Posts Tagged Cyber Security

All About Spoofing Attacks Launched Through Emails

Spoofing is nothing but a form of cyber-attack in which the hackers camouflage their identity. The term spoofing means to deceive or trick and involves presenting a deceptive thing in the right & truthful way. In this, the hackers disguise their identity to beguile the user and inject malware into their systems. The most common way to launch a spoofing attack is through emails.

How Do Cybercriminals Spoof Emails –

The hacker generally spoofs the email address to makes it look genuine. They work on “From” field such that the sender’s name and email address appear to be legitimate & authentic. This is done so that the receiver opens up the mail thereby giving hackers an opportunity to inject virus.

Another high end attack called BEC (Business Email Compromise) is being initiated by the cyber attackers. It is generally targeted towards executives at the top level in order to gain access to their company’s confidential & sensitive information. The primary loophole is in the SMTP (Simple Mail Transfer Protocol) technology, as it does not verify the sender’s email address. Cybercriminals generally use services of a free SMTP server available online to spoof the email address in order to dupe the target user and steal their private & confidential login credentials.

Ways To Spot Spoofed Emails –

  • The best way to spot a spoofed email is by closely looking at the sender’s name and email id. Do not click any link in a mail that has some strange content that you are wary & suspicious of.
  • Gmail provides an additional security feature and allows the user to check ‘mailed-by’ and ‘signed-by’ fields apart from sender’s email id. If the fields are incomplete then there is high probability that the email is spoofed.
  • If the content in the email is strange and weird then ask for a confirmation by replying the email. Now the best part is that the reply you send is directed at the original address. If you get a genuine reply then its fine. Otherwise, you will get to know if the email was fake or genuine.

What To Do If You Detect A Spoofed Email –

  • If you spot a spoofed email then immediately inform your internet service provider.
  • Next change the passwords for all your email accounts.
  • Ensure that you have enabled sender & recipient filtering options.
  • Make sure that you do not respond to any email you receive from that fake email id in future.

How To Prevent A Spoofing Attack –

  • Don’t open emails that do not contain the sender’s name or are sent from an unknown source.
  • Update your system regularly.
  • Install a good anti-virus software.
  • Enable the feature that allows you to filter blank senders.

Other Common Types Of Spoofing –

  • Caller ID spoofing
  • GPS spoofing
  • Referrer spoofing
  • DNS spoofing
  • IP address spoofing

For more information on IT Security, call Centex Technologies at (254) 213-4740.

, ,

No Comments

Safeguard Your Business From Cyber Attacks

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

PDF VERSION: Safeguard Your Business From Cyber Attacks

, ,

No Comments

How Machine Learning and Artificial Intelligence Is Shaping Cyber Security.


VIEW FULL IMAGE

, , ,

No Comments

Medical Identity Theft: Detection And Prevention Tips

20th Nov 2017

Almost all the industries today have integrated online systems into their operations making large amount of personal information being stored in digital form. This has exposed more and more people to identity related frauds.
Medical Identity Theft is the most recent form of identity theft where a person uses somebody else’s medical information without their knowledge. The stolen information such as name, social security number etc. are used to pay for medical treatments as well as for purchasing medical equipment. Fictitious medical records and bills are often submitted to the insurance companies asking for claims. This affects the financial and medical status of a person whose personal information and credentials are stolen.

Who Are Responsible –

  • Hackers – While cyber security professionals are making efforts to avoid cybercrimes yet internet based crimes are taking a toll each day. Hackers illegally steal the medical information and give it to people who masquerade their identity to avail medical facilities and insurance claims.
  • Others – This category may include the hospital staff or fraudulent healthcare providers who steal and sell your medical information to other people who in turn file for false insurance claims. Sometimes, even friends or other family members use it for their advantage.

How To Detect –

  • This theft can be identified by regularly checking your medical bills and transactions. Immediately report the hospital or medical center when you find any suspicious activity that may lead to such an identity theft.
  • If the insurance company denies your claim even when you haven’t used their services for a long time, there are chances that your medical and personal information has been compromised. Sometimes, an insurance claim is accepted by the insurance provider for a medical condition that you have not been diagnosed with. This is the point when you must recheck your records and notify the service provider.

