Posts Tagged Cyber Attacks

Common Malware Entry Points

View Full Image

, , ,

No Comments

Tips To Reduce Cyber Crime In Inbound Call Centers

Business security is one of the prime priorities for every business and as the number of cyber attacks is on a rise, the cyber security practices have become a necessity. Cyber criminals tend to find weak entry spots for targeting a business. Due to the nature of operations, inbound call centers act as an easy target for cyber criminals. The inbound call centers receive customer calls and acquire customer information to answer their queries. If hackers breech the inbound call system, they can get hold of consumer’s personal information.

Thus, businesses need to be vigilant and take proper steps to secure consumer information. Here are some tips to reduce cyber crime in inbound call centers:

  • Regularly Audit The Environment: Audits are generally overlooked, but regularly auditing the network environment of the call center can help in detecting any intrusion at an early stage. Audits can also help businesses in detecting any vulnerability in the system. A simpler way is to automate the network audit using a remote monitoring and management system (RMM). Also, businesses should consider password audit for all the staff in the inbound call center. This helps in tracking the users with weak or outdated password.
  • Strengthen The Authentication Process: Passwords alone may not be sufficient for proper authentication of users. So, inbound call centers should strengthen the system by incorporating multi-factor authentication.  Also, it is important to backup the authentication data with either a knowledge based, possession based, or inherence based requirement such as having a physical key or smartphone for receiving one-time password.
  • Boost Weak Security Through Automation: A great approach to ensure security of the systems is to automate the security process. A common example is to automate password generation such that the users themselves don’t know their passwords until the time of login. This eliminates the risk of knowingly or unknowingly leak of passwords by the users. This can be achieved by using software such as Password Management System or privileged Identity Management.
  • Secure The Endpoints: Endpoints are highly vulnerable because cyber criminals attack these endpoints to create holes in the network security perimeter. Inbound call centers can use advanced endpoint detection solutions to improve system’s ability to defend itself.

For more information on tips to secure network in inbound call centers, contact Centex Technologies at (254) 213 – 4740.

, , ,

No Comments

5 Reasons For Increased Cyber Security Threats During COVID-19

While the world is busy fighting against COVID-19, there is a section of cyber criminals who are exploiting the situation for lucrative benefits. They are taking advantage of the efforts made by organizations to sustain their operations during this pandemic. The cyber security attacks include phishing attacks, data breach, ransom, etc.

In order to defend your organization against cyber security threats during COVID-19, it is first important to understand the reasons that have resulted in an increase in cyber-attacks. Following are the 5 top reasons:

  • The foremost reason is that the employees are working from their home networks and their personal devices. These networks and devices are usually not updated with latest antivirus or operating system versions. The lack of a properly patched and protected system results in vulnerabilities leading to easy access for hackers.
  • The second reason that has led to an increase in the number of the cyber-attacks is the flow of organizational data. When employees work from their homes, sensitive organizational data travels outside the secure network of the organization. Additionally, while working with this data, employees tend to save it on their personal devices. This allows for easy data theft.
  • The third reason is that employees need to access the organization’s network to complete their work. This remote access may be insecure. Some organizations have already established a VPN for remote access. But again all the employees are not trained to install or use a VPN. Such untrained personnel pose a cyber-security threat when they access the organization’s network. On the contrary, there are some organizations that do not have a VPN setup for remote access. This may cause a cyber-threat of greater magnitude.
  • Fourth reason that has caused a rise in the number of cyber-attacks is an organization’s requirement to keep the employees involved and informed. The regular team meetings that were conducted to discuss the team operations have been replaced by online meetings. Organizations are making use of conference video calls or unique apps like ‘Zoom’ to conduct these meetings. The shift has been hasty and not all the involved employees are aware of how to use these apps securely. Insecure logins, poorly managed user credentials and login via an insecure network are some factors that have led to cyber-attacks such as video call hacking.
  • Fifth reason accounts for unauthorized access to an organization’s funds. The underlying reason is the need of the time to do things differently. A simple example of such an attack is that an employee receives an email from a fake account created on behalf of senior personnel in the organization. The email may instruct the employee to transfer funds to an account in lieu of some organizational purchase. Since employees may not be able to validate such emails, they may end up transferring funds to the hacker’s accounts.

In order to prevent such attacks, the organizations need to educate the employees to update their systems, download antivirus updates, secure their login details, use secure VPN to access the organization’s network and be aware of fake emails.

