October welcomes many great things – cooler weather, pumpkin spiced anything, and one of our favorite holidays – cybersecurity awareness month.
Cybersecurity Awareness Month is the ideal time for IT professionals and CIOs to reflect on the cybersecurity landscape and how it is impacting their organization. Spreading awareness and educating employees is one of the most important aspects of bettering your security. For the month of October, we are hoping to spread awareness of real-life threats, so your employees and organization can better protect themselves. Join in the conversation at #CyberAwarenessMonth.
As if business owners and executives didn’t have enough on their plate, a recent email threat is creeping onto the radars of many. Here at Magna5, we have had many customers report a similar phishing attempt in a matter of a week. This attempt is called the CryptoBlackmail Scam.
A CryptoBlackmail scam is a bit promiscuous, but who doesn’t like a good story right? A threat actor will contact you over email and insist they have evidence, in the form of a video, of you visiting adult sites – there have also been reports of the email stating there is an assassin after the victim. Sobering, right?
To make the problem go away, the threat actor demands payment in the form of cryptocurrency. If you don’t pay, the threat actor threatens to send the video to all your email, social media, and messenger contacts.
Remember, these are empty threats to make people nervous. Unfortunately, people are falling for the scheme. When this threat first surfaced in July 2018, within the first few days one threat actor already made 2.5 BTC, or $15,500 USD.
The most important thing to remember: don’t negotiate with the threat actor, don’t pay, and don’t respond to the email. In fact, don’t open the email if the subject line seems questionable.
Cybercrime is big business, and threat actors will do whatever they can to gain access to information or steal funds. It’s predicted that by 2021, cybercrime will cost the world $6 trillion annually. Ransomware costs alone are expected to peak at $11.5 billion in 2019 – that’s a business attack every 14 seconds.
The fastest growing and number one cybercrime tactic is email. 92.4% of malware is delivered via email according to the Verizon 2018 DBIR. The Symantec 2018 Internet Security Threat Report states that 88% of malicious emails use malware attachments to trick users.
With a single click, your business can be compromised. Your only saving grace when it comes to an email attack is your firewall and email filtering blocking it, or your employees being educated enough to not fall for the scam.
Matt Kimpel, director of IT engineering, Magna5, gives insight, “CryptoBlackmail scams are being seen at a higher rate because it’s simple for the attacker to deploy. They already have the information they need and there is enough return from the sheer volume they send out. It’s a scare tactic. When we see an email that has a password we use or have used, many people truly think they have been hacked and will pay a ransom.”
He continues to say, “I tell our customers to be alert, always review an email and its contents before clicking or responding. If you get a suspicious email, report it to your IT team so they can take the proper action to get it blocked. Always avoid password reuse, use multi-factor authentication options in applications, use a password manager, and if your password has been part of a breach it is always a good practice to change it everywhere you are using it.”
As attacks continue to evolve there will always be some that slip through the cracks of an IT team’s defenses. Not every firewall or spam filter are alike, however, some perform better and/or have better features. Speak with your Magna5 representative if you want information on anywhere you can improve your security.
Stay Vigilant and Happy Cyber Awareness Month!
Don't forget to visit Magna5 at Upcoming Events!
Three Rivers Information Security Symposium
Join Magna5 at the 2018 Three Rivers Security Symposium in Pittsburgh as we join together with other organizations to increase awareness, collaboration, and knowledge among the local security community. The threat landscape is cast and sophisticated; learn how Magna5 managed security services helps organizations battle the landscape for you.