Theft Prevention Tips –

  • Ensure Information Security – The more information you share, the more you are prone to such identity threats. So, try to share as little information as possible to avoid its misuse.
  • Monitoring Medical Records – Do check all your medical records regularly. This will help you to notice any suspicious activity and take a corrective action immediately.
  • Password Protection – Set up unique passwords and credentials for your online accounts to avoid hacking.
  • Phishing Emails – A user sometimes, clicks a phishing email that has legitimate appearance. A malware is then installed in the system that hacks all the important files and information. Try to spot and ignore such emails.
  • Storing The Information – To prevent any internet based crime, it is important to correctly store the records containing sensitive information. Along with storage, it is imperative to dispose them off safely when they become outdated or irrelevant.
  • Avoid Using Public Wi-Fi –Browsing websites through public networks increase the risk for information and identity thefts. Make sure that you do not access sites that require sensitive information on public Wi-Fi.

Hospitals and medical facilities should also have foolproof systems to store patient’s information. It is important for medical institutions to install, and upgrade to latest software and hardware to prevent misuse of patient’s data. Proper protocols and accesses should be implemented in order to keep a track on people accessing patient’s information.

For IT infrastructure and security solutions for medical establishments, contact Centex Technologies at (855) 375 – 9654.

,

No Comments

Key Principles For Efficient Cyber Investigations

28th Sep 2017

Technology has connected people across seven continents and made this world a Global Village. Connectivity has its own benefits but it has brought along the risk of fraud and theft of vital information available on the web. Businesses are increasingly becoming vulnerable to cyber-attacks and the threat looms large for not just the companies that are less equipped to handle it but even the large firms.

As per the Cost of Cyber Crime Study 2017 – Insights On The Security Investments That Make A Difference published by Accenture, a leading global professional services company, The accelerating cost of cybercrime means that it is now 23 percent more than last year and is costing organizations, on average, US$ 11.7 million. Also, Forbes reports that cybercrime will approximately cost $6 trillion per year on average through 2021.

This grave threat accentuates the need of cyber investigation which can help in tackling cyber-crimes to a certain extent. Today, businesses need to be even more diligent towards cybercrimes and conduct cyber investigations to detect and respond to the virtual attacks. Companies can work on it with these simple tips and principles.

  • Understand The Problem – Companies need to have a better understanding on the types of cybercrimes, what causes it and how it can affect them. This can help them gain a better insight as to how they can prevent as well as protect themselves from cyber-attacks by taking a targeted action. They also need to cognize their employees about the possible threats that may arise when a particular site or system is used.
  • Hire A Team Of Specialists – Cyber-attacks detected after months and years can lead to humungous loss. So to ensure regular monitoring and check, hire a team of cyber specialists dedicated to the task of cyber investigation and security to make sure your vital business information is safe.
  • Collect Evidences – Every crime needs to be validated with evidence, so document everything. Documentation presents the entire information, right from the initial findings to ways in which the situation has affected the company, so make sure that no critical information is missed.
  • Combine Human And Machine efforts – Automate the tasks that can be performed by machines and make the professionals work on complex things that require judgement, intuition and dexterity. This is a strategic move that can help in optimization by reducing human effort which can now be channelized towards tasks that cannot be done by machines.
  • Be Pro-Active – Search for the attackers pro-actively. Rapidly hunt for attackers to prevent cybercrime. Always be a step ahead from the cyber attackers.
  • Create a seamless Investigation Workspace – Investigation workspaces allow analysts and investigators to build an attack story as they get to access information from every sensor and can perform network and endpoint forensic.

Thus, with these simple cyber investigation tips, a business can make an effort to protect itself from cyber-crimes. It is high time that we adopt a new approach to cyber security and defense as data breach and loss can be a huge financial and reputation hit to your company.

,

No Comments