

After investigation it transpires that previously; Karen had fallen foul of a phishing attack and been tricked into giving up her email credentials to an unknown party. Without two factor authentication to prevent it, the malicious party went on to read through all her emails, contact the accountant while diverting all responses to themselves and deleting any evidence, and instructing the accountant (as Karen) to transfer £36,000 to an account in the Cayman Islands. Like in Jane’s case due to this being the standard procedure the money was transferred.

Sadly, for Jane and Karen, phishing and scam emails are becoming one of the gravest concerns for moderns SMEs and yet much of the user base is ignorant of both the threat presented and the potential costs. Every day the attacks become more and more complex, increasingly realistic and harder for your average person to spot.

The above examples; while ranging from incredibly simple to technically complex, are still effective because the creator of these attacks rely on human nature. All you can do as a business is to reduce the avenues of attack and to protect the user when they make a mistake.

Once upon a time; the height of scamming was an email from a generous Nigerian Prince (Nigeria does not in-fact have a royal family) wanted to give YOU $50,000 if only you could provide them a measly $1,000 to help facilitate the transfer. Who could say no?!

Like other early scamming attempts, these emails were poorly worded, full of spelling mistakes and typos. While you do still see first generation emails like this in the wider ecosystem, modern anti-spam email filters mean the end user rarely sees them.

Of course, as the email filters and other forms of defence have evolved, so have the attacks become more complex and harder to stop. Additionally, scammers more often use phishing attacks to try and steal customer data and logon credentials rather than extract money directly.

https://media.licdn.com/dms/image/C4D12AQGuGVxTkwWnrg/article-inline_image-shrink_1000_1488/0?e=1556150400&v=beta&t=McjUwaFbeltXX4-lJM3jU5YumEB1SS8Nsxp3Ywfd0cw

Here we have an example of a phishing email from ‘Barclays Bank’. It is a near carbon copy of a legitimate Barclays email; and the only obvious way you can tell it is a fraud is by the hyperlink addresses.

https://media.licdn.com/dms/image/C4D12AQGywa8Z-gYj9g/article-inline_image-shrink_1500_2232/0?e=1556150400&v=beta&t=cR_VFHi_-2-XPN_r71_nihffYuREHQ7KDzxRNYkJ4-s

Once the victim has clicked the link on the fraudulent email, they are often taken to a fake web page similar or identical to the real page; this is where the victim is tricked into giving up their real username and password which the malicious party with then use for their own ends.

C:\Users\ben.TWFINTERNET\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\E1BCF32F.tmp

Ransom emails are very common currently; the attacker doesn’t need to do anything but spoof that the email is from the recipient, they are then relying on the user to be scared into sending the money even though there is no real threat.

Thank you for reading, I hope you found it informative/enjoyable. Next time I will be going through the ways you can secure against the threats faced by a business the Modern Workplace.

Written by Benjamin CutlerMBM Ltd – 12/03/2019

*The above stories are based on real incidents with the affected users’ names / industry changed. Following the incidents, they approached MBM Ltd and their cases were resolved and their security improved.

Cyber Essentials - Protect Your Business
IT Security

Support for Businesses Worried About Cyber Attacks

According to MBM Limited, a Cyber-attack is one of the main IT worries facing businesses today.

However, many companies are not aware that the UK Government has developed a scheme to help businesses implement controls that they can put in place to mitigate risks from common Internet threats. The scheme, called Cyber Essentials, offers basic measures that any type or size of business can implement.

Jason Timmins, technical director at MBM, explains: “Whilst the Cyber Essentials Scheme does not address the more advanced cyber threats, it does provide a very good set of controls to provide basic protection from more common Internet threats.

The Government’s Cyber Essentials scheme covers areas such as firewalls, configuration, user access control, malware protection and patch management. MBM can help businesses identify their IT systems that may be at risk. MBM can complete the self-assessment questionnaire for the company and, if required, assist with the implementation of any actions to ensure the basic cyber security protection is in place.

Jason added: “Companies who gain the formal Cyber Essentials certificate, are demonstrating to their own customers and suppliers that they understand, embrace and have implemented cyber security protection measures and are a cyber secure business.”

For more information about MBM’s Cyber Essentials support service, call 01902 32 44 94, email sales@mbmltd.co.uk or visit https://www.mbmltd.co.uk/it-services/it-security/government-cyber-essentials-scheme

IT Security

How Secure Is Your IT System From Hackers?

Having a firewall, anti-virus and anti-malware in place doesn’t necessarily mean your company’s IT system is secure from hackers.

MBM Penetration Testing

MBM Ltd has launched a new Penetration Testing service that evaluates the security level of a company’s exposed services.

Jason Timmins, technical director at MBM, explains: “External facing systems such as email, intranet and websites are the main areas of exposure for a business. Penetration Testing, also known as a Pen Test, scans these systems as well as a company’s firewall and router and evaluates the levels of security. This test identifies any vulnerabilities or mis-configurations so that solutions can be made to ensure a company improves the security of its IT systems.

MBM offers one-off Penetration Testing or regular tests to help companies manage the security of external facing services.

For more information about MBM’s Penetration Testing service, call 01902 32 44 94 or email sales@mbmltd.co.uk

Our Office Hours

Our Location

contact

Do you have any questions?