For more information on cyber security threats during COVID-19, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Data Protection From Malicious VPN Apps

Web users intend to use VPN services with an assumption that VPN keeps their web browsing and personal data safe. However, recent research has thrown light on some vulnerabilities found in common and popular VPN apps.

These vulnerabilities include:

  • Missing encryption of sensitive data.
  • Hard-coded cryptographic keys within the app; thus, even if the data is encrypted, hackers can decrypt it using these keys.
  • Some VPN apps have user privacy breaking bugs such as DNS leaks which expose user DNS queries to their ISPs.

These vulnerabilities of VPN apps allow hackers to intercept user communications including web browsing history, username, passwords, photos, videos, and messages. The privacy breaches include location tracking, access to device status information, use of the camera, microphone access and ability to send SMS secretly. Using these vulnerabilities, hackers can manipulate the users to connect to their malicious VPN servers.

In addition to these vulnerabilities, there are some other concerns associated with free VPN apps:

  • Some free VPN apps sell your bandwidth to paying customers allowing them to use your device’s processing power.
  • Malicious VPN apps incorporate ads that may include malware. These apps may also share the online activity of users to third party marketing professionals.

Some signs that your phone has been affected by malware are:

  • Phone becomes slow.
  • Higher loading time of app.
  • Battery drains faster than usual.
  • Large number of pop-up ads.
  • Unexplainable data usage.

As the number of data breaches is exceeding, it has become important to take necessary measures for safeguarding yourself against malicious VPN apps. Following are some measures that you should take:

  • Check if you have sufficient information about the app developer. Download the VPN apps provided by trusted app developers only.
  • Check the app reviews. You can also search for the app on the search engine to check if there is any controversial news about it.
  • Audit the apps on your phone to check if they were downloaded by you or not.
    Delete apps that you don’t use frequently.
  • Run a malware scan after downloading any app to ensure it is safe.

For more information on ways to protect your data from malicious VPN apps, contact Centex Technologies at (254) 213 – 4740.

, , , , ,

No Comments

Surprising Places Where Hackers Hide

Though most of the businesses follow the basic IT security protocols like using strong passwords, installing updated security solutions and blocking unauthorized access; there is a constant increase in number of hacking instances. Nowadays, hackers utilize diverse mediums to serve as an entry points to infect a system or network and initiate widespread attacks. It is important to be aware of these entry points in order to develop effective cybersecurity strategies.

  1. Off-brand Apps: Some apps may not be available on certain operating systems. Hackers design off-brand apps with similar features and offer them for download on these operating systems. Once a user installs this app, the system is compromised and hackers gain access to his personal data like login details,  photos, videos, etc. An example of such attack is the phishing attack that targeted Snapchat users. Hackers sent a link to users via a compromised account. This link pointed to a mobile site that was designed to look like Snapchat login page. As the users entered their login information, the details were copied and saved by the hackers. The stolen login information including passwords of affected users was then publicly posted on a phishing site.
  2. Home Appliances: Hackers now use home appliances like smart refrigerators to launch an attack. The smart home devices are generally factory configured including a preset password. It is common for users to forget to reset or personalize their password which makes them an easy target for hackers.
  3. Your Car: Most cars are installed with wireless or Bluetooth connectivity. The system enables users to enjoy benefits like keyless entries, remote start, navigation, etc. These features collect data like locations saved in navigation system, location where car is parked and other such vulnerable data. Car manufacturers tie up with third party data storage companies to store this personal information of users. This provides an opportunity for hackers to breach the system and steal the data.
  4. Cash Register: Hackers steal payment card details of customers by using POS Malware. When a card is swiped to make the payment, the payment card data is encrypted. The data is then decrypted in RAM of processing device to complete the payment. POS Malware attacks inefficiently secured systems to steal the payment card details from their RAM. The unencrypted data is then sent to the hacker. Stolen card details are then sold by the hackers.
  5. Fax Machine: The communication protocols of fax machines offer security vulnerabilities that can be used as loopholes by the hackers to launch widespread cyberattacks in organizations. Hackers create a colored jpeg image file coded with any type of malware. The coded image is sent to a target fax device where the image is decoded and saved into fax-printer’s memory. The malware can now spread over any network to which the fax printer is connected.

For more information about cybersecurity risks, call Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments