We just seem to be constantly bombarded with malicious attempts to gain access to our data whether it is by email of through other electronic devices there seems to be a tidal wave of threats at present, so here is a brief description of some of the threats.
Email Phishing – The most common threat we see, is generally a mass email attack attempting to gain access to your user details and data, the emails will often look like they come from legitimate sources and will often be made to reflect well-known business emails in an attempt to fool you.
Spear Phishing – This is similar to an Email Phishing attack but is targeted at a much smaller target base, often only a single person that has been identified as a person of influence in a business.
There are a number of variations on this theme, but all are basically trying to gain access to either your username and password or data that you may hold.
We often see where a business email has been spoofed (email address looks correct but has come from a different source) these often are requesting some form of urgent action, usually to do with finances and often with very little detail. We have even seen the asking for iTunes cards to be purchased and the details be sent to the originator of the email.
If your email has been compromised the attacker (or as they are often now referred to the Threat Actor) will most likely monitor your emails and try and identify potential high-value targets and then either use a Man in The Middle or a Spear Phishing attack.
Man in The Middle – is literally as it sounds, messages are read by the attacker without the knowledge of the sender or recipient, sometimes used to introduce malware onto a user’s PC but often used to divert emails in an attempt to extract funds by changing payment details on Invoices or misdirect funds in some other way.
But of course, it doesn’t end there, the above are all email-related, and you are still under attack on your mobile phone and other phone systems.
Vishing – This is scam phone calls, they can be pretending to be from a State or Federal government department (Tax Office, Police State or Federal, etc) or a business that you may legitimately use, like Microsoft or Amazon. Threats for arrest or fines to pay may be the approach or a message saying your payment has been taken and if you have an issue hold and speak to someone, even requests to access your computer to fix an issue (that not only you didn’t know about but doesn’t exist).
A note on the above, Microsoft, The Tax Office, Federal or State Police, and your Bank will not ring you, if you get a call like this hang-up and if you think it may have been a genuine call back on a phone number you can find on the caller’s website, not the number they have called from.
Smishing – this is where you receive an SMS with a link to click on that takes you to either a malicious site or downloads malware onto your device.
I think that is enough for now, have a good day and be aware of those threats.
If you need help with your computers or IT, give us a call on 1300 775 442
We are always happy to help
