Archive for February, 2020

Tech Support Scams: Everything You Need To Know

Tech Support Scams is a million-dollar industry that is known to be existing since 2008 and is at its all-time peak. It targets innocent people into spending hundreds of dollars by tricking them with non-existent computer problems. In order to secure yourself from ever-rising Tech Support Scams, it is important to understand what these scams are and how do they operate.

What Are Tech Support Scams?

Tech support scams trick people by making them believe that their computers have encountered a technical problem. The scammers motivate the victims to make a payment in order to get rid of the problem.

How Do Tech Support Scams Operate?

The tech scammers implement a variety of tricks to target the victim. Following are some of the common ways used by the scammers:

  • Cold Calls From Fake Agents: The scammers operate from discrete locations and call random numbers from a phone directory. The scammers use VoIP technology to hide their actual number and location. They pose as technical agents from software companies such as Microsoft, Windows, etc. They take control of the victim’s computer and send fake error reports. Once the victim is convinced, they collect money for mending the error. The best way to secure yourself against these scams is to ignore such fake calls.
  • Toll-Free Numbers From Fraudulent Tech Support Companies: These companies advertize heavily on popular search engines or heavy traffic websites to build trust and attract customers. Once a customer calls these technicians for a minor service such as software activation, these technicians introduce fake pop-ups on the customer’s computer stating that the system is infected. Thus, the customer ends up paying hundreds of dollars for ‘Windows Support’. In order to protect yourself from such scammers, it is imperative to be careful while choosing a technician or tech support company.
  • Screenlockers: This method has gained popularity recently. The scammers spread malware with the purpose of locking the user out of his own system. The malware poses as an installer for legitimate software. Once installed it may either result in a ‘Blue Screen Of Death’ or show a message that you are using an expired software. In the case of BSOD, the screen will show a few numbers for seeking help. If the message indicates an expired software, it will ask for a license key. The message may include a number and some links for popular remote assistance sites/software such as TeamViewer. The scammers ask the user to install the software and share the access id in lieu of gaining access to rectify your computer’s problem. The underlying motive is to sell you overpriced solutions and ‘service contracts’.

What To Do If You Have Given Access To The Scammers?

In case you have already granted remote access to the scammers, follow these steps to reduce the impact of the scam:

  • Revoke the access or restart your system to expire the session and remove the scammers from your system.
  • Run a malware scan as the scammers may have installed malicious software like password stealers in your system.
  • Change all your passwords and update your security protocol.
  • Run a ‘System Restore’ to restore any missing files or software from your system.

For more information on new Tech Support Scams, call Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Comprehensive Guide To Mobile Data Security

PDF Version: Comprehensive-Guide-To-Mobile-Data-Security

, , , ,

No Comments

Tips For Disaster Recovery Planning After A Cyber Attack

A well-planned cyber-attack can wreak havoc on any business. Although, it is advisable to take precautionary steps in order to avoid such attacks; still, some cyber-attacks can catch your business off-guard. Thus, it is important to have a Disaster Recovery Plan for dealing with the after-effects of any cyber-attack. A Disaster Recovery Plan (DRP) helps in softening the blow of the attack by minimizing the loss. A successful DRP should conduct a thorough Business Impact Analysis (BIA) and Risk Analysis (RA). This will help in determining the business areas that need to be prioritized for security. Also, this will enable you to establish an estimated Recovery Time Objective (RTO).

For drafting an effective DRP, it is important to consider following tips in addition to BIA and RA:

A DRP needs to include all the aspects of the business to ensure that no aspect is left exposed during a tragic event.

  • To begin with, segregate your data as per priority. This will facilitate you in increasing the security of vital data, resources, devices, and systems. Also, you can draft separate recovery plans for critical data that is of sheer importance to your organization.
  • It is advisable to set up a separate ‘safe house’ or satellite location and keep a backup of your data. This will help you in avoiding the loss of business in face of a cyber-attack. However, weigh the cost of setting up a separate location against the loss that will be incurred if the business becomes inoperative during RTO. Consider the cost-effectiveness to make an effective decision.
  • If your business organization has some mobile devices that are not linked to the main server, then formulate an alternative backup plan for these devices. This will ensure that these devices do not have to depend upon the DRP.
  • Make it a point to encourage the individual users to run regular backups for their own safety.

The 5 W’s Of DRP

The 5 W’s of DRP help in developing an accurate contingency plan to maximize the longevity of your business:

Who? In order to create a risk-free environment, make it a point to educate every single user about the DRP. This is the key to ensure the success of your recovery plan. Thus, if any cyber-attack threatens our organization, every user will be able to play his role in the recovery plan efficiently.

What? An organization’s DRP should address what steps would be taken if the business meets with an unfortunate situation. The steps should be clearly laid out and should address diverse situations ranging from damaging cyber-attacks to regular risks of losing staff/vital data.

Where? DRP needs to look ahead of the geographical business location alone. Some other aspects that should be included in the DRP are company vehicles, remote workforce, etc.

Why? It is important to understand why you need a DRP. It is a contingency plan that would help the business sustain if met with a disastrous cyber-attack.

When? A common question is that when do you need to formulate a DRP. The answer is that you should formulate a DRP well in advance so that you are equipped to handle any situation, whenever it arises.

For more information on Disaster Recovery Planning, call Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Understanding New Evasion Techniques Followed By Web Skimmers

Cyber criminals have been stealing the card details of users for years. They have been successful at card skimming, both at server-side and client-side, without attracting much attention. However, some notable breaches in past few years put them under the scrutiny of security researchers. To tackle the situation, the threat actors have employed new evasion techniques to evolve their craft.

In order to safeguard yourself from web skimming attacks, it is important to be aware of following new evasion techniques adopted by the cyber criminals:

  1. Steganography: Steganography is the technique of hiding data directly on the pixel value of an image in such a manner that the effect of data is not visible on the image. First case of using steganography to hide a malicious code was ‘ZeusVM’ in 2014. It was a Zeus banking Trojan that used a beautiful sunset image to hide its configuration data. The technique is now being used by web skimmers to trick the website security and users.A simple example may be of any ecommerce website. An e-commerce website loads numerous images such as logos, product images, offer images, etc. The web skimmers use these images (that attract user clicks such as free shipping banners) to embed their code. On studying the image properties, they may show a ‘Malformed’ message and additional data after normal end of the file. Threat actors use code snippets to load the fake images and parse the website’s JavaScript content via the slice() method.

    It is an easy way to slide past the website security because the web crawlers and scanners tend to focus on HTML and JavaScript while ignoring media files. To protect yourself from skimming acts, scan the source file of any media files downloaded from third party sites.

  2. WebSockets Instead of HTTP: HTTP follows a request and response communication channel to a server and from a client. WebSockets, on the other hand, is a communication protocol that allows streams of data to be exchanged between a client and server over a single TCP connection. It allows a more covert way to exchange data as compared to HTTP. The web skimmers use a skimming code and data exfiltration to launch the attack. The code is obfuscated in the communication in a way that it is concealed from DOM. Once the code is run in the browser, it triggers client handshake request. The request is received by the server controlled by the cyber criminals which responds to it. This establishes the connection between victim client browser and malicious host server. Now the skimming code is downloaded on the victim system and run as JavaScript code.

Centex Technologies provide cyber & network security solutions for businesses.  For more information on new evasion techniques followed by web skimmers, call Centex Technologies at (254) 213 – 4740.

, , , , ,

No Comments