Archive for March, 2020

Things To Know About Online Coronavirus Scams

The sudden outbreak of Coronavirus infection has taken the world by surprise. In order to fight against the disease, people are trying to keep themselves updated on any news related to the same. However, cybercriminals are using this as an opportunity to lure people into their scams.

Here is a concise guide to help you understand more about online Coronavirus scams:

What Is A Coronavirus Scam?

Coronavirus scams are similar to other malware scams. The attackers trick the users into opening infected documents and files under the pretext of offering more information about the virus. Once a user clicks to open these files, the malware is downloaded and installed.

What Are The Commonly Used Pretexts?

The scammers may pose as healthcare officials and offer information related to symptoms or prevention of the coronavirus infection. Alternatively, some scams use the disguise of documents offering update information on the number of infection cases or death tolls across the globe. The scammers use threat headlines that state the viral infection has spread to the victim’s home city and motivate the victim to enter his details for reading more information.

Some scammers are preying on the people’s willingness to provide support to infected patients. Such scam emails may be titled “URGENT: Coronavirus Spreads – Can we count on your support today?”

How Do These Scams Operate?

There are two main types of scams being launched by cybercriminals: Email scams and website scams.

  • Email Scams: The scammers send out emails that may offer more information about the coronavirus infection or provide a link to donate for supporting the affected patients. In either case, the email includes a disguised link for further information. The link usually starts with ‘HXXP’ instead of ‘HTTP/ HTTPS’. Once the victim clicks on the link, it opens a form or application page. This form is programmed with malicious code to steal personal information and credit card details.
  • Website Scams: A simple example of a website based scam was recently discovered. The website purported to provide an updated number of coronavirus cases on a global map. However, it was embedded with an info-stealer. The code had a hidden file with the name ‘corona.exe’. Further research indicated that this malware is a variant of the malware AzoreUlt.

Irrespective of the mode of infection (email or website), the malware is focused on stealing personal information or gaining remote access to the victim’s computer system.

How To Secure Yourself Against Coronavirus Scams?

  • If you receive an email, check the sender’s email domain and other URLs included in the email to see if they match the name of the organization that the sender claims to be associated with. You should not be clicking on the URLs without verifying the geniunity.
  • Be wary of login pages with unfamiliar URLs.
  • Instead of clicking any hyperlinks provided in the email, copy and paste the URLs into your browser.
  • If any email or website creates a pressure on you to act immediately, refrain from it.

For more information on Online Scams and how to stay alert, call Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Points To Consider While Securing MSPs

PDF Version: Points-To-Consider-While-Securing-MSPs

, , ,

No Comments

Marketing Your Brand In A Cyber-Secure Way

With a rising number of social media users across the globe, social media has become a popular marketing platform among organizations. It allows marketing professionals to reach out to a wide spectrum of customers and customize their campaigns accordingly. Despite an array of benefits offered by social media or digital marketing, businesses need to be very cautious before moving along this path.

Main reason behind the required caution is that social media marketing is susceptible to cyber threats. Lack of thorough consideration and security may lead to damaged brand image, loss of data, alienated customers and financial loss.

Following are some points to consider to market your brand in a cyber-secure way:

Be Cautious Of Who Manages Your Social Accounts: Careless handling of social media accounts can lead to both financial as well as credibility damages. A popular example of social account mishandling is the hacking of the Burger King social media account in 2013. The attackers hacked the twitter account of Burger King and changed its profile picture to McDonald’s logo. You would certainly not want your customers to think of your competitor when viewing your account or advertizement. In addition to harming your reputation, a hacked social media account results in leakage of your customer’s data such as social media username/password. For securing your brand’s accounts, assign a dedicated admin to a social media account, set up a secure password and limit access to intruders.

Careful Posting: Create guidelines for governing social media posting on behalf of your organization. The guidelines should clearly state the kind of content to be shared, the type of wording that can’t be used, and the information that needs to be kept confidential. Also, make sure that any link shared by or to your account is secure. Establish a verification process for every post before uploading it on your social media account.

Manage Vulnerabilities: Make it a point to take care of in-house vulnerabilities. Although social media can act as a gateway for social media hackers, you can stop the hackers if your company has additional security. For managing in-house vulnerabilities, take account of the following steps:

  • Update your firewall and antivirus software regularly.
  • Make sure that your servers are updated and encrypted.
  • Back up your data on an off-shore location or cloud.

Educate your employees on following proper security measures while posting on the company’s social media posts using a mobile device.

To know more about how to keep your applications secure, contact Centex Technologies at (254) 213 – 4740.

, , ,

No Comments

Harnessing The Power Of Identity Management In The Cloud

In order to understand the concept of Identity Management, let us consider a simple scenario. If a user locks himself out of a personal email, he can simply reset the password and log in. The only requirement is that the user has to prove his identity by answering some security questions or through other means like providing OTP (One Time Password) sent by the service on user’s email/ mobile. However, the scenario is not so simple for users in a business environment.

To simplify the process for business users, most of the cloud based applications uses an Identity Management Service, commonly known as IDaaS.

What Is IDaaS?

  • IDaaS stands for Identity-as-a-Service. It is an Identity and Access Management (IAM) service that is offered through the cloud.
  • Organizations use IAM to provide secure access to its employees, contractors, customers, and partners. The main purpose of this system is to verify the identity of the person requesting access.
  • The system uses different ways to confirm identity.
  • Once identity is confirmed, IDaaS provides access to resources depending upon permissions granted.
  • Since IDaaS is deployed on the cloud, user can request secure access irrespective of his location or the device being used by him.

Reasons To Adopt IDaaS:

There are three main reasons that support the increasing adaptation of IDaaS by organizations:

New Capabilities: IDaaS facilitates new capabilities such as Single Sign-On (SSO). This allows business users to access multiple resources using a single login. When any user logs in to an application, IDaaS creates a token. This token is then shared with other applications. Thus, users are not required to sign in repeatedly for individual applications. Other capabilities supported by IDaaS include Security Assertion Markup Language (SAML), OAuth, OpenID Connect (OIDC), etc.

Easy Implementation: Another driving factor behind adapting IDaaS is that it is easy and quick to implement. The hardware required to implement is easily provisioned by the provider and it takes a few weeks or months to implement it. Additionally, in case you are reluctant to switch to IDaaS after trying it for some time, it can be easily uninstalled.

Innovation: Some major hurdles that stop organizations from pursuing innovation are understaffed IT teams, lack of technology, complicated IT infrastructure, etc. IDaaS removes these barriers and allows business organizations to innovate their processes, products, and marketing strategies.

For more information on Identity Management for cloud based solutions, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments