The Central Texas IT Guy

Web Development Austin, SEO Austin, Austin Search Engine Marketing, Internet Marketing Austin, Web Design Austin, Roundrock Web Design, IT Support Central Texas, Social Media Central Texas

Category: Security Page 16 of 79

Top 5 Infamous Social Engineering Attack Techniques A Business Should Be Aware Of

By

On March 31, 2022

In Security

What is it that makes Social Engineering harmful to your organization?

Social engineering can be defined as any activity persuading a person or a group of people to do or act on something that isn’t always in their best interests. Criminals using social engineering attacks always attempt to exploit human nature for their vested interests. Unlike the usual black hat hackers who breach systems using technology, these attackers strive to affect victim’s judgement through their verbal and written communication skills.

Social engineering attack techniques that are detrimental to businesses

Cybercriminals utilizing social engineering have a range of approaches, just as they do with other types of cyber assaults. The most infamous and most harmful social engineering attacks having the potential to cripple your businesses are listed here: –

Emails with ransomware or scareware embedded in it – Many top executives and leaders of businesses receive emails containing 3rd-party vendor compliance documents with urgency to download the files. As soon as the files get downloaded, certain malicious scripts get executed in the background without your notice. Now, it doesn’t matter whether you fill and upload the document and send it across to the attacker’s duped email. The attacker has already gained access to your computer by the malicious document sent in your email. Scareware social engineering attacks are aimed to terrify you into complying by bombarding you with false alarms, made-up threats, and “urgent” cautions. Typically, these bogus warnings instruct the victim to download and install specific software in order to eliminate the threat.

Pretexting to gather more information – Attackers impersonate law enforcement agencies, government officials, and likewise, which are otherwise trustworthy entities. They do this to deceive their potential victims into providing their personal information like unique identification numbers, user credentials, bank account details, and likewise. Pretexting can also be used to collect non-harmful information yet PII data, such as your mobile phone number or postal address.

Phishing and its various types – Phishing attacks via emails persuade consumers to click on a malicious link or file in an email. Even the most unskilled cybercriminals can easily locate and acquire phishing kits. These are collections of harmful software used to carry out these sorts of assaults attacks. The attacker intends to send emails to a large number of people in the hopes that some of them will get through spam filters and technological safeguards. A tiny fraction of recipients may fall for the trap if the emails are delivered.

In one example, attackers posing as Microsoft employees sent out emails requesting personal information to “re-authorize” some old Office software. Even down to the business insignia, the request appeared quite plausible.

Attackers can pose as IT department officials and request that you confirm your login by clicking on a link that takes you to a fake “official” page. The website, however, takes your credentials as you arrive. Phishing using phone calls is known as ‘Vishing’, while text message scams are known as ‘Smishing’.

Physical social engineering or Tailgating – The fraudster in this case follows authorized people directly into a protected location, avoiding security precautions like swiping an identity card. This is particularly frequent in organizations that need keycard permission.

Watering hole – The cybercriminal conducts research about the firm or industry they are targeting and uses this knowledge to locate websites they visit, such as discussion boards or forums. This is where the name originates from, attackers locate and prey on the target’s “watering hole.” The attacker then identifies and exploits vulnerabilities in the website in order to inject malware. After then, merely visiting the compromised website would infect visitors with malicious code, potentially granting the attacker access to the victim’s account. Users may not be aware they have been hacked.

Centex Technologies provide state-of-the-art cyber-security solutions for businesses. For more information, contact Centex Technologies at Killeen (254) 213-4740, Dallas (972) 375-9654, Atlanta (404) 994-5074, and Austin (512) 956-5454

What Is A SIM Swap Scam And How Would You Protect Yourself?

By

On March 30, 2022

In Security

The SIM (Subscriber Identity Module) is a tiny integrated circuit card that goes into your phone. It contains multiple identifying numbers and keys that the phone uses to communicate with the mobile phone network. Some mobile handsets have an eSIM, which is a built-in SIM card.

How does an attacker swap the SIM cards?

Many businesses have used 2FA (Two-Factor Authentication) to improve the security while allowing system access. The use of an SMS as the second component is by far the most prevalent. After giving their login and password, the user will be required to input an OTP provided through SMS. The SMS code is the second element. In a SIM-swap attack, the threat actor’s goal is to get possession of a SIM to receive the SMS codes delivered to the victim. This is done with an aim to be successful in bypassing the 2FA system’s protection.

