Tag Archives: Cyber Security companies

Black Friday, Cyber Monday, Cyber Security Companies warning of Scam Tuesday

Cyber Security Companies warn customers that Black Friday & Cyber Monday are followed by Scam Tuesday

Black Friday & Cyber Monday are an established part of the sales cycle, rivalling the New Year sales in importance to online commerce.

Cyber Security companies are warning their customers to look out for the increase in criminal activity that invariably follow these events.

While these online events have become increasingly popular the flip side to the flurry of activity around these events is that the efforts of the Cyber-criminals responsible for much of the illicit activities, ransomware, data-breach etc. also peak at these times.

You will almost certainly have seen mail claiming to have details of your compromised credentials and all too frequently they ring scarily true, this is because a high proportion of us have been compromised to a degree.

How do we protect ourselves and our businesses, especially as the next peak for Phishing and Cyber attacks is coming up fast, Christmas and the New Year.

Tamite Secure IT are specialist in helping businesses put together data Security Strategies to combat these threats –

Securing your credentials & dataIT Security Training Breach Detection & Protection.

Cyber Security companies warn customers of Scam Tuesday

Cyber Security companies such as Tamite Secure IT are increasingly concerned by the prevalence of these type of scams; According to an alert published earlier this year by the FBI, Business Email Compromise (BEC) and Email Account Compromise (EAC) have caused $12 billion in losses since October 2013.

Traditionally, social engineering and intrusion techniques have been the most common ways to gain access to business email accounts and dupe individuals to wire funds to an attacker-controlled account.

You and your employees can expect to experience these scenarios:

1. Social engineering and email spoofing: Attackers will use social engineering to pose as a colleague or business partner and send fake requests for information or the transfer of funds.

These emails can be quite convincing as the attacker makes a significant effort to identify an appropriate victim and register a fake domain, so that at first glance the email appears to belong to a colleague or supplier.

2. Account takeover: Attackers use information-stealing malware and keyloggers to gain access to and hijack a corporate email account.

They subsequently use the account to make fraudulent requests to colleagues, accounting departments and suppliers.

They can also alter mailbox rules so that the victim’s email messages are forwarded to the attacker, or emails sent by the attacker are deleted from the list of sent emails.

It is common practice for compromised credentials to be offered on criminal forums, exposed through third-party compromises (British Airways, Equifax, Butlins, Hilton etc, they may even be vulnerable through misconfigured backups and file sharing services.

Email inboxes are also being used not just to request wire transfers, but to steal financially-sensitive information stored within these accounts or to request information from other employees.

with lower barriers to entry for BEC, for the cyber-criminal and more ways to monetize this type of fraud, Cyber Security companies expect this area of fraud to grow.

The uptake of Office 365 by businesses means these credentials present an opportune target, 365 needs to be secured and the data backed up in accordance with best practice recommended by Cyber Security companies.

Here’s how some of the most common scams and attacks work:

Buying and selling compromised credentials:- It’s common for accounts to be shared and sold across criminal forums, the emails of finance departments and CEO/CFOs are sought after commodities.

Getting lucky with previously compromised credentials:- individuals will often reuse passwords across multiple accounts.

A recent study conducted by one of our partners detected more than 33,000 finance department email addresses exposed within a third-party data breach repository 83 percent of which had passwords associated. With many email and password combinations of finance department email accounts already compromised, cybercriminals can and do get lucky.

Searching across misconfigured archives and file stores:- Inboxes, particularly those of finance departments and CEO/CFOs, are replete with financially-sensitive information such as contract scans, purchase orders, and payroll and tax documents.

This information can be used for fraud or re-sold on forums and marketplaces.

The sad reality is that there’s no need to go to a dark web market when sensitive data is available for free on the open web.

Employees and contractors sometimes turn to easy, rather than secure, ways of archiving their emails. A recent study conducted by one of our partners identified that more than 12.5 million email archive files and 50,000 emails that contained “invoice”, “payment” or “purchase order” have been exposed due to unauthenticated or misconfigured file stores.

Protecting your business is what we do, talk to us about how we can help your business avoid becoming another victim of Cyber Crime.