We must thank IT virtualization as it led us to cloud technology. Today's IT infrastructures are already running their mission critical business applications on virtual machines. Like the physical infrastructure, virtualization is also cursed with cyber security challenges. This article talks about a typical open source virtualization solution and depicts the steps to secure its.
Phishing is a type of cyber-attack often used to steal user data, including login credentials, credit card information and other very sensitive information. The targets are contacted via emails, telephone or text message by attacker posing as a legitimate user to lure individual into providing very sensitive information. The information can thus be further used by attacker to access important accounts and can result in financial loss and identity theft.
Moreover phishing is also used to gain a foothold in a corporate network as a part of larger attack. Employees are compromised in order to bypass security parameters, distribute malware inside a closed environment, or gain privileged access to secured data.
An organization withstanding to such an attack typically sustain severe financial as well as declining market share, reputation, and consumer trust.
Spear Phishing: When attacker phishing attempt is directed at specific individuals or companies is termed as spear phishing. Phisher identifies their targets (sometimes using information on sites like LinkedIn, Facebook and other social sites) and use spoofed addresses to send emails that could plausibly look like they're coming from co-workers.
Threat Group-4127 (Fancy Bear)used spear phishing tactics to target email accounts linked to Hillary Clinton's 2016 presidential campaign. They attacked more than 1,800 Google accounts and implemented the accounts-google.com domain to threaten targeted users. [Wikipedia]
Whale Phishing (Whaling): Whale phishing, or whaling, is a form of spear phishing directed specifically at senior executives and other high profile targets. Many of these scams target company board members, who are considered particularly vulnerable as they have a great deal of authority within a company, but since they aren't full-time employees, they often use personal emails for business-related correspondence, which doesn't have the protections offered by corporate email.
In 2016, an employee at Snapchat disclosed the company’s entire payroll data to a scammer – the employee had responded to an email that looked to be from the CEO and responded promptly. In another whaling attack, an employee at a commodities firm wired $17.2 million in several installments to a bank in China, as requested by what looked to be emails from the CEO. The company was planning to expand their business into China at the time, so the request seemed plausible enough.[Wikipedia]
In both of those incidents, the victim failed to identify the whaling attack. It’s critical to train executives and staff to be vigilant and on alert for any phishing scams.
Too Good To Be True– To attract people’s attention immediately, lucrative offers and eye catching statements are designed. A lot of them claim that you have won an iPhone, a lottery, or some other lavish prize. Beware! Just don't click on any suspicious emails. If it is too good to be true, it probably is!
Sense of Urgency
A favorite tactic amongst cybercriminals is to create a sense of urgency to make you act fast and not think twice. They will tell you that your account will be closed unless you update your personal details immediately. Most reliable organizations give enough time before they terminate an account and they never ask users to update personal details over the Internet.
HyperlinksA link may not be what you think it is. The link can direct you to phishing site. Hovering over a link sometimes shows you the actual URL where you will be directed upon clicking on it but It could be in some circumstances be overridden by the phisher. Look carefully. For instance , it appears as though the URL (www.yourbank.example.com) will take you to the yourbank site, but it actually is pointing to yourbank section of example website(phishing section).
AttachmentsIf you see an attachment in an email you weren't expecting or that doesn't make sense, never open it! They often contain payloads like ransomware or other viruses. Always keep your antivirus updated and scan the attachment before you open it.
The popular phishing scams trends of 2018:
One of the most common types of personal phishing emails targets users’ accounts on common social media or vendor sites. You’ll get an email that seems to be coming from a noteworthy organization or company (such as Facebook, Apple or Amazon) stating that some issue exists with your account and that you have to sign in to address it. Links within the email take you to a site that masquerades as that company’s authentic site and request your login credentials. As a result, an attacker takes your login credentials for use on that site and to test for reuse on other websites.
Cloud-based file-sharing services like Google Docs, Dropbox and Office365 make business increasingly effective by giving a quick and simple approach to share documents, files and folders across teams. However, the frequency of use and the normality of receiving sudden unexpected documents has made them a prime attack vector for phishers.
A normal phishing attack consists of a link to what appears to be a shared file on Google Docs, Dropbox or some other file-sharing site. In reality, the link will point to a site pretending to be that file-sharing site and requesting a login. This can be utilized by attacker to steal a victim’s credentials or infect the victim’s PC with a malicious file.
Blockchain and cryptocurrency have turned out to be very popular over the last couple of years. In cryptocurrency, an Initial Coin Offering (ICO) sale is a crowdfunding occasion where the creators of a new cryptocurrency ask the public to send them cryptocurrency to help fund development. The developers provide their address on a common cryptocurrency (like Bitcoin) for the money to be sent to.
Docusign is a digital transaction management platform designed to allow people to digitally sign documents, making it easier to sign leases, contracts and other paperwork. Since Docusign notifications of signature requests come from a Docusign email address, people don’t expect them to come from an email address that they recognize and trust. Phishers exploit this by sending messages that originate from a domain that appears to be like the Docusign domain. In the event that you click on the link, it'll request that you sign into your email account to see the document, giving the phisher control of your inbox.
As per Symantec’s 2018 Internet Security Threat Report, fake emails are the primary means by which phishers disguise and distribute malware. By claiming that an attached Office or PDF document is an unpaid invoice and that service will be terminated if it remains unpaid, a phisher increases the likelihood that the target will open it. This type of spear phishing email can be very effective against both individuals (by pretending to be Amazon, Apple and other such retailers) and businesses (by impersonating one of their sellers or providers).
The General Data Privacy Regulation (GDPR) is a European Union (EU) privacy law that became effective May 25th, 2018. This regulation increased the requirements and penalties for the protection of EU citizen data, and many organizations were not prepared for the new regulation. As a result, in early 2018 phishers utilized the guise of giving information or services related to preparing for the regulation as a lure for phishing emails.
Phisher take advantage of people loves getting presents, so they send a fake delivery notification for a package that you have not even ordered. This is one of the older phishing scams out there: An attacker will pretend to be from some mailing service and provide you a link or attachment containing the details of your fake order. When you will click on the link, you’ll be infected with malware or tricked into providing the attacker with your login credentials.
Phishing emails about the US Presidential election were common in 2016’s political campaign. The same trend was seen in Russia’s Presidential election held on March 18th, 2018. Emails asking for participation in public opinion polls were common. In some cases, phishers would promise a reward for participating, motivating people to provide their credit card or bank information. As a result, the attackers were able to transfer money out of the target’s accounts.
Phishers takes advantage of tax seasons. In the weeks and months leading up to tax season, it’s usual to see a sudden increase in the number of phishing emails claiming to originate from the government tax authorities.
These emails typically claim that an individual is delinquent on their taxes and provides an alleged means to fix the issue before extra fines or legal action are sought after. In any case if you follow the instructions in the email, your money goes to the phishers rather than the government.