Swapping any Subscriber Identity Module card is a legitimate customer service operation. Hackers take malicious advantage of this. Threat actors using social engineering techniques impersonate the victim to the mobile phone company’s customer service staff. A SIM-swap attack begins with victim research and phishing attempts to obtain the personal information that may be used to effectively impersonate the victim. Hackers often impersonate genuine customers and supply the necessary information by self-help applications or portals to request the SIM swap.

What all can an attacker do after swapping the SIM cards?

Threat actors may be able to acquire access to the targeted users’ email, bank accounts, and social media accounts. This allows them to commit additional fraud as well. Taking control of the SIM may also make it easier to change passwords. They could possibly use the ‘Forgot Password’ function of online accounts that rely exclusively on the supply of a 2FA code through SMS.

How would you ascertain whether a SIM-swap attack is happening with you?

Keep an eye out for the following signs that you are being personally targeted for a SIM-swap attack:

  • Prior to the SIM-swap attack – The threat actor must mimic you, so they may contact you and ask you to exchange codes or SMS messages from your cell phone carrier. They will relay these codes to your telecom service provider to impersonate you to their customer support representatives.
  • During the attack is occurring – Your mobile phone’s network data connection is lost, and you neither receive any phone calls nor any messages via SMS. This is because your mobile phone number has now been transferred to the attacker’s swapped SIM card.
  • After the attacker successfully swapped the SIM(s) – If the attacker modifies sensitive credentials, you lose the account access of your email, bank, and social media accounts. As the thieves continue to mimic you, you notice unexpected transactions on your bank records or unusual behavior on social media.

If you see any of these signs, call your mobile phone provider right away to see if a SIM swap has occurred and to get it reversed. Also, contact your bank to have your online account password changed.

How to prevent SIM-swap attacks from happening?

When selecting a 2FA solution to protect their businesses, Security Managers may avoid SMS-based solutions and instead use a smartphone app. Google or Microsoft Authenticator generates OTP codes on the smartphone and is thus not vulnerable to SMS redirection.

Individuals may defend themselves from SIM-swap attacks by declining to provide any PII data to anyone who calls you claiming to belong to a mobile phone operator. If in doubt, hang up the phone first. Search out your mobile phone company’s contact information, then call back to ask them to confirm why they were calling. Never give out one-time passwords over the phone; they are meant to be typed into web pages or applications. It is advisable to choose an app-based authenticator rather than SMS. Also do not click on links received in SMS messages since it is easy to impersonate the sender of an SMS.

Centex Technologies provide complete IT infrastructure and Cybersecurity solutions for businesses. For more information on how you can protect your systems, contact Centex Technologies at Killeen (254) 213-4740, Dallas (972) 375-9654, Atlanta (404) 994-5074, and Austin (512) 956-5454

Ways To Keep Your Business & Home Networks Secure

By

On February 27, 2022

In Security

The ongoing digital revolution across multiple sectors has been a lucrative target for hackers for the past few decades. Follow these simple yet profound tips to keep your work and home networks secure.

