Deciphering Between Hacker Sent & Legitimate Emails

Solutions
NETRIO
Solutions

Managed IT services are essential for the modern organization. As your pace of digital transformation accelerates, your IT infrastructure will grow in both breadth and complexity. It takes a highly skilled team that has expertise in managing complex environments to provide the proactive support model necessary to stay ahead of the demands of the modern workplace.

EXPLORE SOLUTIONS
Managed IT Services

Cybersecurity

Network Operations Center (NOCaaS)

Connectivity

Hardware & Software Procurement

Voice Solutions
Are Managed Services a Good Fit For Your Organization?

We manage IT and technology assets to free up valuable internal resources to lead and deliver on strategic initiatives that advance business goals.

LEARN MORE
Partners
- White Label Partners
- Channel Partners
Why NETRIO?
Resources
- Blog
- Customer Resources
Contact
Book a Consultation
214-888-8500

By: Brian DeVault

Hackers have become very good at what they do. The email chains that they send have become more advanced to the point you believe they are sent from a reputable source. They can have graphics and artwork that look identical to your business and maybe even have the same name as your boss’s email. Do not be fooled and always remember that a legit email will never ask you to enter your password or send sensitive information to them, unless you just did a password reset yourself, in which case you will be expecting this email.

View Video Transcript

Mike Cromwell

Welcome back to Whiteboard Wednesday, folks. Mike Cromwell, your cohost.

Brian DeVault

Brian DeVault.

Mike Cromwell

They’ve gotten pretty advanced these days where emails that look completely legit. I’ve got to the point where I don’t even click on a link in an email.

Brian DeVault

That is a great point. The hackers… the stuff you saw two years ago was like, hey, send me your password, click this link. It was really obvious. Now they’ve got the artwork and the graphics embedded in them. They use these advanced email campaigns. They’ll land an email in your inbox that looks exactly like your service provider would format one. Good rule of thumb is keep in mind your IT people, nor will any reputable software vendor, technology vendor, ever ask you to click a link and type in your password.

Brian DeVault

That will never happen unless you’ve initiated a password reset or something like that. But just a good rule of thumb. If somebody’s asking you for something via email, don’t give it to him.

Mike Cromwell

And it’s even getting into SMS these days. I was talking to an industry colleague who specializes in cybersecurity, telling me about an attack on a fairly large, about a $50 million business where it was through a lot of research, it sounds like, knowing who the people are in the business and then formulating a text message that looked like it was coming from the auditor asking for a certain type of information and they were able to drain a fairly large amount out of their bank account because the information looked legitimate.

Brian DeVault

I heard about a similar one where it was a phishing attempt where somebody got, it looked like an Office 365 password reset. They clicked it, they put their password in, the attacker then went in and then they had list of every contact that they had with phone numbers and everything. So they put themselves as a contact entry in there that said Mike the CEO and then started texting all the colleagues from Mike the CEO, where it appeared as though they were, that was a legitimate contact, asking for them to wire money and do things like that.

Brian DeVault

So yeah, it’s out there. It’s prevalent. It’s happening every day.

Mike Cromwell

So if an employee comes that, it could be it could be a ransomware attack. It could be malware that gets introduced into the environment….

Brian DeVault

Any number of things.

Mike Cromwell

It Could be a number of things. Right? So if you’re a business and you haven’t really done these things, where would you start? And if you start with the assess and test, once you figured out what your current environment is, how quickly can you put a plan in place to check these other boxes here?

Brian DeVault

There’s some timelines associated with this that are a little more lengthy because the time it takes to assess your environment and to train your people and those types of things. But 45 to 60 days, you should be able to implement an end user security awareness training program, especially if you work with an MSP.

Mike Cromwell

Alright, well, thanks for tuning in, folks. Stay tuned for next week. We’re going to go deeper into mobility.

Ransomware/Malware

There are a number of avenues ransomware can take to access a computer. One of the most common delivery systems is phishing, which is spam attachments that come to the victim in an email, disguised as a file they should trust. Once they’re downloaded and opened, they can take over the victim’s computer.

