When it comes to cybercrime, small and mid-sized organizations cannot simply rest on their last update to provide them with enough protection for tomorrow. Cybercrime is constantly changing how it attacks businesses.
We previously detailed how malicious Word documents could infect your systems with Locky, a dangerous form of ransomware. Hackers have had great success with this method and are now equipping documents with different types of malware that can harm your company, according to recent research from Sophos. These dangerous documents either contain embedded files that look like an icon that executes malware when clicked upon or use special coding and have the user enable macros to run the malware.
In order to get a user to download and open the document, cybercriminals are using social engineering techniques via email. These emails can appear to come from other employees, clients, or people who may need to be in contact with your organization such as vendors.
What you can do: For starters, double-check the email address of all senders and scan files in their entirety for anything malicious that may have been embedded. Also, make sure employees know to never enable macros on a Word document.
Long gone are the days of poorly constructed scam emails claiming they would send you thousands of dollars for your personal details. Today’s attacks are sophisticated and appear more authentic than ever before. Hackers will research a business and find out where they are vulnerable. For instance, a company that accepts CVs from potential applicants via email is a prime target for today’s cybercriminals.
They will send the person accepting the CVs a ZIP file or malware-infected document containing their alleged credentials. The unsuspected employee will open the file, infecting the company in the process. Since many people are unaware of this tactic, it has a relatively high success rate.
What you can do: If possible, do not publish email addresses on your company website and avoid accepting documents like CVs as an attachment. If you must solicit information from people you do not know, it’s best to have them copy and paste the text in the body of the email. And, as always, follow best email security practices at all times.
Believe it or not, becoming a cybercriminal is easier than ever before. The online black market, also known as the dark web, is awash with Malware-as-a-Service kits giving individuals all the tools they need to get started as a hacker. No longer does a person have to be a tech wizard to create a program that can harm your IT systems. All they need to do is search online to buy it and then focus on ways to convince users into installing it on their systems.
The people who create malware are talented and continue to develop new threats on a daily basis. And since they now have a marketplace to sell their work, all they have to focus on is creating the technology since others are lining up to buy it. This means businesses now have to deal with advanced technology that is being used by people who specialize in manipulation.
What you can do: Updating security patches, educating employees on the dangers of cybercrime, and putting antivirus and email protection in place is a good start. Having a security expert come in and analyze your systems is also something worth considering.
Want to improve your cyber security? Contact Computer Medic On Call today. We are up-to-date on all the latest cybercrime trends and know how your organization can best protect itself from the growing number of threats.
Computer Medic On Call is committed to bringing you the highest quality computer service available for all of your information and systems needs. Serving in Broward and West Palm Beach in Florida State for IT Support. Our experience provides us with the skills to offer a range of high quality computer services.