  1. Maintain a CMDB of your entire IT Infrastructure – Businesses are advised to create and maintain a list of their IT assets, hardware, and software in a CMDB (Configuration Management Database). Configuration Management Database helps IT teams to quickly manage and configure the hardware and software assets the business requires. Security frameworks such as ISO, NIST, and even CIS benchmarks are driven by IT Asset CMDBs. An automated system for scanning and finding IT assets, as well as in-depth information on those assets, is your best choice for ensuring your IT asset inventory is up-to-date, accurate, and thorough.
  2. Continuous surveillance and monitoring – IT department must keep track of all the assets as soon as they connect with the enterprise network, as vulnerabilities in them can allow a cyberattack to take place. Asset discovery solutions provide device detection features; allow IT teams to detect and identify rogue and unknown assets across the IT infrastructure. Hence, it also eliminates blind spots. This is especially essential as people connect work laptops to home networks, where a range of unprotected personal and IoT gadgets can act as entry points for malware and fraud.
  3. Update, upgrade and upscale your IT infrastructure – Security disclosures, vulnerability bulletins, and other technology vendor upgrades must all be kept up to date. Unpatched appliances are a typical attack vector for cybercriminals. Organizations have been frequently breached months or years after a patch is released because updates were not implemented as part of a managed program. Keep your software up to date and, if feasible, keep up with all the newest software patches.
  4. Implement access control and IAM (Identity Access Management) – IT Teams can reduce the risk potential as they adopt the principle of least privilege. Here, users are only assigned the permissions they need to do their work tasks. This should also apply to removing access to facilities such as Local Administrator access. Review and restrict the use of highly privileged accounts such as Domain Administrator and Global Administrator.
  5. Securing data from malicious entities as well as disasters – A security compromise can result in data loss and damage; thus regular backups are essential. Backups provide infinite scalability and remove additional infrastructure expenditures. Cloud is an excellent choice for data backup. Predictable storage costs and negligible downtime allow data to be accessed and restored immediately, ensuring business continuity.
  6. Educate and train the people – Let it be your family members at home or your employees, colleagues in the business; educate them all about end-user security awareness. However, the majority of people are unaware of how to see a threat and fail to notice a fraud attempt when they encounter one. You can limit risk and reduce occurrences by educating people about the hazards of cyber-attacks, what to look for, and how to report a probable attack.
  7. Strengthen your Incident response strategies – The best strategy to ensure timely corrective action after facing a cybersecurity incident is to have an IR (Incident Response) plan. Following a breach, a good IR identifies the procedures and actions that the staff should take. The Incident responder also assists in the coordination of resources to quickly restore operations. The incident response plan should specify responsibilities and provide step-by-step technical instructions for repairing the vulnerability. It must also include assessing the damage, recovering any lost or damaged data, and documenting the occurrence. The impact of an event will be minimized and the business will be protected from unnecessary harm and costs if everyone is on the same page with a plan of action and access to a central data repository.

Seek a consult with Centex Technologies for complete IT security audit of your business. Contact at (254) 213 – 4740.

How Would You Protect Your Remote Workforce From Emerging Cyber-attacks?

By

On February 25, 2022

In Security

The pandemic has facilitated, rather than forced, many office workers to work remotely for their individual firms. Professionals working remotely encounter a number of challenges particularly in the arena of cyber security. The onslaught of pandemic has led cyber threat actors to exploit the situation and target those working remotely.

It is advised that businesses and employee undertake the below measures to ensure that their remote working experience is safe and secure:

Security-first environment – When working remotely, it’s critical to choose a physically secure location. The employer or employee has to avoid disclosing any PII (Personal Identifiable Information) when connected online. Remote workers delivering online video conferences and presentations must try to mask their personal surroundings. Malicious actors are continuously on the lookout for PII that is revealed during such video calls. It is also important that other persons in the house do not have access to your laptop and desktop system. Do not use public networks for personal or business purposes.

Securing your Wi-Fi network – Make sure your WiFi Security is set to WPA2 on your Broadband Router. The default credentials across your routers, modems, and cellular WiFi hotspots must be changed. As you are working remotely, it’s a good idea to set up specific Wi-Fi networks. A Host network must be reserved for employees-employers and the Guest network available to the rest of the family. This will allow you to isolate data transmission between WiFi networks and avoid bottlenecks and network clogs.

Remote working communication and collaboration platforms – Employers need to invest in video conferencing apps, cloud-based office suites, and other technologies to be able to operate remotely. As managers and leaders, it is your responsibility to ensure that these tools are safe to use by your employees. You may assess the safety and security of any apps you want your employees to use by working with your IT and Security staff. It’s also crucial to remind your remote workers to update their software applications on a frequent basis to ensure that they have the most up-to-date security updates.

Do not use office equipment for personal use – Employees who have been given work equipment should avoid using it to log into personal social media accounts. Remote workers should not engage in any personal activities of interest on company-issued devices and appliances.

Avoid any suspicious content, emails and chat messages on social media – The pandemic has prompted criminal actors to take advantage of the situation and send phishing emails around the world. They replicate emails from local government officials and containing forms to be filled out with personal information or work-related information. Rather than believing in any random unconfirmed message on social media being propagated by bad actors, pay attention to your local and regional government news broadcasts and laws.