There are several things that malware might do once it’s taken over the victim’s computer, but by far the most common action is to encrypt some or all of the user’s files. The most important thing to know is that at the end of the process, the files cannot be decrypted without a mathematical key known only by the attacker. The user is presented with a message explaining that their files are now inaccessible and will only be decrypted if the victim sends an untraceable Bitcoin payment to the attacker. In some forms of malware, the attacker might claim to be a law enforcement agency shutting down the victim’s computer due to the presence of pornography or pirated software on it, and demanding the payment of a ine, perhaps to make victims less likely to report the attack to authorities.

Phishing Attacks

Scammers use email or text messages to trick you into giving them your personal information. They may try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could gain access to your email, bank, or other accounts. Scammers launch thousands of phishing attacks like these every day and they’re often successful. The FBI’s Internet Crime Complaint Center reported that $57 million was lost in 1 year due to phishing attacks.

Scammers often update their tactics, but there are some signs that will help you recognize a phishing email or text message. Phishing emails and text messages may look like they’re from a company you know or trust. They may look like they’re from a bank, a credit card company, a social networking site, an online payment website or app, or an online store. Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. They may:

Say they’ve noticed some suspicious activity or log-in attempts
Claim there’s a problem with your account or your payment information
Say you must confirm some personal information
Include a fake invoice
Ask you to click on a link to make a payment
Say you’re eligible to register for a government refund
Offer a coupon for free merchandise

Safe Email

With all the sneaky ways hackers attack, it may seem impossible to distinguish between suspicious emails and legitimate messages. However, there is an easy way to tell if email attachments are safe that works the majority of the time. You can tell if an email attachment is safe by assessing the file extension.

A file extension is the three letters that follow the period at the end of the file name. Microsoft has classified several types of dangerous extensions, however only a few are considered safe. These are GIF, JPG or JPEG, TIF or TIFF, MPG or MPEG, MP3 and WAV. These extensions represent different file types and are the formats that the majority of internet users tend to send as email attachments.

If you receive an email, even if it is from a friend or a bank, that does not have one of the file extensions listed above after the file name and subsequent period, you should never open the attachment unless you know for certain that it is legitimate. Other file extensions that are commonly sent as email attachments such as DOC, XLS and TXT, which represent text documents and Excel files, can be infected with the worst computer viruses. However, many users send these types of documents for work-related reasons, and if you know the sender and you are expecting the file or know what it’s about, these attachments should be safe to open as well.

Finally, you should be exceptionally wary of files with double extensions, such as image.gif.exe. The only extension that matters is the last one. In the example above, EXE represents an executable file that will automatically run software upon download. Files with double extensions are almost always deceptive and malicious in intent.

Train Your Staff

Train employees to recognize when phone calls or emails come with red flags that could indicate a hacking attempt. While many of your staff members may realize that anyone who asks for an account password over email is a potential hacker, they may not realize that someone casually inquiring for their date of birth or the name of a spouse could be trying to gain account access. Any information that could be part of an employee password interests a hacker. All a hacker needs to do is guess one staff member’s password, and obtain their work email address, to infiltrate your network.

Your staff should also understand the danger of clicking on a link in a suspicious email. Even if your employee does not complete a form, download an asset, or otherwise take action, following the link alone could expose your business by triggering malicious code. The code can then scan the individual’s computer for sensitive information, passing it along to a hacker.

It’s important to train every staff member on the threat of cyber crime. An attacker may spend weeks researching their target online, creating a phony website, and crafting an email. Busy executives and their personal assistants may unwittingly fall prey to a well-executed hacking attack. Hiring a Managed Service Provider is a great option to assist you with putting a plan in motion to have your entire team on the same page with hacking red flags and set up training for you to ease your workload. If you are interested, call NETRIO at 214-888-8500.

This blog post is part of NETRIO’s weekly Whiteboard Wednesday series. Follow along on Linkedin and YouTube each week as Brian and Mike discuss use cases, new technology, and trends.

NETRIO
Solutions

Are Managed Services a Good Fit For Your Organization?