Strengthen the cyber security posture of your organization – Antivirus software alone is no longer sufficient to keep hackers and cyber criminals at bay. You should invest in a complete cybersecurity system that can protect you from all types of malware, frauds, and zero-day assaults.

VPNs must be provided to ensure encrypted and secure transmission of work data – Enable the different security features offered by vendors and OEMs in your devices and use them to protect yourself and your data while working remotely. It is advised to use VPN connections to connect to official applications.

These are just a few of the security options remotely working employers and employees must adopt. While the employees might not be physically protected from the office, employers must ensure to provide them adequate digital security while working remotely.

Centex Technologies provide complete cybersecurity solutions to businesses. For more information, call at (254) 213-4740

The Need For Automated Security Awareness Training

By

On January 31, 2022

In Security

Cybercriminals are skilled at exploiting how firms conduct their daily business operations. While the Covid19 pandemic was at its peak of causing havoc across the world, cyberattacks witnessed a 500 percent surge. As human factor is the weakest link in the entire cybersecurity domain, it is important to conduct Automated Security Awareness trainings to make employees aware of methods on how to safeguard assets from such attacks.

How to plan an automated security awareness campaign?

Fraudsters are excellent strategists, and they build phishing campaigns that are focused on a certain attack approach to increase their success rates. A security awareness campaign should also be planned to be automated over a 12-month period. This strategy should correspond to your employee’s role in planning, managing, and delivering the most relevant parts to the correct audience at the right time. Computerized and automated security awareness training must include the following aspects:

  1. Blogs for upskilling and reskilling
  2. Phishing emails that aren’t real to check employees’ alertness
  3. Online learning that is customized as per business requirements
  4. Surveys and skill-check quizzes to evaluate employees’ security awareness
  5. Risk evaluations and assessments for disaster resiliency of systems and networks
  6. Crucial Security and GRC (Governance, Risk management, and Compliance) Policies

Each of these factors contributes to employees’ gradual awareness of how security approaches and tactics function, as well as how security incidents can occur.

How the leadership will be able to determine the success of such training?

Simulated phishing that is automated and integrated with metrics and feedback cycles is important for training your personnel about phishing and social engineering techniques. These simulations teach your employees how to spot common fraudster tactics. This includes techniques such as BEC (Business Email Compromise), infection through malicious attachments, malicious URLs, spoof sites, and so on. vendor updates the templates used to replicate phishing campaigns on a regular basis to reflect any changes in the phishing landscape. An automated security awareness training provides a vital audit trail of immutable metrics & feedback. Data from the metrics and audit of awareness training across many touchpoints can be sent back into the awareness training to help it improve. These audit trails also aid regulatory defense in the case of a breach or during a compliance examination. Employee reactions to the mock phishing communication are automatically captured as part of the phishing simulation exercise. This generates measurements that reflect how well the training is going and allows the phishing templates to be tailored to improve overall phishing education.

Advantages of automated security awareness training campaigns

All stakeholders in the delivery, management, and end-user experience of cybersecurity awareness training benefit from the automation in the following ways:

  1. Increasing the organization’s resilience to cyberthreats
  2. Assisting in establishing a security-conscious work culture
  3. Procure buy-in and support for cyber security measures
  4. Improving the audit results and showing regulatory compliance
  5. Reducing human error and addressing security concerns
  6. Reducing the time and resources needed to organize an awareness campaign by creating a 12-month calendar of activities, identifying areas of overlap, and identifying user fatigue
  7. Control policies, phishing simulators, eLearning, and surveys from a central location

Automated security awareness training solutions actually do quite more than just impart knowledge; it also develops tangible cyber-hygiene skills and habits in employee staff. Such solutions and services help your company at every stage of improving your corporate security awareness journey. Leadership can envision the entire journey right from goal-setting to results-evaluation through actionable reporting and analytics. Simplified goal-setting, automated learning paths, and practical activities based on real-life circumstances all help participants and training managers achieve effective results and a successful outcome.

Centex Technologies provide state of the art cyber-security and IT systems for enterprises. To discuss requirements for your organization, you may contact at (254) 213 – 4740.

© Copyright 2022 The Centex IT Guy. Developed by Centex Technologies
Entries (RSS) and Comments (RSS)